mirror of
https://github.com/adulau/DomainClassifier.git
synced 2024-11-22 18:07:07 +00:00
GitHub
commit
1e8f0d12f3
2 changed files with 19 additions and 10 deletions
|
|
@ -8,6 +8,7 @@ import re
|
||||||
import dns.resolver
|
import dns.resolver
|
||||||
import IPy
|
import IPy
|
||||||
import socket
|
import socket
|
||||||
|
import time
|
||||||
from datetime import date, timedelta
|
from datetime import date, timedelta
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
|
@ -22,9 +23,9 @@ try:
|
||||||
except:
|
except:
|
||||||
print ("pybgpranking is not installed - ranking of ASN values won't be possible")
|
print ("pybgpranking is not installed - ranking of ASN values won't be possible")
|
||||||
__author__ = "Alexandre Dulaunoy"
|
__author__ = "Alexandre Dulaunoy"
|
||||||
__copyright__ = "Copyright 2012-2019, Alexandre Dulaunoy"
|
__copyright__ = "Copyright 2012-2021, Alexandre Dulaunoy"
|
||||||
__license__ = "AGPL version 3"
|
__license__ = "AGPL version 3"
|
||||||
__version__ = "0.8"
|
__version__ = "0.9"
|
||||||
|
|
||||||
|
|
||||||
class Extract:
|
class Extract:
|
||||||
|
|
@ -122,7 +123,7 @@ class Extract:
|
||||||
returns a list of existing domain. If the extended flag is true, a set is
|
returns a list of existing domain. If the extended flag is true, a set is
|
||||||
return with the associated DNS resources found."""
|
return with the associated DNS resources found."""
|
||||||
|
|
||||||
def validdomain(self, rtype=['A', 'AAAA', 'SOA', 'MX', 'CNAME'], extended=True):
|
def validdomain(self, rtype=['A', 'AAAA', 'SOA', 'MX', 'CNAME'], extended=True, passive_dns=False):
|
||||||
if extended is False:
|
if extended is False:
|
||||||
self.vdomain = set()
|
self.vdomain = set()
|
||||||
else:
|
else:
|
||||||
|
|
@ -135,11 +136,18 @@ class Extract:
|
||||||
except:
|
except:
|
||||||
pass
|
pass
|
||||||
else:
|
else:
|
||||||
self.vdomain.append(domain)
|
# Pasive DNS output
|
||||||
if extended is False:
|
# timestamp||dns-client ||dns-server||RR class||Query||Query Type||Answer||TTL||Count
|
||||||
self.vdomain.add((domain))
|
if passive_dns:
|
||||||
else:
|
rrset = answers.rrset.to_text().splitlines()
|
||||||
|
for dns_resp in rrset:
|
||||||
|
dns_resp = dns_resp.split()
|
||||||
|
passive_dns_out = '{}||127.0.0.1||{}||{}||{}||{}||{}||{}||1\n'.format(time.time(), self.presolver.nameservers[0], dns_resp[2], domain, dnstype, dns_resp[4], answers.ttl)
|
||||||
|
self.vdomain.add((passive_dns_out))
|
||||||
|
elif extended:
|
||||||
self.vdomain.append((domain, dnstype, answers[0]))
|
self.vdomain.append((domain, dnstype, answers[0]))
|
||||||
|
else:
|
||||||
|
self.vdomain.add((domain))
|
||||||
return self.vdomain
|
return self.vdomain
|
||||||
|
|
||||||
"""ipaddress method extracts from the domain list the valid IPv4 addresses"""
|
"""ipaddress method extracts from the domain list the valid IPv4 addresses"""
|
||||||
|
|
@ -272,7 +280,7 @@ class Extract:
|
||||||
return set(self.cleandomain)
|
return set(self.cleandomain)
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
c = Extract(rawtext="www.foo.lu www.xxx.com this is a text with a domain called test@foo.lu another test abc.lu something a.b.c.d.e end of 1.2.3.4 foo.be www.belnet.be http://www.cert.be/ www.public.lu www.allo.lu quuxtest www.eurodns.com something-broken-www.google.com www.google.lu trailing test www.facebook.com www.nic.ru www.youporn.com 8.8.8.8 201.1.1.1 abc.dontexist", nameservers=['127.0.0.1'])
|
c = Extract(rawtext="www.foo.lu www.xxx.com this is a text with a domain called test@foo.lu another test abc.lu something a.b.c.d.e end of 1.2.3.4 foo.be www.belnet.be http://www.cert.be/ www.public.lu www.allo.lu quuxtest www.eurodns.com something-broken-www.google.com www.google.lu trailing test www.facebook.com www.nic.ru www.youporn.com 8.8.8.8 201.1.1.1 abc.dontexist")
|
||||||
c.text(rawtext="www.abc.lu www.xxx.com random text a test bric broc www.lemonde.fr www.belnet.be www.foo.be")
|
c.text(rawtext="www.abc.lu www.xxx.com random text a test bric broc www.lemonde.fr www.belnet.be www.foo.be")
|
||||||
print (c.potentialdomain())
|
print (c.potentialdomain())
|
||||||
print (c.potentialdomain(validTLD=True))
|
print (c.potentialdomain(validTLD=True))
|
||||||
|
|
@ -295,3 +303,4 @@ if __name__ == "__main__":
|
||||||
print (c.potentialdomain(validTLD=True))
|
print (c.potentialdomain(validTLD=True))
|
||||||
c.validdomain()
|
c.validdomain()
|
||||||
print (c.localizedomain(cc='US'))
|
print (c.localizedomain(cc='US'))
|
||||||
|
print(c.validdomain(extended=False, passive_dns=True))
|
||||||
|
|
|
||||||
|
|
@ -97,12 +97,12 @@ Exclude dot.lu:
|
||||||
|
|
||||||
### Software using DomainClassifier
|
### Software using DomainClassifier
|
||||||
|
|
||||||
* [AIL framework - Analysis Information Leak framework](https://github.com/CIRCL/AIL-framework)
|
* [AIL framework - Analysis Information Leak framework](https://github.com/ail-project/ail-framework)
|
||||||
|
|
||||||
### License
|
### License
|
||||||
|
|
||||||
~~~~
|
~~~~
|
||||||
Copyright (C) 2012-2019 Alexandre Dulaunoy - a(at)foo.be
|
Copyright (C) 2012-2021 Alexandre Dulaunoy - a(at)foo.be
|
||||||
|
|
||||||
This program is free software: you can redistribute it and/or modify
|
This program is free software: you can redistribute it and/or modify
|
||||||
it under the terms of the GNU Affero General Public License as
|
it under the terms of the GNU Affero General Public License as
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue