aquatone 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (44) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +12 -0
  3. data/CHANGELOG.md +18 -0
  4. data/Gemfile +4 -0
  5. data/LICENSE.txt +21 -0
  6. data/README.md +168 -0
  7. data/Rakefile +10 -0
  8. data/aquatone.gemspec +29 -0
  9. data/aquatone.js +164 -0
  10. data/bin/console +14 -0
  11. data/bin/setup +8 -0
  12. data/exe/aquatone-discover +129 -0
  13. data/exe/aquatone-gather +55 -0
  14. data/exe/aquatone-scan +76 -0
  15. data/lib/aquatone.rb +43 -0
  16. data/lib/aquatone/assessment.rb +40 -0
  17. data/lib/aquatone/browser.rb +18 -0
  18. data/lib/aquatone/browser/drivers/nightmare.rb +52 -0
  19. data/lib/aquatone/collector.rb +106 -0
  20. data/lib/aquatone/collectors/dictionary.rb +20 -0
  21. data/lib/aquatone/collectors/dnsdb.rb +45 -0
  22. data/lib/aquatone/collectors/gtr.rb +58 -0
  23. data/lib/aquatone/collectors/hackertarget.rb +24 -0
  24. data/lib/aquatone/collectors/netcraft.rb +48 -0
  25. data/lib/aquatone/collectors/shodan.rb +45 -0
  26. data/lib/aquatone/collectors/threatcrowd.rb +25 -0
  27. data/lib/aquatone/collectors/virustotal.rb +24 -0
  28. data/lib/aquatone/command.rb +152 -0
  29. data/lib/aquatone/commands/discover.rb +187 -0
  30. data/lib/aquatone/commands/gather.rb +167 -0
  31. data/lib/aquatone/commands/scan.rb +108 -0
  32. data/lib/aquatone/domain.rb +33 -0
  33. data/lib/aquatone/http_client.rb +5 -0
  34. data/lib/aquatone/key_store.rb +72 -0
  35. data/lib/aquatone/port_lists.rb +36 -0
  36. data/lib/aquatone/report.rb +88 -0
  37. data/lib/aquatone/resolver.rb +47 -0
  38. data/lib/aquatone/thread_pool.rb +31 -0
  39. data/lib/aquatone/url_maker.rb +27 -0
  40. data/lib/aquatone/validation.rb +22 -0
  41. data/lib/aquatone/version.rb +3 -0
  42. data/subdomains.lst +8214 -0
  43. data/templates/default.html.erb +225 -0
  44. metadata +159 -0
data/templates/default.html.erb ADDED
@@ -0,0 +1,225 @@
1
+ <!DOCTYPE html>
2
+ <html lang="en">
3
+ <head>
4
+ <meta charset="utf-8">
5
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
6
+ <meta name="viewport" content="width=device-width, initial-scale=1">
7
+ <title>AQUATONE report for <%=h @domain %> | Page <%=h @page_number + 1 %></title>
8
+ <style type="text/css">
9
+ /*! normalize.css v7.0.0 | MIT License | github.com/necolas/normalize.css */button,hr,input{overflow:visible}audio,canvas,progress,video{display:inline-block}progress,sub,sup{vertical-align:baseline}[type=checkbox],[type=radio],legend{box-sizing:border-box;padding:0}html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,main,menu,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figure{margin:1em 40px}hr{box-sizing:content-box;height:0}code,kbd,pre,samp{font-family:monospace,monospace;font-size:1em}a{background-color:transparent;-webkit-text-decoration-skip:objects}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:bolder}dfn{font-style:italic}mark{background-color:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative}sub{bottom:-.25em}sup{top:-.5em}audio:not([controls]){display:none;height:0}img{border-style:none}svg:not(:root){overflow:hidden}button,input,optgroup,select,textarea{font-family:sans-serif;font-size:100%;line-height:1.15;margin:0}button,select{text-transform:none}[type=reset],[type=submit],button,html [type=button]{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring,button:-moz-focusring{outline:ButtonText dotted 1px}fieldset{padding:.35em .75em .625em}legend{color:inherit;display:table;max-width:100%;white-space:normal}textarea{overflow:auto}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-cancel-button,[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}summary{display:list-item}[hidden],template{display:none}
10
+
11
+ body {
12
+ font-family: Atlas Grotesk Web,helvetica neue,helvetica,arial,sans-serif;
13
+ color: #494a4b;
14
+ background-color: #f5f5f5;
15
+ -webkit-font-smoothing: antialiased;
16
+ -moz-osx-font-smoothing: grayscale;
17
+ overflow-y: scroll;
18
+ }
19
+
20
+ h1,h2,h3,h4,h5,h6 {
21
+ color: #494a4b;
