Documentation
¶
Overview ¶
Package runner implements the mechanism to drive the subdomain enumeration process
Index ¶
- Constants
- Variables
- func GetConfigDirectory() (string, error)
- type Options
- type OutPutter
- func (o *OutPutter) WriteHost(results map[string]resolve.HostEntry, writer io.Writer) error
- func (o *OutPutter) WriteHostIP(results map[string]resolve.Result, writer io.Writer) error
- func (o *OutPutter) WriteHostNoWildcard(results map[string]resolve.Result, writer io.Writer) error
- func (o *OutPutter) WriteSourceHost(sourceMap map[string]map[string]struct{}, writer io.Writer) error
- type Providers
- type Runner
- func (r *Runner) EnumerateMultipleDomains(ctx context.Context, reader io.Reader, outputs []io.Writer) error
- func (r *Runner) EnumerateSingleDomain(ctx context.Context, domain string, outputs []io.Writer) (error, map[string]resolve.HostEntry)
- func (r *Runner) RunEnumeration(ctx context.Context) error
Constants ¶
View Source
const MultipleKeyPartsLength = 2
MultipleKeyPartsLength is the max length for multiple keys
View Source
const Version = `v0.0.3`
Version is the current version of Starmap
View Source
const YAMLIndentCharLength = 4
YAMLIndentCharLength number of chars for identation on write YAML to file
Variables ¶
View Source
var (
ErrEmptyInput = errors.New("empty data")
)
Functions ¶
func GetConfigDirectory ¶
GetConfigDirectory gets the subfinder config directory for a user
Types ¶
type Options ¶
type Options struct {
Verbose bool // Verbose flag indicates whether to show verbose output or not
NoColor bool // No-Color disables the colored output
JSON bool // JSON specifies whether to use json for output format or text file
HostIP bool // HostIP specifies whether to write subdomains in host:ip format
Silent bool // Silent suppresses any extra text and only writes subdomains to screen
ListSources bool // ListSources specifies whether to list all available sources
RemoveWildcard bool // RemoveWildcard specifies whether to remove potential wildcard or dead subdomains from the results.
CaptureSources bool // CaptureSources specifies whether to save all sources that returned a specific domains or just the first source
Stdin bool // Stdin specifies whether stdin input was given to the process
Version bool // Version specifies if we should just show version and exit
OnlyRecursive bool // Recursive specifies whether to use only recursive subdomain enumeration sources
// Recrusive contains the list of recursive subdomain enum sources
Recursive goflags.NormalizedStringSlice `yaml:"recursive,omitempty"`
All bool // All specifies whether to use all (slow) sources.
// AllSources contains the list of all sources for enumeration (slow)
AllSources goflags.NormalizedStringSlice `yaml:"all-sources,omitempty"`
Threads int // Thread controls the number of threads to use for active enumerations
Timeout int // Timeout is the seconds to wait for sources to respond
MaxEnumerationTime int // MaxEnumerationTime is the maximum amount of time in mins to wait for enumeration
Domain goflags.NormalizedStringSlice // Domain is the domain to find subdomains for
DomainsFile string // DomainsFile is the file containing list of domains to find subdomains for
Output io.Writer
OutputFile string // Output is the file to write found subdomains to.
OutputDirectory string // OutputDirectory is the directory to write results to in case list of domains is given
// Sources contains a comma-separated list of sources to use for enumeration
Sources goflags.NormalizedStringSlice `yaml:"sources,omitempty"`
// ExcludeSources contains the comma-separated sources to not include in the enumeration process
ExcludeSources goflags.NormalizedStringSlice `yaml:"exclude-sources,omitempty"`
// Resolvers is the comma-separated resolvers to use for enumeration
Resolvers goflags.NormalizedStringSlice `yaml:"resolvers,omitempty"`
ResolverList string // ResolverList is a text file containing list of resolvers to use for enumeration
Config string // Config contains the location of the config file
Proxy string // HTTP proxy
RateLimit int // Maximum number of HTTP requests to send per second
YAMLConfig Providers // YAMLConfig contains the unmarshalled yaml config file
BruteWordlist string // BruteWordlist is path to a different wordlist file for brute forcing
LevelDic string // LevelDic is path to a different wordlist file for brute forcing
Level int // Level Number of blasting subdomain layers
Brute bool // Use DNS brute forcing subdomain
Number int // Number of DNS forced subdomains
Verify bool // Verify is DNS authentication
DNS string // DNS server
Takeover bool // subdomain takeover
SAll bool // Request to test each URL (by default, only the URL matching CNAME is requested to test).
