[리눅스] knockpy : Subdomain Scanner

Knockpy

– Open Source Subdomain Scanner Tool

 : Python tool designed to enumerate subdomains on a target domain

 

prerequisites

$ cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)

python version

$ python --version
Python 2.7.5

pip version

$ pip -V
pip 19.1.1 from /usr/lib/python2.7/site-packages/pip (python 2.7)

dependencies

pip install dnspython

installing

git clone https://github.com/guelfoweb/knock.git knock_4.1.1

cd knock_4.1.1

python setup.py install

 

./knockpy/knockpy.py -h

$ ./knockpy/knockpy.py -h
usage: knockpy [-h] [-v] [-w WORDLIST] [-r] [-c] [-f] [-j] domain

___________________________________________
knock subdomain scan
knockpy v.4.1.1
Author: Gianni 'guelfoweb' Amato
Github: https://github.com/guelfoweb/knock
___________________________________________

positional arguments:
  domain           target to scan, like domain.com

optional arguments:
  -h, --help       show this help message and exit
  -v, --version    show program's version number and exit
  -w WORDLIST      specific path to wordlist file
  -r, --resolve    resolve single ip or domain name
  -c, --csv        save output in csv
  -f, --csvfields  add fields name to the first row of csv output file
  -j, --json       export full report in JSON

example:
  knockpy domain.com
  knockpy domain.com -w wordlist.txt
  knockpy -r domain.com or IP
  knockpy -c domain.com
  knockpy -j domain.com

For virustotal subdomains support you can setting your API KEY in the config.json file.

 

./knockpy/knockpy.py sangchul.kr

$ ./knockpy/knockpy.py sangchul.kr

install knockpy
API Key : https://www.virustotal.com

cd knock

vim knockpy/config.json

{
"virustotal": ""
}

 

참고URL

- https://manpages.debian.org/testing/knockpy/knockpy.1.en.html