Home Explore Help
Sign In
radu
/
Domain-Hunter
mirror of https://github.com/threatexpress/domainhunter.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Browse Source

Fix Symantec Site Review (Bluecoat) reputation checking
+ Temporary fix for broken malware domains link. This service is no longer offered in the form used by DomainHunter.
+ Add internal code comments for readability
+ Add check for ExpiredDomains username before asking for a password

Andrew Chiles 4 years ago
parent
5b2e6b26ac
commit
59f2cdd7bf
2 changed files with 7 additions and 6 deletions
Split View Show Diff Stats
  1. 5 4
      README.md
  2. 2 2
      domainhunter.py

+ 5 - 4
README.md
View File 

@@ -4,12 +4,13 @@ Authors Joe Vest (@joevest) & Andrew Chiles (@andrewchiles)
 
 
 Domain name selection is an important aspect of preparation for penetration tests and especially Red Team engagements. Commonly, domains that were used previously for benign purposes and were properly categorized can be purchased for only a few dollars. Such domains can allow a team to bypass reputation based web filters and network egress restrictions for phishing and C2 related tasks. 
 
-This Python based tool was written to quickly query the Expireddomains.net search engine for expired/available domains with a previous history of use. It then optionally queries for domain reputation against services like Symantec WebPulse (BlueCoat), IBM X-Force, and Cisco Talos. The primary tool output is a timestamped HTML table style report.
 
+This Python based tool was written to quickly query the Expireddomains.net search engine for expired/available domains with a previous history of use. It then optionally queries for domain reputation against services like Symantec Site Review (BlueCoat), IBM X-Force, and Cisco Talos. The primary tool output is a timestamped HTML table style report.
 
 
-## Changes
 
+## Changelog
 
 
-- 15 May 2020
 
-   + Fix BlueCoat reputation checking to bypass XSRF and additional POST paramater checks
 
+- 07 January 2021
 
+   + Fix Symantec Site Review reputation checking to bypass XSRF and additional POST parameter checks
 
+   + Temporary fix for broken malware domains link. This service is no longer offered in the form used by DomainHunter.
 
    + Add internal code comments for readability
 
    + Add check for ExpiredDomains username before asking for a password

+ 2 - 2
domainhunter.py
View File 

@@ -19,7 +19,7 @@ import sys
 
 from urllib.parse import urlparse
 
 import getpass
 
 
-__version__ = "20200515"
 
+__version__ = "20210107"
 
 
 ## Functions
 
 
@@ -491,7 +491,7 @@ Examples:
 
 
     umbrella_apikey = args.umbrella_apikey
 
 
-    malwaredomainsURL = 'http://mirror1.malwaredomains.com/files/justdomains'
 
+    malwaredomainsURL = 'https://gitlab.com/gerowen/old-malware-domains-ad-list/-/raw/master/malwaredomainslist.txt'
 
     expireddomainsqueryURL = 'https://www.expireddomains.net/domain-name-search'
 
     expireddomainHost = "https://member.expireddomains.net"