}
func ParseOptions ¶
func ParseOptions() *Options
ParseOptions parses the command line flags provided by a user
type OutPutter ¶
type OutPutter struct {
JSON bool
}
OutPutter outputs content to writers.
func (*OutPutter) WriteHostIP ¶
WriteHostIP writes the output list of subdomain to an io.Writer
func (*OutPutter) WriteHostNoWildcard ¶
WriteHostNoWildcard writes the output list of subdomain with nW flag to an io.Writer
type Providers ¶
type Providers struct {
// Resolvers contains the list of resolvers to use while resolving
Resolvers []string `yaml:"resolvers,omitempty"`
// Sources contains a list of sources to use for enumeration
Sources []string `yaml:"sources,omitempty"`
// AllSources contains the list of all sources for enumeration (slow)
AllSources []string `yaml:"all-sources,omitempty"`
// Recrusive contains the list of recursive subdomain enum sources
Recursive []string `yaml:"recursive,omitempty"`
// ExcludeSources contains the sources to not include in the enumeration process
ExcludeSources []string `yaml:"exclude-sources,omitempty"`
// API keys for different sources
Bufferover []string `yaml:"bufferover"`
Binaryedge []string `yaml:"binaryedge"`
C99 []string `yaml:"c99"`
Censys []string `yaml:"censys"`
Certspotter []string `yaml:"certspotter"`
Chaos []string `yaml:"chaos"`
Chinaz []string `yaml:"chinaz"`
DNSDB []string `yaml:"dnsdb"`
GitHub []string `yaml:"github"`
IntelX []string `yaml:"intelx"`
PassiveTotal []string `yaml:"passivetotal"`
Robtex []string `yaml:"robtex"`
SecurityTrails []string `yaml:"securitytrails"`
Shodan []string `yaml:"shodan"`
Spyse []string `yaml:"spyse"`
ThreatBook []string `yaml:"threatbook"`
URLScan []string `yaml:"urlscan"`
Virustotal []string `yaml:"virustotal"`
ZoomEye []string `yaml:"zoomeye"`
ZoomEyeApi []string `yaml:"zoomeyeapi"`
Fofa []string `yaml:"fofa"`
FullHunt []string `json:"fullhunt"`
// Version indicates the version of subfinder installed.
Version string `yaml:"Starmap-version"`
}
Providers contains the providers stored in the configuration file
func UnmarshalRead ¶
UnmarshalRead reads the unmarshalled config yaml file from disk
func (*Providers) GetKeys ¶
func (c *Providers) GetKeys() subscraping.Keys
GetKeys gets the API keys from config file and creates a Keys struct We use random selection of api keys from the list of keys supplied. Keys that require 2 options are separated by colon (:).
func (*Providers) MarshalWrite ¶
MarshalWrite writes the marshaled yaml config to disk
func (*Providers) UnmarshalFrom ¶
MarshalTo writes the marshaled yaml config to disk
type Runner ¶
type Runner struct {
// contains filtered or unexported fields
}
Runner is an instance of the subdomain enumeration client used to orchestrate the whole process.
func NewRunner ¶
NewRunner creates a new runner struct instance by parsing the configuration options, configuring sources, reading lists and setting up loggers, etc.
func (*Runner) EnumerateMultipleDomains ¶
func (r *Runner) EnumerateMultipleDomains(ctx context.Context, reader io.Reader, outputs []io.Writer) error
EnumerateMultipleDomains enumerates subdomains for multiple domains We keep enumerating subdomains for a given domain until we reach an error
Source Files
Click to show internal directories.
Click to hide internal directories.