22
+ font-weight: 400;
23
+ }
24
+
25
+ p {
26
+ margin:0 0 1em 0;
27
+ line-height:1.5;
28
+ font-size:17px;
29
+ }
30
+
31
+ p:last-child {
32
+ margin-bottom:0;
33
+ }
34
+
35
+ a {
36
+ color:#111;
37
+ text-decoration:underline;
38
+ }
39
+
40
+ a:hover {}
41
+
42
+ th {
43
+ text-align: left;
44
+ }
45
+
46
+ h1 weak, h2 weak {
47
+ display: block;
48
+ margin-top: 5px;
49
+ }
50
+
51
+ h1.title {
52
+ padding-bottom: 50px;
53
+ }
54
+
55
+ h1 weak {
56
+ font-size: 18px;
57
+ }
58
+
59
+ h2 weak {
60
+ font-size: 14px;
61
+ }
62
+
63
+ .content {
64
+ padding: 0px 20px 0px 20px;
65
+ }
66
+
67
+ .logo {
68
+ background-color: #2a2730;
69
+ color: #99979c;
70
+ margin: 0px 0px 50px 0px;
71
+ font-weight: bold;
72
+ }
73
+
74
+ .logo a {
75
+ color: #99979c;
76
+ }
77
+
78
+ .logo weak {
79
+ font-weight: normal;
80
+ }
81
+
82
+ .pages td {
83
+ text-align: left;
84
+ vertical-align: top;
85
+ }
86
+
87
+ .pages .details {
88
+ padding-left: 20px;
89
+ }
90
+
91
+ .pages td.screenshot, .pages td.details {
92
+ padding-bottom: 100px;
93
+ }
94
+
95
+ .pages .details h2 {
96
+ margin: 0px;
97
+ font-weight: bold;
98
+ }
99
+
100
+ .pages img.screenshot {
101
+ display: block;
102
+ width: 350px;
103
+ border: 1px solid #494a4b;
104
+ }
105
+
106
+ .pages .response-headers {
107
+ margin-top: 20px;
108
+ min-width: 350px;
109
+ border-spacing: 0px;
110
+ border-collapse: collapse;
111
+ }
112
+
113
+ .pages .response-headers tbody {
114
+ font-family: Consolas,Menlo,Monaco,Lucida Console,Liberation Mono,DejaVu Sans Mono,Bitstream Vera Sans Mono,Courier New,monospace,sans-serif;
115
+ }
116
+
117
+ .pages .response-headers td, .pages .response-headers th {
118
+ border-bottom: 1px solid #ccc;
119
+ }
120
+
121
+ .pages .response-headers tr.danger td {
122
+ color: #a94442;
123
+ background-color: #f2dede;
124
+ border-color: #ebccd1;
125
+ }
126
+
127
+ .pages .response-headers tr.success td {
128
+ color: #3c763d;
129
+ background-color: #dff0d8;
130
+ border-color: #d6e9c6;
131
+ }
132
+
133
+ .pagination {
134
+ margin: 50px 0px 50px 0px;
135
+ text-align: center;
136
+ }
137
+
138
+ .pagination a {
139
+ text-decoration: none;
140
+ border: 1px solid #494a4b;
141
+ display: inline-block;
142
+ padding: 10px;
143
+ }
144
+
145
+ .pagination a.disabled {
146
+ cursor: not-allowed;
147
+ opacity: 0.5;
148
+ filter: alpha(opacity=50);
149
+ }
150
+
151
+ .pagination a.previous {
152
+ margin-right: 20px;
153
+ }
154
+
155
+ .pagination a.next {
156
+ margin-left: 20px;
157
+ }
158
+ </style>
159
+ </head>
160
+ <body>
161
+ <pre class="logo">
162
+ <div class="content">
163
+ __
164
+ ____ _____ ___ ______ _/ /_____ ____ ___
165
+ / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
166
+ / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
167
+ \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
168
+ /_/ <weak>report v<%= Aquatone::VERSION %> - by <a href="https://twitter.com/michenriksen" target="_blank">@michenriksen</a></weak>
169
+ </div>
170
+ </pre>
171
+ <div class="content">
172
+ <h1 class="title">
173
+ Report for <strong><%=h @domain %></strong>
174
+ <weak>Generated <%= Time.now.utc.iso8601 %></weak>
175
+ </h1>
176
+
177
+ <table class="pages">
178
+ <% @visit_slice.each do |visit| %>
179
+ <tr>
180
+ <td class="screenshot">
181
+ <a href="../screenshots/<%=h visit[:file_basename] %>.png"><img src="../screenshots/<%=h visit[:file_basename] %>.png" class="screenshot" alt="<%=h visit[:domain] %>" title="<%=h visit[:domain] %>" /></a>
182
+ </td>
183
+ <td class="details">
184
+ <h2>
185
+ <a href="<%=h url(visit[:domain], visit[:port]) %>" target="_blank"><%=h url(visit[:domain], visit[:port]) %></a>
186
+ <weak>
187
+ <a href="../html/<%=h visit[:file_basename] %>.html">source code</a> |
188
+ <a href="../headers/<%=h visit[:file_basename] %>.txt">headers</a> |
189
+ <a href="../screenshots/<%=h visit[:file_basename] %>.png">screenshot</a>
190
+ </weak>
191
+ </h2>
192
+ <table class="response-headers">
193
+ <tbody>
194
+ <tr>
195
+ <th><%=h visit[:status] %></th>
196
