aquatone 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +12 -0
  3. data/CHANGELOG.md +18 -0
  4. data/Gemfile +4 -0
  5. data/LICENSE.txt +21 -0
  6. data/README.md +168 -0
  7. data/Rakefile +10 -0
  8. data/aquatone.gemspec +29 -0
  9. data/aquatone.js +164 -0
  10. data/bin/console +14 -0
  11. data/bin/setup +8 -0
  12. data/exe/aquatone-discover +129 -0
  13. data/exe/aquatone-gather +55 -0
  14. data/exe/aquatone-scan +76 -0
  15. data/lib/aquatone.rb +43 -0
  16. data/lib/aquatone/assessment.rb +40 -0
  17. data/lib/aquatone/browser.rb +18 -0
  18. data/lib/aquatone/browser/drivers/nightmare.rb +52 -0
  19. data/lib/aquatone/collector.rb +106 -0
  20. data/lib/aquatone/collectors/dictionary.rb +20 -0
  21. data/lib/aquatone/collectors/dnsdb.rb +45 -0
  22. data/lib/aquatone/collectors/gtr.rb +58 -0
  23. data/lib/aquatone/collectors/hackertarget.rb +24 -0
  24. data/lib/aquatone/collectors/netcraft.rb +48 -0
  25. data/lib/aquatone/collectors/shodan.rb +45 -0
  26. data/lib/aquatone/collectors/threatcrowd.rb +25 -0
  27. data/lib/aquatone/collectors/virustotal.rb +24 -0
  28. data/lib/aquatone/command.rb +152 -0
  29. data/lib/aquatone/commands/discover.rb +187 -0
  30. data/lib/aquatone/commands/gather.rb +167 -0
  31. data/lib/aquatone/commands/scan.rb +108 -0
  32. data/lib/aquatone/domain.rb +33 -0
  33. data/lib/aquatone/http_client.rb +5 -0
  34. data/lib/aquatone/key_store.rb +72 -0
  35. data/lib/aquatone/port_lists.rb +36 -0
  36. data/lib/aquatone/report.rb +88 -0
  37. data/lib/aquatone/resolver.rb +47 -0
  38. data/lib/aquatone/thread_pool.rb +31 -0
  39. data/lib/aquatone/url_maker.rb +27 -0
  40. data/lib/aquatone/validation.rb +22 -0
  41. data/lib/aquatone/version.rb +3 -0
  42. data/subdomains.lst +8214 -0
  43. data/templates/default.html.erb +225 -0
  44. metadata +159 -0
data/templates/default.html.erb ADDED
@@ -0,0 +1,225 @@
1
+ <!DOCTYPE html>
2
+ <html lang="en">
3
+ <head>
4
+ <meta charset="utf-8">
5
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
6
+ <meta name="viewport" content="width=device-width, initial-scale=1">
7
+ <title>AQUATONE report for <%=h @domain %> | Page <%=h @page_number + 1 %></title>
8
+ <style type="text/css">
9
+ /*! normalize.css v7.0.0 | MIT License | github.com/necolas/normalize.css */button,hr,input{overflow:visible}audio,canvas,progress,video{display:inline-block}progress,sub,sup{vertical-align:baseline}[type=checkbox],[type=radio],legend{box-sizing:border-box;padding:0}html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,main,menu,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figure{margin:1em 40px}hr{box-sizing:content-box;height:0}code,kbd,pre,samp{font-family:monospace,monospace;font-size:1em}a{background-color:transparent;-webkit-text-decoration-skip:objects}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:bolder}dfn{font-style:italic}mark{background-color:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative}sub{bottom:-.25em}sup{top:-.5em}audio:not([controls]){display:none;height:0}img{border-style:none}svg:not(:root){overflow:hidden}button,input,optgroup,select,textarea{font-family:sans-serif;font-size:100%;line-height:1.15;margin:0}button,select{text-transform:none}[type=reset],[type=submit],button,html [type=button]{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring,button:-moz-focusring{outline:ButtonText dotted 1px}fieldset{padding:.35em .75em .625em}legend{color:inherit;display:table;max-width:100%;white-space:normal}textarea{overflow:auto}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-cancel-button,[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}summary{display:list-item}[hidden],template{display:none}
10
+
11
+ body {
12
+ font-family: Atlas Grotesk Web,helvetica neue,helvetica,arial,sans-serif;
13
+ color: #494a4b;
14
+ background-color: #f5f5f5;
15
+ -webkit-font-smoothing: antialiased;
16
+ -moz-osx-font-smoothing: grayscale;
17
+ overflow-y: scroll;
18
+ }
19
+
20
+ h1,h2,h3,h4,h5,h6 {
21
+ color: #494a4b;
22
+ font-weight: 400;
23
+ }
24
+
25
