Last active
September 28, 2022 12:44
-
-
Save juljeanpierre/9fbb671e1ce27dd73d5e9c46d274aa2c to your computer and use it in GitHub Desktop.
Footprint, An information-gathering script that allows you to find available information about an URL, host name, IP address or domain, including country, state or province, city, name of the network provider, administrator, and technical-support contact information.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import socket | |
| from ipwhois import IPWhois | |
| from pprint import pprint | |
| from datetime import datetime | |
| from tld import get_fld | |
| from tld.utils import update_tld_names | |
| update_tld_names() | |
| """ ---FOOTPRINT--- | |
| Step 1: Confirm the website is up and active. | |
| Status codes: #200="ok" #301="Moved" #501="Server error" #404="Not Found" | |
| Step 2: lets return the entire header now. | |
| Step 3: Find the IP of the URL. | |
| Step 4: Check the whois data. | |
| Step 5: Checking for open ports [range can be defined] | |
| """ | |
| #Allows you to type in the questionable link | |
| data = input("Enter Your ULR: ") | |
| time = datetime.now() | |
| #Tracking TXT file for every URL used, also include "DATE & TIME"[DONE] | |
| NewNew = open('record_urls.txt', 'a') | |
| NewNew.write("" + data + " | " + str(time)) | |
| NewNew.write("\n") | |
| NewNew.close() | |
| resp = requests.head(data) | |
| output = resp.headers | |
| # "resp.status_code" only returns the code | |
| print("===== \033[1;36mStatus code\033[1;m =========") | |
| print("Status code: ", resp) | |
| print("======= \033[1;36mHeaders\033[1;m ===========") | |
| pprint(output) | |
| print("======= \033[1;36mDomain\033[1;m ============") | |
| #cut out the domain name [get_fld] allows you to pull the full domain name | |
| domain = get_fld(data) | |
| print("Domain:", domain) | |
| print("========= \033[1;36mIP\033[1;m ==============") | |
| #Find the IP of the url | |
| FindIP = (socket.gethostbyname(domain)) | |
| print("IP Address:", FindIP) | |
| print("======== \033[1;36mWHOIS\033[1;m ============") | |
| # Check domain whois info // | |
| host = IPWhois(FindIP) | |
| contact = host.lookup_whois() | |
| # pprint(contact) | |
| pprint(contact['nets']) | |
| print("=" * 27) | |
| print("====== \033[1;36mOpen Ports\033[1;m =========") | |
| remoteServerIP = socket.gethostbyname(FindIP) | |
| # Print a nice banner with information on which host we are about to scan | |
| print("-" * 60) | |
| print("Please wait, scanning remote host for OPEN ports", remoteServerIP) | |
| print("-" * 60) | |
| # Check what time the scan started | |
| t1 = datetime.now() | |
| # Using the range function to specify ports (here it will scans all ports between 1 and 1024) | |
| # We also put in some error handling for catching errors | |
| try: | |
| for port in range(20,443): | |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| socket.setdefaulttimeout(1) | |
| result = sock.connect_ex((remoteServerIP, port)) | |
| if result == 0: | |
| print("Port {}: Open".format(port)) | |
| sock.close() | |
| except KeyboardInterrupt: | |
| print("You pressed Ctrl+C") | |
| sys.exit() | |
| except socket.gaierror: | |
| print('Hostname could not be resolved. Exiting') | |
| sys.exit() | |
| except socket.error: | |
| print("Couldn't connect to server") | |
| sys.exit() | |
| # Checking the time again | |
| t2 = datetime.now() | |
| # Calculates the difference of time, to see how long it took to run the port scan portion of this script | |
| total = t2 - t1 | |
| # Printing the information to screen | |
| print('Scanning Completed in: ', total) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment