domsniper 0.1.0

package/src/core/features/asn-lookup.ts

@@ -0,0 +1,91 @@
+import { execFile } from "child_process";
+import { promisify } from "util";
+import { assertValidDomain } from "../validate.js";
+
+const execFileAsync = promisify(execFile);
+
+export interface AsnResult {
+  domain: string;
+  ip: string | null;
+  asn: string | null;
+  asnName: string | null;
+  org: string | null;
+  country: string | null;
+  city: string | null;
+  region: string | null;
+  isp: string | null;
+  error: string | null;
+}
+
+export async function lookupAsn(domain: string): Promise<AsnResult> {
+  assertValidDomain(domain);
+
+  const result: AsnResult = {
+    domain, ip: null, asn: null, asnName: null,
+    org: null, country: null, city: null, region: null, isp: null, error: null,
+  };
+
+  try {
+    // Resolve IP
+    try {
+      const { stdout } = await execFileAsync("dig", ["+short", domain, "A"], { timeout: 5000 });
+      result.ip = stdout.trim().split("\n")[0] || null;
+    } catch {}
+
+    if (!result.ip) {
+      result.error = "Could not resolve IP";
+      return result;
+    }
+
+    // Use ip-api.com (free, 45 req/min, no key needed)
+    try {
+      const resp = await fetch(
+        `http://ip-api.com/json/${encodeURIComponent(result.ip)}?fields=status,country,regionName,city,isp,org,as,asname`,
+        { signal: AbortSignal.timeout(8000) }
+      );
+      const data = await resp.json() as {
+        status?: string;
+        country?: string;
+        regionName?: string;
+        city?: string;
+        isp?: string;
+        org?: string;
+        as?: string;
+        asname?: string;
+      };
+
+      if (data.status === "success") {
+        result.country = data.country || null;
+        result.region = data.regionName || null;
+        result.city = data.city || null;
+        result.isp = data.isp || null;
+        result.org = data.org || null;
+        result.asn = data.as || null;
+        result.asnName = data.asname || null;
+      }
+    } catch {}
+
+    // Fallback: DNS-based ASN lookup via Team Cymru
+    if (!result.asn && result.ip) {
+      try {
+        const reversed = result.ip.split(".").reverse().join(".");
+        const { stdout } = await execFileAsync(
+          "dig", ["+short", `${reversed}.origin.asn.cymru.com`, "TXT"],
+          { timeout: 5000 }
+        );
+        const txt = stdout.trim().replace(/"/g, "");
+        // Format: "ASN | IP/Prefix | CC | Registry | Date"
+        const parts = txt.split("|").map((p) => p.trim());
+        if (parts.length >= 3) {
+          result.asn = parts[0] ? `AS${parts[0]}` : null;
+          result.country = parts[2] || null;
+        }
+      } catch {}
+    }
+
+    return result;
+  } catch (err: unknown) {
+    result.error = err instanceof Error ? err.message : "ASN lookup failed";
+    return result;
+  }
+}

package/src/core/features/backlinks.ts

@@ -0,0 +1,83 @@
+import { assertValidDomain } from "../validate.js";
+
+export interface BacklinkResult {
+  domain: string;
+  estimatedBacklinks: number | null;
+  pageRank: number | null;
+  commonCrawlPages: number | null;
+  sources: BacklinkSource[];
+  error: string | null;
+}
+
+export interface BacklinkSource {
+  name: string;
+  value: number | null;
+  error: string | null;
+}
+
+async function checkCommonCrawl(domain: string): Promise<BacklinkSource> {
+  try {
+    // Use Common Crawl index API to estimate pages
+    const resp = await fetch(
+      `https://index.commoncrawl.org/CC-MAIN-2025-51-index?url=*.${encodeURIComponent(domain)}&output=json&limit=1&showNumPages=true`,
+      { signal: AbortSignal.timeout(10000) }
+    );
+    if (!resp.ok) {
+      return { name: "CommonCrawl", value: null, error: `HTTP ${resp.status}` };
+    }
+    const text = await resp.text();
+    // The showNumPages response is a single number
+    const pages = parseInt(text.trim(), 10);
+    if (!isNaN(pages)) {
+      return { name: "CommonCrawl", value: pages, error: null };
+    }
+    // Try parsing as JSON lines
+    const lines = text.trim().split("\n").filter(Boolean);
+    return { name: "CommonCrawl", value: lines.length, error: null };
+  } catch (err: unknown) {
+    return { name: "CommonCrawl", value: null, error: err instanceof Error ? err.message : "Failed" };
+  }
+}
+
+async function checkOpenPageRank(domain: string): Promise<BacklinkSource> {
+  try {
+    // Open PageRank - free API, no key needed for basic lookups
+    const resp = await fetch(
+      `https://openpagerank.com/api/v1.0/getPageRank?domains[]=${encodeURIComponent(domain)}`,
+      {
+        signal: AbortSignal.timeout(8000),
+        headers: { "User-Agent": "DomainSniper/2.0" },
+      }
+    );
+    if (!resp.ok) {
+      return { name: "OpenPageRank", value: null, error: `HTTP ${resp.status}` };
+    }
+    const data = await resp.json() as {
+      status_code?: number;
+      response?: Array<{ page_rank_decimal?: number; rank?: number }>;
+    };
+    const first = data.response?.[0];
+    const rank = first?.page_rank_decimal ?? first?.rank ?? null;
+    return { name: "OpenPageRank", value: typeof rank === "number" ? rank : null, error: null };
+  } catch (err: unknown) {
+    return { name: "OpenPageRank", value: null, error: err instanceof Error ? err.message : "Failed" };
+  }
+}
+
+export async function estimateBacklinks(domain: string): Promise<BacklinkResult> {
+  assertValidDomain(domain);
+
+  const [ccResult, prResult] = await Promise.all([
+    checkCommonCrawl(domain),
+    checkOpenPageRank(domain),
+  ]);
+
+  return {
+    domain,
+    estimatedBacklinks: ccResult.value,
+    pageRank: prResult.value,
+    commonCrawlPages: ccResult.value,
+    sources: [ccResult, prResult],
+    error: null,
+  };
+}

package/src/core/features/blacklist-check.ts

@@ -0,0 +1,67 @@
+import { execFile } from "child_process";
+import { promisify } from "util";
+import { assertValidDomain } from "../validate.js";
+
+const execFileAsync = promisify(execFile);
+
+export interface BlacklistResult {
+  domain: string;
+  listed: boolean;
+  lists: BlacklistEntry[];
+  cleanCount: number;
+  listedCount: number;
+}
+
+export interface BlacklistEntry {
+  name: string;
+  listed: boolean;
+  detail: string | null;
+}
+
+// DNS-based blacklists for domain reputation
+const DOMAIN_BLACKLISTS = [
+  { name: "Spamhaus DBL", suffix: "dbl.spamhaus.org" },
+  { name: "SURBL", suffix: "multi.surbl.org" },
+  { name: "URIBL", suffix: "multi.uribl.com" },
+  { name: "Spamhaus ZEN", suffix: "zen.spamhaus.org" },
+  { name: "Barracuda", suffix: "b.barracudacentral.org" },
+  { name: "SpamCop", suffix: "bl.spamcop.net" },
+  { name: "PhishTank", suffix: "phishtank.org" },
+  { name: "SORBS", suffix: "dnsbl.sorbs.net" },
+];
+
+async function checkBlacklist(
+  domain: string,
+  bl: { name: string; suffix: string }
+): Promise<BlacklistEntry> {
+  try {
+    const query = `${domain}.${bl.suffix}`;
+    const { stdout } = await execFileAsync("dig", ["+short", query, "A"], { timeout: 5000 });
+    const result = stdout.trim();
+    // A response (typically 127.0.0.x) means listed
+    if (result && result.startsWith("127.")) {
+      return { name: bl.name, listed: true, detail: result };
+    }
+    return { name: bl.name, listed: false, detail: null };
+  } catch {
+    // NXDOMAIN or timeout = not listed (which is good)
+    return { name: bl.name, listed: false, detail: null };
+  }
+}
+
+export async function checkBlacklists(domain: string): Promise<BlacklistResult> {
+  assertValidDomain(domain);
+
+  const results = await Promise.all(
+    DOMAIN_BLACKLISTS.map((bl) => checkBlacklist(domain, bl))
+  );
+
+  const listedCount = results.filter((r) => r.listed).length;
+  return {
+    domain,
+    listed: listedCount > 0,
+    lists: results,
+    cleanCount: results.length - listedCount,
+    listedCount,
+  };
+}

package/src/core/features/cert-transparency.ts

@@ -0,0 +1,87 @@
+import { assertValidDomain } from "../validate.js";
+
+export interface CertTransparencyResult {
+  domain: string;
+  subdomains: string[];
+  certificates: CertEntry[];
+  totalCerts: number;
+  error: string | null;
+}
+
+export interface CertEntry {
+  commonName: string;
+  issuer: string;
+  notBefore: string;
+  notAfter: string;
+}
+
+export async function queryCertTransparency(domain: string): Promise<CertTransparencyResult> {
+  assertValidDomain(domain);
+
+  const result: CertTransparencyResult = {
+    domain,
+    subdomains: [],
+    certificates: [],
+    totalCerts: 0,
+    error: null,
+  };
+
+  try {
+    const resp = await fetch(
+      `https://crt.sh/?q=%25.${encodeURIComponent(domain)}&output=json`,
+      { signal: AbortSignal.timeout(15000) }
+    );
+
+    if (!resp.ok) {
+      result.error = `crt.sh returned HTTP ${resp.status}`;
+      return result;
+    }
+
+    const data = await resp.json() as Array<{
+      common_name?: string;
+      name_value?: string;
+      issuer_name?: string;
+      not_before?: string;
+      not_after?: string;
+    }>;
+
+    result.totalCerts = data.length;
+
+    // Extract unique subdomains
+    const subdomainSet = new Set<string>();
+    for (const cert of data) {
+      if (cert.common_name) {
+        const cn = cert.common_name.toLowerCase().replace(/^\*\./, "");
+        if (cn.endsWith(domain) || cn === domain) subdomainSet.add(cn);
+      }
+      if (cert.name_value) {
+        const names = cert.name_value.split("\n");
+        for (const name of names) {
+          const clean = name.trim().toLowerCase().replace(/^\*\./, "");
+          if (clean.endsWith(domain) || clean === domain) subdomainSet.add(clean);
+        }
+      }
+    }
+
+    result.subdomains = Array.from(subdomainSet).sort();
+
+    // Keep recent certs (deduplicated by common name)
+    const seen = new Set<string>();
+    for (const cert of data.slice(0, 50)) {
+      const cn = cert.common_name || "";
+      if (seen.has(cn)) continue;
+      seen.add(cn);
+      result.certificates.push({
+        commonName: cn,
+        issuer: cert.issuer_name || "",
+        notBefore: cert.not_before || "",
+        notAfter: cert.not_after || "",
+      });
+    }
+
+    return result;
+  } catch (err: unknown) {
+    result.error = err instanceof Error ? err.message : "Certificate transparency lookup failed";
+    return result;
+  }
+}

package/src/core/features/config.ts

@@ -0,0 +1,81 @@
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import type { RegistrarProvider } from "../registrar.js";
+import { APP_DIR, CONFIG_FILE } from "../paths.js";
+
+const CONFIG_DIR = APP_DIR;
+
+export interface DomainSniperConfig {
+  concurrency: number;
+  rateLimitMs: number;
+  defaultTldPreset: "popular" | "premium" | "startup" | "all";
+  registrar: {
+    provider: RegistrarProvider;
+    apiKey: string;
+    apiSecret: string;
+    accountId: string;
+    username: string;
+    clientIp: string;
+  } | null;
+  notifications: {
+    webhookUrl: string | null;
+    emailTo: string | null;
+    smtpHost: string | null;
+    smtpPort: number;
+    smtpUser: string | null;
+    smtpPass: string | null;
+  };
+  watch: {
+    intervalMs: number;
+    desktopNotify: boolean;
+  };
+}
+
+const DEFAULT_CONFIG: DomainSniperConfig = {
+  concurrency: 5,
+  rateLimitMs: 500,
+  defaultTldPreset: "popular",
+  registrar: null,
+  notifications: {
+    webhookUrl: null,
+    emailTo: null,
+    smtpHost: null,
+    smtpPort: 587,
+    smtpUser: null,
+    smtpPass: null,
+  },
+  watch: {
+    intervalMs: 3600000,
+    desktopNotify: true,
+  },
+};
+
+function ensureDir(): void {
+  if (!existsSync(CONFIG_DIR)) {
+    mkdirSync(CONFIG_DIR, { recursive: true });
+  }
+}
+
+export function loadConfig(): DomainSniperConfig {
+  ensureDir();
+  if (!existsSync(CONFIG_FILE)) return { ...DEFAULT_CONFIG };
+  try {
+    const content = readFileSync(CONFIG_FILE, "utf-8");
+    const parsed = JSON.parse(content);
+    return { ...DEFAULT_CONFIG, ...parsed };
+  } catch {
+    return { ...DEFAULT_CONFIG };
+  }
+}
+
+export function saveConfig(config: DomainSniperConfig): void {
+  ensureDir();
+  writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2), "utf-8");
+}
+
+export function getConfigPath(): string {
+  return CONFIG_FILE;
+}
+
+export function resetConfig(): void {
+  saveConfig(DEFAULT_CONFIG);
+}