+ p {
26
+ margin:0 0 1em 0;
27
+ line-height:1.5;
28
+ font-size:17px;
29
+ }
30
+
31
+ p:last-child {
32
+ margin-bottom:0;
33
+ }
34
+
35
+ a {
36
+ color:#111;
37
+ text-decoration:underline;
38
+ }
39
+
40
+ a:hover {}
41
+
42
+ th {
43
+ text-align: left;
44
+ }
45
+
46
+ h1 weak, h2 weak {
47
+ display: block;
48
+ margin-top: 5px;
49
+ }
50
+
51
+ h1.title {
52
+ padding-bottom: 50px;
53
+ }
54
+
55
+ h1 weak {
56
+ font-size: 18px;
57
+ }
58
+
59
+ h2 weak {
60
+ font-size: 14px;
61
+ }
62
+
63
+ .content {
64
+ padding: 0px 20px 0px 20px;
65
+ }
66
+
67
+ .logo {
68
+ background-color: #2a2730;
69
+ color: #99979c;
70
+ margin: 0px 0px 50px 0px;
71
+ font-weight: bold;
72
+ }
73
+
74
+ .logo a {
75
+ color: #99979c;
76
+ }
77
+
78
+ .logo weak {
79
+ font-weight: normal;
80
+ }
81
+
82
+ .pages td {
83
+ text-align: left;
84
+ vertical-align: top;
85
+ }
86
+
87
+ .pages .details {
88
+ padding-left: 20px;
89
+ }
90
+
91
+ .pages td.screenshot, .pages td.details {
92
+ padding-bottom: 100px;
93
+ }
94
+
95
+ .pages .details h2 {
96
+ margin: 0px;
97
+ font-weight: bold;
98
+ }
99
+
100
+ .pages img.screenshot {
101
+ display: block;
102
+ width: 350px;
103
+ border: 1px solid #494a4b;
104
+ }
105
+
106
+ .pages .response-headers {
107
+ margin-top: 20px;
108
+ min-width: 350px;
109
+ border-spacing: 0px;
110
+ border-collapse: collapse;
111
+ }
112
+
113
+ .pages .response-headers tbody {
114
+ font-family: Consolas,Menlo,Monaco,Lucida Console,Liberation Mono,DejaVu Sans Mono,Bitstream Vera Sans Mono,Courier New,monospace,sans-serif;
115
+ }
116
+
117
+ .pages .response-headers td, .pages .response-headers th {
118
+ border-bottom: 1px solid #ccc;
119
+ }
120
+
121
+ .pages .response-headers tr.danger td {
122
+ color: #a94442;
123
+ background-color: #f2dede;
124
+ border-color: #ebccd1;
125
+ }
126
+
127
+ .pages .response-headers tr.success td {
128
+ color: #3c763d;
129
+ background-color: #dff0d8;
130
+ border-color: #d6e9c6;
131
+ }
132
+
133
+ .pagination {
134
+ margin: 50px 0px 50px 0px;
135
+ text-align: center;
136
+ }
137
+
138
+ .pagination a {
139
+ text-decoration: none;
140
+ border: 1px solid #494a4b;
141
+ display: inline-block;
142
+ padding: 10px;
143
+ }
144
+
145
+ .pagination a.disabled {
146
+ cursor: not-allowed;
147
+ opacity: 0.5;
148
+ filter: alpha(opacity=50);
149
+ }
150
+
151
+ .pagination a.previous {
152
+ margin-right: 20px;
153
+ }
154
+
155
+ .pagination a.next {
156
+ margin-left: 20px;
157
+ }
158
+ </style>
159
+ </head>
160
+ <body>
161
+ <pre class="logo">
162
+ <div class="content">
163
+ __
164
+ ____ _____ ___ ______ _/ /_____ ____ ___
165
+ / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
166
+ / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
167
+ \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
168
+ /_/ <weak>report v<%= Aquatone::VERSION %> - by <a href="https://twitter.com/michenriksen" target="_blank">@michenriksen</a></weak>
169
+ </div>
170
+ </pre>
171
+ <div class="content">
172
+ <h1 class="title">
173
+ Report for <strong><%=h @domain %></strong>
174
+ <weak>Generated <%= Time.now.utc.iso8601 %></weak>
175
+ </h1>
176
+
177
+ <table class="pages">
178
+ <% @visit_slice.each do |visit| %>
179
+ <tr>
180
+ <td class="screenshot">
181
+ <a href="../screenshots/<%=h visit[:file_basename] %>.png"><img src="../screenshots/<%=h visit[:file_basename] %>.png" class="screenshot" alt="<%=h visit[:domain] %>" title="<%=h visit[:domain] %>" /></a>
182
+ </td>
183
+ <td class="details">
184
+ <h2>
185
+ <a href="<%=h url(visit[:domain], visit[:port]) %>" target="_blank"><%=h url(visit[:domain], visit[:port]) %></a>
186
+ <weak>
187
+ <a href="../html/<%=h visit[:file_basename] %>.html">source code</a> |
188
+ <a href="../headers/<%=h visit[:file_basename] %>.txt">headers</a> |
189
+ <a href="../screenshots/<%=h visit[:file_basename] %>.png">screenshot</a>
190
+ </weak>
191
+ </h2>
192
+ <table class="response-headers">
193
+ <tbody>
194
+ <tr>
195
+ <th><%=h visit[:status] %></th>
196
+ <th>&nbsp;</th>
