Hasere is a tool that can discovery the virtual hosts and related filetype using google and bing search engines. Optionally, it uses the nmap to determine the ip addresses which have 80 or 443 opened port. After that it uses the bing search engine to determine which domains were hosted or have been hosted on this ip address. Finally, it search the filetype which was confiured via filetype_path parameters for this domain. So you can discovery the hole for your web pentesting easily. Install the needed libraries:
Usage; -s : Subnet Information -t : Timeout Value -f : FileType -n : Use nmap (optional)
# apt-get install python-setuptools # wget https://github.com/pkrumins/xgoogle/archive/master.zip # cd xgoogle-master # python setup.py install # wget https://github.com/galkan/hasere/archive/master.zip # unzip master.zip # cd hasere-master # ./hasere.py -h
if you want to determine which ip addresses have opened port 80 or 443, use -n option.
# cat data/filetype php asp
NOTE: It was tested on Kali Linux.
# ./hasere.py -s 18.104.22.168/28 -t 3 -f data/filetype -n Ip Address: Host_Name: Google_Output: ----------- ---------- -------------- 22.214.171.124 www.linux.org --- 126.96.36.199 www.linux.org --- 188.8.131.52 www.fobusholster.com --- 184.108.40.206 www.fobusholster.com --- 220.127.116.11 www.couturecreations.net www.couturecreations.net/site/cart.php 18.104.22.168 www.couturecreations.net www.couturecreations.net/site/cart.php, www.couturecreations.net/site/cart.php 22.214.171.124 www.mccaffreys.com www.couturecreations.net/site/cart.php, www.couturecreations.net/site/cart.php, www.couturecreations.net/site/cart.php