+ <th>&nbsp;</th>
197
+ </tr>
198
+ <% visit[:headers].each_pair do |header, value| %>
199
+ <tr class="<%=h header_row_class?(header, value) %>">
200
+ <td><strong><%=h header %></strong></td>
201
+ <td><%=h value %></td>
202
+ </tr>
203
+ <% end %>
204
+ </tbody>
205
+ </table>
206
+ </td>
207
+ </tr>
208
+ <% end %>
209
+ </table>
210
+
211
+ <div class="pagination">
212
+ <% if @link_to_previous_page %>
213
+ <a href="<%=h @previous_page_path %>" class="previous">&#8810; Previous Page</a>
214
+ <% else %>
215
+ <a href="#" class="previous disabled" disabled="disabled">&#8810; Previous Page</a>
216
+ <% end %>
217
+ <% if @link_to_next_page %>
218
+ <a href="<%=h @next_page_path %>" class="next">Next Page &#8811;</a>
219
+ <% else %>
220
+ <a href="#" class="next disabled" disabled="disabled">Next Page &#8811;</a>
221
+ <% end %>
222
+ </div>
223
+ </div>
224
+ </body>
225
+ </html>
metadata ADDED
@@ -0,0 +1,159 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: aquatone
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Michael Henriksen
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2017-06-17 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: httparty
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: 0.14.0
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: 0.14.0
27
+ - !ruby/object:Gem::Dependency
28
+ name: childprocess
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 0.7.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 0.7.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.13'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.13'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '10.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '10.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: minitest
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '5.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '5.0'
83
+ description:
84
+ email:
85
+ - michenriksen@neomailbox.ch
86
+ executables:
87
+ - aquatone-discover
88
+ - aquatone-gather
89
+ - aquatone-scan
90
+ extensions: []
91
+ extra_rdoc_files: []
92
+ files:
93
+ - ".gitignore"
94
+ - CHANGELOG.md
95
+ - Gemfile
96
+ - LICENSE.txt
97
+ - README.md
98
+ - Rakefile
99
+ - aquatone.gemspec
100
+ - aquatone.js
101
+ - bin/console
102
+ - bin/setup
103
+ - exe/aquatone-discover
104
+ - exe/aquatone-gather
105
+ - exe/aquatone-scan
106
+ - lib/aquatone.rb
107
+ - lib/aquatone/assessment.rb
108
+ - lib/aquatone/browser.rb
109
+ - lib/aquatone/browser/drivers/nightmare.rb
110
+ - lib/aquatone/collector.rb
111
+ - lib/aquatone/collectors/dictionary.rb
112
+ - lib/aquatone/collectors/dnsdb.rb
113
+ - lib/aquatone/collectors/gtr.rb
114
+ - lib/aquatone/collectors/hackertarget.rb
115
+ - lib/aquatone/collectors/netcraft.rb
116
+ - lib/aquatone/collectors/shodan.rb
117
+ - lib/aquatone/collectors/threatcrowd.rb
118
+ - lib/aquatone/collectors/virustotal.rb
119
+ - lib/aquatone/command.rb
120
+ - lib/aquatone/commands/discover.rb
121
+ - lib/aquatone/commands/gather.rb
122
+ - lib/aquatone/commands/scan.rb
123
+ - lib/aquatone/domain.rb
124
+ - lib/aquatone/http_client.rb
125
+ - lib/aquatone/key_store.rb
126
+ - lib/aquatone/port_lists.rb
127
+ - lib/aquatone/report.rb
128
+ - lib/aquatone/resolver.rb
129
+ - lib/aquatone/thread_pool.rb
130
+ - lib/aquatone/url_maker.rb
131
+ - lib/aquatone/validation.rb
132
+ - lib/aquatone/version.rb
133
+ - subdomains.lst
134
+ - templates/default.html.erb
135
+ homepage: https://github.com/michenriksen/aquatone
136
+ licenses:
137
+ - MIT
138
+ metadata: {}
139
+ post_install_message:
140
+ rdoc_options: []
141
+ require_paths:
142
+ - lib
143
+ required_ruby_version: !ruby/object:Gem::Requirement
144
+ requirements:
145
+ - - ">="
146
+ - !ruby/object:Gem::Version
147
+ version: '0'
148
+ required_rubygems_version: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
153
+ requirements: []
154
+ rubyforge_project:
155
+ rubygems_version: 2.6.8
156
+ signing_key:
157
+ specification_version: 4
158
+ summary: A tool for domain flyovers.
159
+ test_files: []