WebOSINT 🌐

WebOSINT is a Python script to gather (passive) domain intelligence.

Requirements 🐍

• Python 3
• Don't forget to install requirements.txt
• You will be limited in your search requests with the Hacker Target free API, you can purchase a Hacker Target membership and your API here: (https://hackertarget.com/scan-membership/)
• For the WhoisXML API; this is an easy process and free, simply create an account and use the trial 500 free API requests (Once you have used the 500 requests you will need to make a purchase, and if you don't want a yearly or monthly membership you can make one-time payments, 5000 queries for 100,00$ USD or 1000 queries for 30,00$ USD :(https://whois.whoisxmlapi.com)

Running the script with Docker 🐳

docker run -it scorpix06/webosint

Installation ⚙️

git clone https://github.com/C3n7ral051nt4g3ncy/webosint

cd webosint

pip3 install -r requirements.txt

python3 webosint.py

Once the script starts, you won't have much typing to do:

- Domain format example: google.com
- To choose between yes and no: Type Y or y for Yes  |  N or n for No
- Choose between a free search and search with your API Key: Type -F or f for the free search | Type -API or api for the search with your API keys

API Keys 🔑

In the Config.json file, just paste your API Keys inside the quotation marks "API Key" (see photo below)

• It's not an obligation to pay for a Hacker Target API key, you can leave it how it is, just choose the free search by typing -F each time the tool asks you to choose between the Free search and the search using your API key.
• It's an obligation ✅ to get yourself a WhoisXML Api key, this is free (500 searches free), just go to the WhoisXML website and get an account to get your API key: (https://whois.whoisxmlapi.com)
• It's also an obligation ✅ to get yourself a WhoisFreaks Api key, this is free (100 searches free), just go to the WhoisFreaks website and sign up to get your API key: (https://whoisfreaks.com), and by the way, once your 100 free searches are used, you can purchase 5000 API Calls for only 19,00$ USD

Tool Sequence ⛓️

[1]

Checking if the domain is registered

[2]

Get the domain ip address and location data, Version, ASN (Tool updated 16 July 2022, now with double IP verification)

[3]

Reverse ip search to extract all domains with the same ip (HackerTarget free and paid API)

[4]

DNS records with HackerTarget free and Paid API 

[5]

Whois domain information

[6]

Domain CERT (Certificate) search using CRT.SH

[7]

Domain reputation scan with WhoisXML free API

[8]

Subdomain Scanner 

[9]

Historical Whois Search with WhoisFreaks free API (100 Free API Calls)

Terminal Scrollback Buffer 🔣

Be aware that for the reverse IP search using the Hacker Target API, you are going to get a few hundred results for some websites, make sure that your Terminal Scrollback preferences are set to unlimited scrollback so that you can scroll back up to see all results!

Potential Issues and Errors ❌

Before making this repository public, I gave private access to a few people, some were getting an error right at the beginning of the script and websites that were Registered were being shown as Not Registered. Found the problem/issue, some people have both whois and python-whois modules, and they were conflicting with each other. Fixing the issue will be:

pip3 uninstall whois

pip3 uninstall python-whois

Make a clean install:

pip 3 install python-whois

Or simply use virtualenv 🧠

Disclaimer ⚠️

This tool is for the OSINT and Cyber community, don't use it for wrong, immoral, or illegal reasons.

Tool Improvements 🔧

Feel free to contribute and to change some code within the tool, submit a PR (Pull Request), or submit your thoughts here on github in the Webosint discussions

License ⚖️

MIT

Support 💜

If you like this simple Python tool, feel free to donate to my work by clicking on the KO-FI Badge or the BITCOIN Badge at the top of this README.md file, you can also scan my BTC QR Code directly to get my BTC Address.

Mention 🔊

Thank you to Hacker Target for their API and great work which makes this tool possible, thank you also to WHOisXML for their API as they make a free API (500 searches) which provides a great opportunity for the people in the Cyber community, and thanks to Whois Freaksfor their free 100 search API Trial. Thanks to @cipher387/@cyb_detective and to Euler Neto for testing the script before release and finding 2 minor corrections.