Hasere is a tool that can discovery the virtual hosts and related filetype using google and bing search engines. Optionally, it uses the nmap to determine the ip addresses which have 80 or 443 opened port. After that it uses the bing search engine to determine which domains were hosted or have been hosted on this ip address. Finally, it search the filetype which was confiured via filetype_path parameters for this domain. So you can discovery the hole for your web pentesting easily. Install the needed libraries:
Usage; -s : Subnet Information -t : Timeout Value -f : FileType -n : Use nmap (optional)
# apt-get install python-setuptools # wget https://github.com/pkrumins/xgoogle/archive/master.zip # cd xgoogle-master # python setup.py install # wget https://github.com/galkan/hasere/archive/master.zip # unzip master.zip # cd hasere-master # ./hasere.py -h
if you want to determine which ip addresses have opened port 80 or 443, use -n option.
# cat data/filetype php asp
NOTE: It was tested on Kali Linux.
# ./hasere.py -s 126.96.36.199/28 -t 3 -f data/filetype -n Ip Address: Host_Name: Google_Output: ----------- ---------- -------------- 188.8.131.52 www.linux.org --- 184.108.40.206 www.linux.org --- 220.127.116.11 www.fobusholster.com --- 18.104.22.168 www.fobusholster.com --- 22.214.171.124 www.couturecreations.net www.couturecreations.net/site/cart.php 126.96.36.199 www.couturecreations.net www.couturecreations.net/site/cart.php, www.couturecreations.net/site/cart.php 188.8.131.52 www.mccaffreys.com www.couturecreations.net/site/cart.php, www.couturecreations.net/site/cart.php, www.couturecreations.net/site/cart.php