一种渗透测试工具,用于解析域和选择性地过滤inscope结果。

resolvr的Python项目详细描述


分辨率

解析域并选择性地筛选范围内结果。在

示例

文件

root@kali:~/.../personal/resolvr$ ./resolvr.py -h
usage: resolvr [-h] [-v] [-q] [-i [INPUT]] [-o [OUTPUT]] [-s [SCOPE]]
               [-O [OUT_OF_SCOPE]] [-n [NO_RESOLVE]]

Resolves domains and optionally filters on in-scope results

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit
  -q, --quiet           surpress extra output
  -i [INPUT], --input [INPUT]
                        input list of domains to test (default stdin)
  -o [OUTPUT], --output [OUTPUT]
                        output filename
  -s [SCOPE], --scope [SCOPE]
                        input list of in-scope address ranges (default *)
  -O [OUT_OF_SCOPE], --out-of-scope [OUT_OF_SCOPE]
                        out of scope hosts output filename
  -n [NO_RESOLVE], --no-resolve [NO_RESOLVE]
                        non-resolved hosts output filename

基本用法

首先,您需要一个可能是目标的域和子域的列表,这些域和子域通常是通过许多子域枚举技术发现的:

^{pr2}$

一般情况下,您需要将此列表输入resolvr,如下所示:

root@kali:~$ resolvr.py -i discovered_subdomains_company.com.txt -o resolvr_results_company.com.txt
                           ___                      
                          /\_ \                     
 _ __    __    ____    ___\//\ \    __  __   _ __   
/\`'__\/'__`\ /',__\  / __`\\ \ \  /\ \/\ \ /\`'__\ 
\ \ \//\  __//\__, `\/\ \L\ \\_\ \_\ \ \_/ |\ \ \/  
 \ \_\\ \____\/\____/\ \____//\____\\ \___/  \ \_\  
  \/_/ \/____/\/___/  \/___/ \/____/ \/__/    \/_/  

                                             v1.0
info: Host company.com resolves to 255.255.255.254
error: Failed to resolve the host dev.company.com
error: Failed to resolve the host wiki.company.com
info: Host host2.company.com resolves to 255.255.255.255
...omitted for brevity...

目标滤波

此外,如果您知道哪些主机在作用域内的确切CIDR范围,您也可以将其输入,这将被考虑在内:

root@kali:~$ cat target_ranges.txt 
255.255.255.255/32

root@kali:~$ resolvr.py -i discovered_subdomains_company.com.txt -o resolvr_results_company.com.txt -s target_ranges.txt 
                           ___                      
                          /\_ \                     
 _ __    __    ____    ___\//\ \    __  __   _ __   
/\`'__\/'__`\ /',__\  / __`\\ \ \  /\ \/\ \ /\`'__\ 
\ \ \//\  __//\__, `\/\ \L\ \\_\ \_\ \ \_/ |\ \ \/  
 \ \_\\ \____\/\____/\ \____//\____\\ \___/  \ \_\  
  \/_/ \/____/\/___/  \/___/ \/____/ \/__/    \/_/  

                                             v1.0
info: Host company.com resolves to 255.255.255.254 but is *not* in scope
error: Failed to resolve the host dev.company.com
error: Failed to resolve the host wiki.company.com
info: Host host2.company.com resolves to 255.255.255.255 and is in scope
...omitted for brevity...

安装

标准

pip3 install resolvr

出血边缘

仅当中心软件包已过期,并且需要安装具有最新功能的最新软件包时,才使用此选项。在

python3 setup.py install

开发

欢迎加入QQ群-->: 979659372 Python中文网_新手群

推荐PyPI第三方库


热门话题
java Android:应用程序崩溃发送putExtra的意图   JNI错误:尝试传递java实例。字符串作为参数   JavaJMockit与静态初始化   java@products@消费意义。。。JSON或者它只是一个字符串   java如何解决在命令提示符中找不到或加载主类错误?   java使用JavaMail API发送带有内联图像的电子邮件   java为什么我不能与Twitter共享内容   jspservlet正在显示java。木卫一。FileNotFoundException:?E:\guru99\test。txt(文件名、目录名或卷标语法不正确)   java如何在单击另一页上的按钮时向表视图添加数据?   java在提交表单数据之后,它显示了以下问题   java Spring启动通知/严重错误后重启   java从数组列表中删除元素   java Spring引导批处理:如何使用CompositeWriter和自定义ItemWriter实现多线程步骤   Spring java代码表单post和重定向到其他服务器