package/src/core/features/cors-check.ts

@@ -0,0 +1,90 @@
+import { assertValidDomain } from "../validate.js";
+
+export interface CorsResult {
+  domain: string;
+  vulnerable: boolean;
+  findings: CorsFinding[];
+  error: string | null;
+}
+
+export interface CorsFinding {
+  test: string;
+  origin: string;
+  allowed: boolean;
+  credentials: boolean;
+  severity: "critical" | "high" | "medium" | "low" | "info";
+  detail: string;
+}
+
+const CORS_TESTS: { name: string; origin: string; severity: "critical" | "high" | "medium" }[] = [
+  { name: "Wildcard origin", origin: "https://evil.com", severity: "critical" },
+  { name: "Null origin", origin: "null", severity: "high" },
+  { name: "Subdomain reflection", origin: "https://evil.TARGET", severity: "high" },
+  { name: "Prefix match bypass", origin: "https://TARGETevil.com", severity: "medium" },
+  { name: "Suffix match bypass", origin: "https://evil-TARGET", severity: "medium" },
+  { name: "HTTP downgrade", origin: "http://TARGET", severity: "medium" },
+];
+
+export async function checkCors(domain: string): Promise<CorsResult> {
+  assertValidDomain(domain);
+
+  const result: CorsResult = {
+    domain, vulnerable: false, findings: [], error: null,
+  };
+
+  try {
+    for (const test of CORS_TESTS) {
+      const origin = test.origin
+        .replace(/TARGET/g, domain);
+
+      try {
+        const resp = await fetch(`https://${domain}`, {
+          signal: AbortSignal.timeout(8000),
+          headers: {
+            "Origin": origin,
+            "User-Agent": "DomainSniper/2.0",
+          },
+        });
+
+        const acao = resp.headers.get("access-control-allow-origin");
+        const acac = resp.headers.get("access-control-allow-credentials");
+        const allowed = acao === origin || acao === "*";
+        const credentials = acac === "true";
+
+        if (allowed) {
+          const finding: CorsFinding = {
+            test: test.name,
+            origin,
+            allowed: true,
+            credentials,
+            severity: credentials ? "critical" : test.severity,
+            detail: credentials
+              ? `Reflects origin ${origin} WITH credentials — full account takeover possible`
+              : `Reflects origin ${origin} (no credentials)`,
+          };
+
+          result.findings.push(finding);
+          if (credentials || test.severity === "critical") {
+            result.vulnerable = true;
+          }
+        } else if (acao === "*") {
+          result.findings.push({
+            test: test.name,
+            origin,
+            allowed: true,
+            credentials: false,
+            severity: "medium",
+            detail: "Wildcard ACAO (*) — allows any origin to read responses",
+          });
+        }
+      } catch {
+        // Connection error — skip this test
+      }
+    }
+
+    return result;
+  } catch (err: unknown) {
+    result.error = err instanceof Error ? err.message : "CORS check failed";
+    return result;
+  }
+}

package/src/core/features/dns-details.ts

@@ -0,0 +1,27 @@
+import { execFile } from "child_process";
+import { promisify } from "util";
+import { assertValidDomain } from "../validate.js";
+import type { DnsDetails } from "../types.js";
+
+const execFileAsync = promisify(execFile);
+
+async function digQuery(domain: string, type: string): Promise<string[]> {
+  try {
+    const { stdout } = await execFileAsync("dig", ["+short", domain, type], { timeout: 10000 });
+    return stdout.trim().split("\n").filter(Boolean);
+  } catch {
+    return [];
+  }
+}
+
+export async function lookupDns(domain: string): Promise<DnsDetails> {
+  assertValidDomain(domain);
+  const [a, aaaa, mx, txt, cname] = await Promise.all([
+    digQuery(domain, "A"),
+    digQuery(domain, "AAAA"),
+    digQuery(domain, "MX"),
+    digQuery(domain, "TXT"),
+    digQuery(domain, "CNAME"),
+  ]);
+  return { a, aaaa, mx, txt, cname };
+}

