Improve intel check with reverse NS Lookup
Opened this issue · 0 comments
JoshuaMart commented
NS input seems to be a good source of data when the company has its own nameserver. The results of SecurityTrails & WhoisXMLAPI should be compared before making an implementation.
For WhoisXMLAPI :
require 'typhoeus'
require 'json'
OPTIONS = {
whoisxmlapi_token: '',
domain: ''
}
def intel(domains, from=1)
response = Typhoeus::Request.get(
"https://reverse-ns.whoisxmlapi.com/api/v1?apiKey=#{OPTIONS[:whoisxmlapi_token]}&ns=#{OPTIONS[:domain]}&from=#{from}"
)
return unless response&.code == 200
response_json = JSON.parse(response.body)
return unless response_json.key?('result')
i = 0
response_json['result'].each do |result|
domains << result['name']
i += 1
end
return unless i == 300
intel(domains, domains.last)
end
domains = []
intel(domains)
File.open("whoisxml_intel.txt", 'w+') do |f|
f.puts(domains)
end