Support for SecurityTrails

punk-security / dnsReaper

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

GNU Affero General Public License v3.0

1.93k stars 150 forks source link

Support for SecurityTrails #82

Closed kero3009destiny closed 12 months ago

kero3009destiny commented 1 year ago

SecurityTrails has a powerful free API for reconnaissance, I'm not sure if it fully fits dnsReaper's scope but I think it could be useful.

API documentation is at https://docs.securitytrails.com/docs/overview

SimonGurney commented 1 year ago

Thanks for the comment.

We use the whois python library which is reasonably complete but the suffers from rate limiting issues and doesn't have full tld coverage. Ill test that service for coverage and rate limiting :)

SimonGurney commented 1 year ago

Rate limiting of whois data isn't actually a problem for us so we have no need for integration. If you can think of a use case then please reopen

kero3009destiny commented 1 year ago

My suggestion for SecurityTrails was mostly based on subdomain discovery rather than WHOIS queries

SimonGurney commented 1 year ago

Ah I see, so subdomain enumeration via this API endpoint? https://docs.securitytrails.com/reference/domain-subdomains

We could look to do this. We were already hoping to add a provider for projectdiscovery and project sonar.

I'll reopen