{"id":13633334,"url":"https://github.com/hakluke/haktrails","last_synced_at":"2025-04-04T19:15:01.970Z","repository":{"id":39613196,"uuid":"346959038","full_name":"hakluke/haktrails","owner":"hakluke","description":"Golang client for querying SecurityTrails API data","archived":false,"fork":false,"pushed_at":"2023-09-05T08:23:52.000Z","size":6539,"stargazers_count":545,"open_issues_count":1,"forks_count":61,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-03-28T18:16:35.246Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hakluke.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"securitytrails-banner.jpg","support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2021-03-12T06:03:35.000Z","updated_at":"2025-03-24T05:34:10.000Z","dependencies_parsed_at":"2024-01-15T03:59:35.535Z","dependency_job_id":"3d16d4cf-8aed-4f36-8774-3877bb4a0731","html_url":"https://github.com/hakluke/haktrails","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakluke%2Fhaktrails","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakluke%2Fhaktrails/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakluke%2Fhaktrails/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakluke%2Fhaktrails/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hakluke","download_url":"https://codeload.github.com/hakluke/haktrails/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247234923,"owners_count":20905854,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T23:00:33.770Z","updated_at":"2025-04-04T19:15:01.940Z","avatar_url":"https://github.com/hakluke.png","language":"Go","readme":"# haktrails\n\nhaktrails is a Golang client for querying SecurityTrails API data, sponsored by SecurityTrails.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg height=\"300\" src=\"./haktrails.png\"\u003e\n\u003c/p\u003e\n\n## Tool Features\n\n- stdin input for easy tool chaining\n- subdomain discovery\n- associated root domain discovery\n- associated IP discovery\n- historical DNS data\n- historical whois data\n- [DSL queries](https://docs.securitytrails.com/docs/how-to-use-the-dsl) (currently a prototype)\n- company discovery (discover the owner of a domain)\n- whois (returns json whois data for a given domain)\n- ping (check that your current SecurityTrails configuration/key is working)\n- usage (check your current SecurityTrails usage)\n- \"json\" or \"list\" output options for easy tool chaining\n- \"ZSH \u0026 Bash autocompletion\"\n\n## Installation\n\nYou will need a SecurityTrails API key to use this tool. If you're using it for bug bounties, I'd recommend checking out the [bug bounty hunter's toolkit](http://securitytrails.com/bug-bounty-hunters-toolkit?referral_code=LLDAK0F80M) if you're a bug bounty hunter. It provides access to the majority of data that you will need for a good price. See the details below.\n\n\u003ca href=\"http://securitytrails.com/bug-bounty-hunters-toolkit?referral_code=LLDAK0F80M\"\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"./securitytrails-banner.jpg\"\u003e\n\u003c/p\u003e\n\u003c/a\u003e\n\nOnce you have an API key, install golang, then:\n\n```\n#Go version \u003e 1.17\ngo install -v github.com/hakluke/haktrails@latest\n~/go/bin/haktrails\n\n# Go version \u003c 1.17\n# https://golang.org/doc/go-get-install-deprecation\n\ngo get github.com/hakluke/haktrails\n~/go/bin/haktrails\n```\n\nI'd recommend adding `~/go/bin/` to your `$PATH` if you haven't already, then you can just run `haktrails`. \n\n## Autocompletion (optional)\nZSH and Bash autocompletion is available \nJust add this to your ~/.zshrc or ~/.bashrc \n```\nsource ~/go/src/github.com/hakluke/haktrails/haktrails-completion.zsh\nor\nsource ~/go/src/github.com/hakluke/haktrails/haktrails-completion.bash\n```\nNOTE: If you are using a custom GOPATH location,\nuse it instead of the default one (which is ~/go)\n\n## Usage\n\n### Note\n\n\u003e Note: In these examples, domains.txt is a list of root domains that you wish to gather data on. For example:\n\n```\nhakluke.com\nbugcrowd.com\ntesla.com\nyahoo.com\n```\n\n### Flags\n\n- The *output* type can be specified with `-o json` or `-o list`. List is the default. List is only compatiable with subdomains, associated domains and associated ips. All the other endpoints will return json regardless.\n- The number of threads can be set using `-t \u003cnumber\u003e`. This will determine how many domains can be processed at the same time. It's worth noting that the API has rate-limiting, so setting a really high thread count here will actually slow you down.\n- The config file location can be set with `-c \u003cfile path\u003e`. The default location is `~/.config/haktools/haktrails-config.yml`. A sample config file can be seen below.\n- The lookup type for historical DNS lookups can be set with `-type \u003ctype\u003e`, available options are a,aaaa,mx,txt,ns,soa.\n- The DSL query can be set with `-query \u003cquery\u003e`. See [here](https://docs.securitytrails.com/docs/how-to-use-the-dsl) for more details.\n\n### Config file\n\nYou will need to set up a configuration file with your SecurityTrails key to use this tool. By default, the tool will look for the file in `~/.config/haktools/haktrails-config.yml`. If you wish to put the config file somewhere else, the location must be specified with the `-c` flag.\n\nThe format of the file is very simple, just copy paste this, and replace `\u003cyourkey\u003e` with your SecurityTrails API key:\n\n```\nsecuritytrails:\n  key: \u003cyourkey\u003e\n```\n\n### Warning\n\n\u003e Warning: With this tool, it's very easy to burn through a lot of API credits. For example, if you have 10,000 domains in domains.txt, running `cat domains.txt | haktrails subdomains` will use all 10,000 credits. It's also worth noting that some functions (such as associated domains) will use multiple API requests, for example, `echo \"yahoo.com\" | haktrails associateddomains` would use about 20 API requests, because the data is paginated and yahoo.com has a _lot_ of associated domains.\n\n### Gather subdomains\n\nThis will gather all subdomains of all the domains listed within domains.txt.\n\n```\ncat domains.txt | haktrails subdomains\n```\n\nOf course, a single domain can also be specified like this:\n\n```\necho \"yahoo.com\" | haktrails subdomains\n```\n\n### Gather associated domains\n\n\"Associated domains\" is a loose term, but it is generally just domains that are owned by the same company. This will gather all associated domains for every domain in domains.txt\n\n```\ncat domains.txt | haktrails associateddomains\n```\n\n### Gather associated IPs\n\nAgain, associated IPs is a loose term, but it generally refers to IP addresses that are owned by the same organisation.\n\n```\ncat domains.txt | haktrails associatedips\n```\n\n### Get historical DNS data\n\nReturns historical DNS data for a domain.\n\n```\ncat domains.txt | haktrails historicaldns\n```\n\n### Get historical whois data\n\nReturns historical whois data for a domain.\n\n```\ncat domains.txt | haktrails historicalwhois\n```\n\n### Run a DSL query\n\nRuns a custom SecurityTrails DSL query. See [here](https://docs.securitytrails.com/docs/how-to-use-the-dsl) for more details.\n\n```\nhaktrails dsl -query \u003cquery\u003e\n```\n\n### Get company details\n\nReturns the company that is associated with the provided domain(s).\n\n```\ncat domains.txt | haktrails company\n```\n\n### Get domain details\n\nReturns all details of a domain including DNS records, alexa ranking and last seen time.\n\n```\ncat domains.txt | haktrails details\n```\n\n### Get whois data\n\nReturns whois data in JSON format.\n\n```\ncat domains.txt | haktrails whois\n```\n\n### Get domain tags\n\nReturns \"tags\" of a specific domain.\n\n```\ncat domains.txt | haktrails tags\n```\n\n### Usage\n\nReturns data about API usage on your SecurityTrails account.\n\n```\nhaktrails usage\n```\n\n### Ping\n\nPings SecurityTrails to check if your API key is working properly.\n\n```\nhaktrails ping\n```\n\n### Banner\n\nShows a nice ascii-art banner :)\n\n```\nhaktrails banner\n```\n\n## Not Yet Supported\n\nCurrently, some of the features of the SecurityTrails API are not yet supported. Pull requests are welcome!\n\n- Scroll\n- Domains Search\n- Domains Statistics\n- SSL Certificates (Stream)\n- SSL Certificates (Pages)\n- IP Neighbours\n- IP Statistics\n- IP Whois\n- IP Useragents\n- Domains feed\n- Domains DMARC feed\n- Domains subdomains feed\n- Certificate transparency firehose\n\n## SecurityTrails API Reference\n\nThe full API reference is [here](https://docs.securitytrails.com/reference).\n","funding_links":[],"categories":["Recon","Weapons","Go"],"sub_categories":["Subdomain Enumeration","Tools"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhakluke%2Fhaktrails","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhakluke%2Fhaktrails","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhakluke%2Fhaktrails/lists"}