提取主机
从文件中提取主机(IP /主机名)。可以从文本文件,PE等中提取主机。任何将主机保持为纯文本格式而又不会使其模糊的文件都应将其提取出来。
安装
git clone https://github.com/bwall/ExtractHosts.git
cd ExtractHosts
sudo python setup.py install
用法
以下是一些用法用法示例
bwall@research:~$ eh -h
usage: ./eh [-h] [-v] [-r] [-f] [-d] [-s] [-T] [-4] [-6] [-D]
[path [path ...]]
Identifies and extracts domains and IPs from files
positional arguments:
path Paths to files or directories to scan (if not
supplied, stdin is the file being read)
optional arguments:
-h, --help show this help message and exit
-v, --version show program's version number and exit
-r, --recursive Scan paths recursively
-f, --show-files Show file names along with results
-d, --hide-duplicates
Hide duplicate results (hides per file when show-files
is enabled)
-s, --strict Stricter processing of domains
-T, --test Run some quick self tests
-4, --ipv4 Return IPv4 results
-6, --ipv6 Return IPv6 results
-D, --domain Return domain results
/usr/local/bin/eh v1.3.1 by Brian Wallace (@botnet_hunter)
get
bwall@research:~$ wget http://bwall.github.io/ -qO- | eh -d
bwall.github.io
twitter.com
gmail.com
github.com
README.md
ajax.googleapis.com
crypto-js.googlecode.com
google-analytics.com
例子
0686429b86844d9d1a14a159a0263b9bfcea4fd247c77537aa0278c9c5cb4ac3文件是为演示目的而创建的POS恶意软件Dexter的示例。
bwall@research:~$eh 0686429b86844d9d1a14a159a0263b9bfcea4fd247c77537aa0278c9c5cb4ac3
houseofcarders.com
文章来源及下载:
https://github.com/bwall/ExtractHosts
你可能喜欢