{"id":13510732,"url":"https://github.com/SpiderLabs/HostHunter","last_synced_at":"2025-03-30T16:34:59.223Z","repository":{"id":40589197,"uuid":"133865365","full_name":"SpiderLabs/HostHunter","owner":"SpiderLabs","description":"HostHunter a recon tool for discovering hostnames using OSINT techniques.","archived":false,"fork":false,"pushed_at":"2023-03-30T14:14:12.000Z","size":20099,"stargazers_count":1072,"open_issues_count":0,"forks_count":181,"subscribers_count":46,"default_branch":"master","last_synced_at":"2024-10-29T20:32:58.972Z","etag":null,"topics":["bugbounty","hacking","hacking-tool","hosthunter","hostnames","ip","network-security","open-source","osint","penetration-testing","pentest","pentest-tool","pentesting","recon","reconnaissance","scoping","security-tools","tool","virtual-hosts"],"latest_commit_sha":null,"homepage":"https://github.com/SpiderLabs/HostHunter","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SpiderLabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-05-17T20:31:18.000Z","updated_at":"2024-10-28T15:56:19.000Z","dependencies_parsed_at":"2024-09-20T17:41:24.648Z","dependency_job_id":null,"html_url":"https://github.com/SpiderLabs/HostHunter","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpiderLabs%2FHostHunter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpiderLabs%2FHostHunter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpiderLabs%2FHostHunter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpiderLabs%2FHostHunter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SpiderLabs","download_url":"https://codeload.github.com/SpiderLabs/HostHunter/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222566739,"owners_count":17004237,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","hacking","hacking-tool","hosthunter","hostnames","ip","network-security","open-source","osint","penetration-testing","pentest","pentest-tool","pentesting","recon","reconnaissance","scoping","security-tools","tool","virtual-hosts"],"created_at":"2024-08-01T02:01:52.179Z","updated_at":"2025-03-30T16:34:59.215Z","avatar_url":"https://github.com/SpiderLabs.png","language":"Python","readme":"[![Python Version](https://img.shields.io/static/v1.svg?label=Python\u0026message=3.x\u0026color=blue)]()\n[![GitHub release](https://img.shields.io/github/release/SpiderLabs/HostHunter.svg?color=orange\u0026style=popout)](https://github.com/SpiderLabs/HostHunter/releases)\n[![License](https://img.shields.io/github/license/spiderlabs/hosthunter.svg)](https://github.com/SpiderLabs/HostHunter/blob/master/LICENSE)\n[![Issues](https://img.shields.io/github/issues/SpiderLabs/HostHunter?style=popout)](https://github.com/SpiderLabs/HostHunter/issues)\n[![Twitter Follow](https://img.shields.io/twitter/follow/superhedgy.svg?style=social)](https://twitter.com/superhedgy)\n\nHostHunter v2.0\n======\n\u003cimg align=\"center\" src=https://github.com/SpiderLabs/HostHunter/blob/beta_v2/hosthunter_logo.png alt=logo height=%50 width=%50\u003e\nA tool to efficiently discover and extract hostnames providing a large set of target IPv4 or IPv6 addresses. HostHunter utilises simple OSINT and active reconaissance techniques to map IP targets with virtual hostnames. This is especially useful for discovering the true attack surface of your organisation.  \nOutput can be generated in multiple formats including CSV, TXT or Nessus file formats. \n\n## Demo\n\u003ca  align=\"center\" href=https://asciinema.org/a/jp9B0IB6BzRAgbH3iNp7cCTpt\u003e\u003cimg src=https://asciinema.org/a/jp9B0IB6BzRAgbH3iNp7cCTpt.png alt=asciicast height=70% width=70%\u003e\u003c/a\u003e\n\n__Click on the thumbnail above to view the demo.__\n\n## Installation\n* Tested with Python 3.10.8.\n\n### Linux / Mac OS\n* Install Python dependencies.\n```bash\n$ python3.10 -m pip install -r requirements.txt\n```\n\n## Simple Usage Example\n```bash\n$ python3.10 hosthunter.py \u003ctargets.txt\u003e\n```\n\n```bash\n$ cat vhosts.csv\n```\n\n## More Examples\nHostHunter Help Page\n```bash\n$ python3.10 ./hosthunter.py -h\nusage: hosthunter.py [-h] [-f FORMAT] [-o OUTPUT] [-t TARGET] [-g GRAB] [-v] [-V] [-d] [targets]\n\n[?] HostHunter v2.0 - Help Page\n\npositional arguments:\n  targets               Sets the path of the target IPs file.\n\noptions:\n  -h, --help            show this help message and exit\n  -f FORMAT, --format FORMAT\n                        Choose between .CSV and .TXT output file formats.\n  -o OUTPUT, --output OUTPUT\n                        Sets the path of the output file.\n  -t TARGET, --target TARGET\n                        Hunt a Single IP.\n  -g GRAB, --grab GRAB  Choose which SSL ports to actively scan. Default ports: 21/tcp, 25/tcp, 443/tcp, 993/tcp, 8443/tcp\n  -v, --verify          Attempts to resolve IP Address\n  -V, --version         Displays the current version.\n  -d, --debug           Displays additional output and debugging information.\n\nAuthor: Andreas Georgiou (@superhedgy)\n```                        \n\nRun HostHunter Screen Capture module and output a Nessus file:\n```bash\n$ python3.10 hosthunter.py \u003ctargets.txt\u003e --nessus -o hosts.csv\n```\nDisplay Results\n```bash\n$ cat hosts.csv\n```\nView Screenshots\n```bash\n$ open ./screen_captures/\n```\n\n## Features\n- [x] Works with Python3.10  \n- [x] Extracts information from SSL/TLS certificates.  \n- [x] Supports Free HackerTarget API requests.  \n- [x] Takes Screenshots of the target applications.  \n- [x] Validates the targets IPv4 address.  \n- [x] Supports .txt and .csv output file formats  \n- [x] Gathers information from HTTP headers.\n- [x] Verifies Internet access.\n- [x] Retrieves hostname values from services at 21/tcp, 25/tcp, 80/tcp and 443/tcp ports.\n- [x] Supports Nessus target format output.  \n- [x] Improve output (IPs, HostNames, FQDNs)  \n- [X] Actively pull SSL certificates from other TCP ports  \n- [X] Select with SSL ports to target\n- [X] Verify discovered hostnames against target IPs\n- [x] Support for IPv6   \n\n## Coming Next\n- [ ] Pause and Resume Execution   \n- [ ] Support for a Premium HackerTarget API key   \n- [ ] Gather information from additional APIs  \n\n## Notes\n* Free APIs throttle the amount of requests per day per source IP address.\n\n## License\nThis project is licensed under the MIT License.\n\n## Authors\n* **Andreas Georgiou** - follow me on twitter - [@superhedgy](https://twitter.com/superhedgy)\n\n## Contribute\nFeel free to create a Pull Request if you have any ideas or features you would like to add. Otherwise reach me out on twitter @superhedgy.\n\n## StarGazers\nThank you for all the support \u0026 feedback!\n[![Stargazers over time](https://starchart.cc/SpiderLabs/HostHunter.svg)](https://starchart.cc/SpiderLabs/HostHunter)\n","funding_links":[],"categories":["Python","Weapons","Python (1887)","bugbounty","[](#table-of-contents) Table of contents","Open Sources Intelligence (OSINT)"],"sub_categories":["Tools","[](#domainip-investigation)Domain/IP investigation","OSINT Online Resources"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSpiderLabs%2FHostHunter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSpiderLabs%2FHostHunter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSpiderLabs%2FHostHunter/lists"}