package/src/core/features/domain-age.ts

@@ -0,0 +1,33 @@
+export function calculateDomainAge(createdDate: string | null): string | null {
+  if (!createdDate) return null;
+  try {
+    const created = new Date(createdDate);
+    if (isNaN(created.getTime())) return null;
+    const now = new Date();
+    const diffMs = now.getTime() - created.getTime();
+    if (diffMs < 0) return "Not yet created";
+    const days = Math.floor(diffMs / 86400000);
+    if (days < 1) return "< 1 day";
+    if (days < 30) return `${days}d`;
+    if (days < 365) {
+      const months = Math.floor(days / 30);
+      return `${months}mo`;
+    }
+    const years = Math.floor(days / 365);
+    const remainingMonths = Math.floor((days % 365) / 30);
+    return remainingMonths > 0 ? `${years}y ${remainingMonths}mo` : `${years}y`;
+  } catch {
+    return null;
+  }
+}
+
+export function daysUntilExpiry(expiryDate: string | null): number | null {
+  if (!expiryDate) return null;
+  try {
+    const expiry = new Date(expiryDate);
+    if (isNaN(expiry.getTime())) return null;
+    return Math.floor((expiry.getTime() - Date.now()) / 86400000);
+  } catch {
+    return null;
+  }
+}

package/src/core/features/domain-suggest.ts

@@ -0,0 +1,87 @@
+const PREFIXES = [
+  "get", "try", "use", "go", "my", "hey", "the",
+  "super", "hyper", "ultra", "mega", "meta", "neo",
+  "re", "un", "co", "ai",
+];
+
+const SUFFIXES = [
+  "app", "hq", "hub", "lab", "labs", "io", "ly",
+  "ify", "ize", "ful", "box", "kit", "now",
+  "run", "dev", "ops", "ai", "x", "up",
+];
+
+const TECH_WORDS = [
+  "sync", "flow", "stack", "link", "dash", "grid",
+  "node", "edge", "core", "loop", "ping", "bolt",
+  "wave", "spark", "cloud", "beam", "data", "byte",
+  "pixel", "craft", "forge", "vault", "pulse", "shift",
+];
+
+export interface Suggestion {
+  name: string;
+  domain: string;
+  strategy: string;
+}
+
+export function generateSuggestions(
+  keyword: string,
+  tld: string = "com",
+  maxResults: number = 30
+): Suggestion[] {
+  const word = keyword.toLowerCase().replace(/[^a-z0-9]/g, "");
+  if (!word) return [];
+
+  const suggestions: Suggestion[] = [];
+  const seen = new Set<string>();
+
+  function add(name: string, strategy: string) {
+    const domain = `${name}.${tld}`;
+    if (!seen.has(domain) && name.length >= 3 && name.length <= 20) {
+      seen.add(domain);
+      suggestions.push({ name, domain, strategy });
+    }
+  }
+
+  // Prefix combinations
+  for (const prefix of PREFIXES) {
+    if (suggestions.length >= maxResults) break;
+    add(`${prefix}${word}`, `prefix: ${prefix}+`);
+  }
+
+  // Suffix combinations
+  for (const suffix of SUFFIXES) {
+    if (suggestions.length >= maxResults) break;
+    add(`${word}${suffix}`, `suffix: +${suffix}`);
+  }
+
+  // Word mashups
+  for (const tech of TECH_WORDS) {
+    if (suggestions.length >= maxResults) break;
+    add(`${word}${tech}`, `mashup: +${tech}`);
+    add(`${tech}${word}`, `mashup: ${tech}+`);
+  }
+
+  // Truncations
+  if (word.length > 4) {
+    add(word.slice(0, 4), "truncation: first 4");
+    add(word.slice(0, 5), "truncation: first 5");
+  }
+
+  // Vowel removal
+  const noVowels = word.replace(/[aeiou]/g, "");
+  if (noVowels.length >= 3 && noVowels !== word) {
+    add(noVowels, "vowel removal");
+  }
+
+  // Double last letter
+  add(`${word}${word.slice(-1)}`, "doubled ending");
+
+  // Rhyme patterns
+  const rhymeSuffixes = ["oo", "ee", "ify", "ly", "er", "le"];
+  for (const r of rhymeSuffixes) {
+    if (suggestions.length >= maxResults) break;
+    add(`${word}${r}`, `rhyme: +${r}`);
+  }
+
+  return suggestions.slice(0, maxResults);
+}