https://github.com/vulnpire/sxtract
Fetch IP addresses from Shodan search results.
https://github.com/vulnpire/sxtract
cve-hunt origin-ip recon red-team shodan waf-bypass
Last synced: 3 months ago
JSON representation
Fetch IP addresses from Shodan search results.
- Host: GitHub
- URL: https://github.com/vulnpire/sxtract
- Owner: Vulnpire
- Created: 2024-08-01T07:49:53.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2024-10-15T14:05:13.000Z (8 months ago)
- Last Synced: 2024-10-26T21:45:02.180Z (8 months ago)
- Topics: cve-hunt, origin-ip, recon, red-team, shodan, waf-bypass
- Language: Go
- Homepage:
- Size: 43 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# shodanXtract
is a command-line tool written in Go that fetches IP addresses from Shodan based on various inputs such as IP ranges, domains, and custom query strings. The tool allows users to pipe input from text files and retrieve relevant IP addresses from Shodan's search results.
## Features
- Fetch IP addresses from IP ranges
- Fetch IP addresses associated with domains
- Fetch IP addresses based on custom query strings
- Fetch IP addresses from favicon hashes with HTTP status codes.## Install
`go install -v github.com/Vulnpire/sXtract@latest`
## Usage
The tool supports three main flags to specify the type of input:
-ir : Fetch IP addresses from IP ranges.
-ip : Fetch IP addresses associated with domains.
-hs : Fetch IP addresses based on favicon hashes.
-q : Fetch IP addresses based on custom query strings (can be used with -hs and -ir).## Fetching IPs from IP ranges
Provide a text file with IP ranges, one per line, and use the -ir flag:
`cat ipranges.txt | sXtract -ir -q "port:(21 OR 1337 OR 10001)`
## Fetching IPs from domains
Provide a text file with domain names, one per line, and use the -ip flag:
`cat domains.txt | sXtract -ip`
## Fetching IPs from favicon hashes
Provide a text file with favicon hashes, one per line, and use the -hs flag. You can also specify an HTTP status code using the -q flag:
`cat hashes.txt | sXtract -hs -q "200 OK"`
## Fetching IPs from a CVE query strings
Provide a text file with custom query strings, one per line, and use the -q flag:
`cat queries.txt | sXtract -ip -q `
## Port scan using Shodan
```
cat << EOF > wildcards.txt
> spotify.com
> EOF
````cat wildcards.txt | sXtract -ip | anew ips.txt && for i in $(cat ips.txt);do shodan host $i;done`
