{"id":14153904,"url":"https://github.com/HuntDownProject/HEDnsExtractor","last_synced_at":"2025-08-05T23:31:26.526Z","repository":{"id":181668873,"uuid":"667121072","full_name":"HuntDownProject/HEDnsExtractor","owner":"HuntDownProject","description":"A suite for hunting suspicious targets, expose domains and phishing discovery","archived":false,"fork":false,"pushed_at":"2024-08-12T23:24:53.000Z","size":3243,"stargazers_count":314,"open_issues_count":1,"forks_count":41,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-08-17T07:01:56.886Z","etag":null,"topics":["adversarial-attacks","malware-analysis","phishing-detection","threat-hunting","threat-intelligence","threatintel"],"latest_commit_sha":null,"homepage":"https://huntdownproject.github.io/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HuntDownProject.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-16T17:51:37.000Z","updated_at":"2024-08-17T07:02:08.424Z","dependencies_parsed_at":"2023-12-11T18:25:09.614Z","dependency_job_id":"8b4c905a-b6ef-4eac-a6ce-0b60707ff4a2","html_url":"https://github.com/HuntDownProject/HEDnsExtractor","commit_stats":null,"previous_names":["teixeira0xfffff/hednsextractor","huntdownproject/hednsextractor"],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HuntDownProject%2FHEDnsExtractor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HuntDownProject%2FHEDnsExtractor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HuntDownProject%2FHEDnsExtractor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HuntDownProject%2FHEDnsExtractor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HuntDownProject","download_url":"https://codeload.github.com/HuntDownProject/HEDnsExtractor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228818899,"owners_count":17976850,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adversarial-attacks","malware-analysis","phishing-detection","threat-hunting","threat-intelligence","threatintel"],"created_at":"2024-08-17T07:01:11.620Z","updated_at":"2024-12-09T01:30:38.244Z","avatar_url":"https://github.com/HuntDownProject.png","language":"Go","funding_links":[],"categories":["Other Lists"],"sub_categories":["LAB","šŸ§Ŗ LAB"],"readme":"\u003cp align=\"center\"\u003e\n \u003cimg src=\"assets/logo.png\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eHEDnsExtractor\u003c/h1\u003e\n\u003cp align=\"center\"\u003e\n A suite for hunting suspicious targets, expose domains and phishing discovery\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n \u003ca href=\"https://go.dev/\"\u003e\n \u003cimg src=\"https://img.shields.io/github/go-mod/go-version/HuntDownProject/hednsextractor\"\u003e\n \u003c/a\u003e\n \u003ca href=\"https://opensource.org\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Open%20Source-%E2%9D%A4-brightgreen.svg\"\u003e\n \u003c/a\u003e\n\u003c/p\u003e\n\n## Features\n\n* Implementing workflows with yaml šŸ”„\n* Adds support to work with multiples domains as target šŸ”„\n* Regex support šŸ„·\n* VirusTotal Integration\n* Adds support to work with IPv6 filters šŸ”„\n* Extract networks based on IP/Domain\n* Extract domains from networks.\n \n# Workflows\n\n## Installation\n\n```\ngo install -v github.com/HuntDownProject/hednsextractor/cmd/hednsextractor@latest\n```\n\n## Usage\n\n```bash\nhednsextractor -h\n```\n\n```\nHEDnsExtractor - Raw html extractor from Hurricane Electric portal!