197
+ </tr>
198
+ <% visit[:headers].each_pair do |header, value| %>
199
+ <tr class="<%=h header_row_class?(header, value) %>">
200
+ <td><strong><%=h header %></strong></td>
201
+ <td><%=h value %></td>
202
+ </tr>
203
+ <% end %>
204
+ </tbody>
205
+ </table>
206
+ </td>
207
+ </tr>
208
+ <% end %>
209
+ </table>
210
+
211
+ <div class="pagination">
212
+ <% if @link_to_previous_page %>
213
+ <a href="<%=h @previous_page_path %>" class="previous">&#8810; Previous Page</a>
214
+ <% else %>
215
+ <a href="#" class="previous disabled" disabled="disabled">&#8810; Previous Page</a>
216
+ <% end %>
217
+ <% if @link_to_next_page %>
218
+ <a href="<%=h @next_page_path %>" class="next">Next Page &#8811;</a>
219
+ <% else %>
220
+ <a href="#" class="next disabled" disabled="disabled">Next Page &#8811;</a>
221
+ <% end %>
222
+ </div>
223
+ </div>
224
+ </body>
225
+ </html>
metadata ADDED
@@ -0,0 +1,159 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: aquatone
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Michael Henriksen
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2017-06-17 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: httparty
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: 0.14.0
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: 0.14.0
27
+ - !ruby/object:Gem::Dependency
28
+ name: childprocess
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 0.7.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 0.7.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.13'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.13'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '10.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '10.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: minitest
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '5.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '5.0'
83
+ description:
84
+ email:
85
+ - michenriksen@neomailbox.ch
86
+ executables:
87
+ - aquatone-discover
88
+ - aquatone-gather
89
+ - aquatone-scan
90
+ extensions: []
91
+ extra_rdoc_files: []
92
+ files:
93
+ - ".gitignore"
94
+ - CHANGELOG.md
95
+ - Gemfile
96
+ - LICENSE.txt
97
+ - README.md
98
+ - Rakefile
99
+ - aquatone.gemspec
100
+ - aquatone.js
101
+ - bin/console
102
+ - bin/setup
103
+ - exe/aquatone-discover
104
+ - exe/aquatone-gather
105
+ - exe/aquatone-scan
106
+ - lib/aquatone.rb
107
+ - lib/aquatone/assessment.rb
108
+ - lib/aquatone/browser.rb
109
+ - lib/aquatone/browser/drivers/nightmare.rb
110
+ - lib/aquatone/collector.rb
111
+ - lib/aquatone/collectors/dictionary.rb
112
+ - lib/aquatone/collectors/dnsdb.rb
113
+ - lib/aquatone/collectors/gtr.rb
114
+ - lib/aquatone/collectors/hackertarget.rb
115
+ - lib/aquatone/collectors/netcraft.rb
116
+ - lib/aquatone/collectors/shodan.rb
117
+ - lib/aquatone/collectors/threatcrowd.rb
118
+ - lib/aquatone/collectors/virustotal.rb
119
+ - lib/aquatone/command.rb
120
+ - lib/aquatone/commands/discover.rb
121
+ - lib/aquatone/commands/gather.rb
122
+ - lib/aquatone/commands/scan.rb
123
+ - lib/aquatone/domain.rb
124
+ - lib/aquatone/http_client.rb
125
+ - lib/aquatone/key_store.rb
126
+ - lib/aquatone/port_lists.rb
127
+ - lib/aquatone/report.rb
128
+ - lib/aquatone/resolver.rb
129
+ - lib/aquatone/thread_pool.rb
130
+ - lib/aquatone/url_maker.rb
131
+ - lib/aquatone/validation.rb
132
+ - lib/aquatone/version.rb
133
+ - subdomains.lst
134
+ - templates/default.html.erb
135
+ homepage: https://github.com/michenriksen/aquatone
136
+ licenses:
137
+ - MIT
138
+ metadata: {}
139
+ post_install_message:
140
+ rdoc_options: []
141
+ require_paths:
142
+ - lib
143
+ required_ruby_version: !ruby/object:Gem::Requirement
144
+ requirements:
145
+ - - ">="
146
+ - !ruby/object:Gem::Version
147
+ version: '0'
148
+ required_rubygems_version: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
153
+ requirements: []
154
+ rubyforge_project:
155
+ rubygems_version: 2.6.8
156
+ signing_key:
157
+ specification_version: 4
158
+ summary: A tool for domain flyovers.
159
+ test_files: []