8May/090
More Recon Tools
Sam Spade (by Steve Atkins)
- Network query tool for Windows
- Ping, DNS Lookup, Whois, DNS Zone Transfer, Traceroute, Finger, SMTP Verify, Mirror Website, Check Time, Keep-alive, etc.
Spiderfoot (by Steve Micallef)
- Input domain name(s)
- Crawls website(s) for links and subdomains
- Reverse DNS lookups for IPs of findings + given block(s)
- Whois lookups {www,mail}.domains.{com,us,etc}
- Google searches with SOAP API
BiLE Suite
- BiLE-weigh.pl ($ ./BiLE-weigh.pl [site_of_interest] [BiLE_output.mine]) - Comples weighting algorithm to determine 'related' score
- tld-expand.pl - Over 250 TLDs and does DNS lookup
- vet-IPrange.pl + vet-mx.pl - Are results of previous tools in defined range - (ex. What are the mail-servers for each domain?)
- qtrace.pl - Uses hping to traceroute all target IPs - Outputs hop-by-hop paths to target
BiLE Recon Assembly-Line
BiLE -> Bile-weigh -> tld-expand -> vet-IPrange + vet-mx -> qtrace
BiLE DNS Tools
- Jarf-rev - Input target network range - Output reverse DNS lookups for each address
- Jarf-dnsbrute - Input domain + dictionary - Output DNS lookup for every sub-domain