Domain Analyzer
Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way.
Domain analyzer takes a domain name and finds information about it, like its DNS servers, mail servers, IP addresses, mails, SPF information, etc. Also, it can scan the ports of every IP found using nmap and perform several other security checks.
Current version is 0.5 and the main features are:
Most of these features can be deactivated.
Domain analyzer takes a domain name and finds information about it, like its DNS servers, mail servers, IP addresses, mails, SPF information, etc. Also, it can scan the ports of every IP found using nmap and perform several other security checks.
Current version is 0.5 and the main features are:
- It creates a directory with all the information, including nmap output files.
- It uses colors to remark important information on the console.
- It detects some security problems like host name problems, unusual port numbers and zone transfers.
- It is heavily tested and it is very robust against DNS configuration problems.
- It uses nmap for active host detection, port scanning and version information (including nmap scripts).
- It searches for SPF records information to find new hostnames or IP addresses.
- It searches for reverse DNS names and compare them to the hostname.
- It prints out the country of every IP address.
- It creates a PDF file with results.
- It automatically detects and analyze sub-domains!
- It searches for domains emails.
- It checks the 192 most common hostnames in the DNS servers.
- It checks for Zone Transfer on every DNS server.
- It finds the reverse names of the /24 network range of every IP address.
- It finds active host using nmap complete set of techniques.
- It scan ports using nmap.
- It searches for host and port information using nmap.
- It automatically detects web servers used.
- It crawls every web server page using our crawler.py tool. See the description below.
- It filters out hostnames based on their name.
- It pseudo-randomly searches N domains in google and automatically analyze them!
- Uses CTRL-C to stop current analysis stage and continue working.
- It can read an external file with domain names and try to find them on the domain.
Most of these features can be deactivated.
Crawler
We developed a separate python web crawler called "crawler.py". Its main features are:
- Crawl http and https web sites.
- Crawl http and https web sites not using common ports.
- Uses regular expressions to find 'href' and 'src' html tag. Also content links.
- Identifies relative links.
- Identifies domain related emails.
- Identifies directory indexing.
- Detects references to URLs like 'file:', 'feed=', 'mailto:', 'javascript:' and others.
- Uses CTRL-C to stop current crawler stages and continue working.
- Identifies file extensions (zip, swf, sql, rar, etc.)
- Download files to a directory:
- Download every important file (images, documents, compressed files).
- Or download specified files types.
- Or download a predefined set of files (like 'document' files: .doc, .xls, .pdf, .odt, .gnumeric, etc.).
- Maximum amount of links to crawl. A default value of 5000 URLs is set.
- Follows redirections using HTML and JavaScript Location tag and HTTP response code.
Installation
Just untar the .tar.gz file and copy the python files to the /usr/bin/ directory. Domain_analyzer needs to be run as root. The crawler can be run as a non-privileged user.
If you have any question, please send us an email! They are in the python files.
If you have any question, please send us an email! They are in the python files.
Screenshots
Web repercusions
Download
See the attachments below. Also at Sourceforge!
domain_analyzer_v0.8.tar.gz | |
File Size: | 42 kb |
File Type: | gz |