Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way.
How it work?
Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresses, mails on Ggole, SPF information, etc. After all the information is stored and organized it scans the ports of every IP found using nmap and perform several other security checks. After the ports are found, it uses the tool crawler.py from @vero.valeros, to spider the complete web page of all the web ports found. This tool has the option to download files and find open folders.
python web crawler called “crawler.py”. Its main features are:
+ Crawl http and https web sites.
+ Crawl http and https web sites not using common ports.
+ Uses regular expressions to find ‘href’ and ‘src’ html tag. Also content links.
+ Identifies relative links.
+ Identifies domain related emails.
+ Identifies directory indexing.
+ Uses CTRL-C to stop current crawler stages and continue working.
+ Identifies file extensions (zip, swf, sql, rar, etc.)
+ Download files to a directory:
— Download every important file (images, documents, compressed files).
— Or download specified files types.
— Or download a predefined set of files (like ‘document’ files: .doc, .xls, .pdf, .odt, .gnumeric, etc.).
+ Maximum amount of links to crawl. A default value of 5000 URLs is set.
This extended edition has more features!
– World-domination: You can automatically analyze the whole world! (if you have time)
– Robin-hood: Although it is still in develpment, it will let you send automatically an email to the mails found during scan with the analysis information.
– Robex DNS: With this incredible function, every time you found a DNS servers with Zone Transfer, it will retrieve from the robtex site other domains using that DNS server! It will automatically analyze them too! This can be a never ending test! Every vulnerable DNS server can be used by hundreds of domains, which in turn can be using other vulnerable DNS servers. BEWARE! Domains retrieved can be unrelated to the first one.
+ python 2.7.x
+ python-geoip module
git clone https://github.com/eldraco/domain_analyzer && cd domain_analyzer
python domain_analyzer.py -d 386.edu.ru -b -o