\n\nUsage:\n hednsextractor [flags]\n\nFlags:\nCONFIGURATION:\n -config string flag config file (default \"/home/hunter/.config/hednsextractor/config.yaml\")\n\nVIRUSTOTAL:\n -vt show Virustotal score\n -vt-api-key string Virustotal API Key\n -vt-score string Minimum Virustotal score to show (default \"0\")\n\nOTHER OPTIONS:\n -only-domains show only domains\n -only-networks show only networks\n -workflow string Workflow config\n -target string IP Address or Network to query\n -silent show silent output\n -verbose show verbose output\n```\n\n## Running\n\nGetting the IP Addresses used for hackerone.com, and enumerating only the networks.\n\n```bash\nnslookup hackerone.com | awk '/Address: / {print $2}' | hednsextractor -silent -only-networks\n\n[INF] [104.16.99.52] 104.16.0.0/12\n[INF] [104.16.99.52] 104.16.96.0/20\n```\n\nGetting the IP Addresses used for hackerone.com, and enumerating only the domains (using tail to show the first 10 results).\n\n```bash\nnslookup hackerone.com | awk '/Address: / {print $2}' | hednsextractor -silent -only-domains | tail -n 10\n\nherllus.com\nhezzy.store\nhilariostore.com\nhiperdrop.com\nhippratas.online\nhitsstory.com\nhobbyshop.site\nholyangelstore.com\nholzfallerstore.fun\nhomedescontoo.com\n```\n\n### Running with Virustotal\n\nEdit the config file and add the Virustotal API Key\n\n```bash\ncat $HOME/.config/hednsextractor/config.yaml \n```\n\n```ini\n# hednsextractor config file\n# generated by https://github.com/projectdiscovery/goflags\n\n# show only domains\n#only-domains: false\n\n# show only networks\n#only-networks: false\n\n# show virustotal score\n#vt: false\n\n# minimum virustotal score to show\n#vt-score: 0\n\n# ip address or network to query\n#target: \n\n# show silent output\n#silent: false\n\n# show verbose output\n#verbose: false\n\n# virustotal api key\nvt-api-key: Your API Key goes here\n```\n\nSo, run the `hednsextractor` with `-vt` parameter.\n\n```bash \nnslookup hackerone.com | awk '/Address: / {print $2}' | hednsextractor -only-domains -vt \n```\n\nAnd the output will be as below\n```\nā•­ā•®ā•±ā•­ā”³ā”ā”ā”ā”³ā”ā”ā”ā•®ā•±ā•±ā•±ā•±ā•±ā•­ā”ā”ā”ā•®ā•±ā•±ā•­ā•®ā•±ā•±ā•±ā•±ā•±ā•±ā•±ā•±ā•­ā•®\nā”ƒā”ƒā•±ā”ƒā”ƒā•­ā”ā”ā”»ā•®ā•­ā•®ā”ƒā•±ā•±ā•±ā•±ā•±ā”ƒā•­ā”ā”ā•Æā•±ā•­ā•Æā•°ā•®ā•±ā•±ā•±ā•±ā•±ā•±ā•­ā•Æā•°ā•®\nā”ƒā•°ā”ā•Æā”ƒā•°ā”ā”ā•®ā”ƒā”ƒā”ƒā”£ā”ā•®ā•­ā”ā”ā”«ā•°ā”ā”ā”³ā•®ā”£ā•®ā•­ā•‹ā”ā”³ā”ā”ā”³ā”ā”»ā•®ā•­ā•‹ā”ā”ā”³ā”ā•®\nā”ƒā•­ā”ā•®ā”ƒā•­ā”ā”ā•Æā”ƒā”ƒā”ƒā”ƒā•­ā•®ā”«ā”ā”ā”«ā•­ā”ā”ā”»ā•‹ā•‹ā”«ā”ƒā”ƒā•­ā”«ā•­ā•®ā”ƒā•­ā”ā”«ā”ƒā”ƒā•­ā•®ā”ƒā•­ā•Æ\nā”ƒā”ƒā•±ā”ƒā”ƒā•°ā”ā”ā”³ā•Æā•°ā•Æā”ƒā”ƒā”ƒā”£ā”ā”ā”ƒā•°ā”ā”ā”³ā•‹ā•‹ā”«ā•°ā”«ā”ƒā”ƒā•­ā•®ā”ƒā•°ā”ā”«ā•°ā”«ā•°ā•Æā”ƒā”ƒ\nā•°ā•Æā•±ā•°ā”»ā”ā”ā”ā”»ā”ā”ā”ā”»ā•Æā•°ā”»ā”ā”ā”»ā”ā”ā”ā”»ā•Æā•°ā”»ā”ā”»ā•Æā•°ā•Æā•°ā”»ā”ā”ā”»ā”ā”»ā”ā”ā”»ā•Æ\n\n[INF] Current hednsextractor version v1.0.0\n[INF] [104.16.0.0/12] domain: ohst.ltd VT Score: 0\n[INF] [104.16.0.0/12] domain: jxcraft.net VT Score: 0\n[INF] [104.16.0.0/12] domain: teatimegm.com VT Score: 2\n[INF] [104.16.0.0/12] domain: debugcheat.com VT Score: 0\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHuntDownProject%2FHEDnsExtractor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FHuntDownProject%2FHEDnsExtractor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHuntDownProject%2FHEDnsExtractor/lists"}