bing-ip2hosts v0.2 released - Enumerate hostnames from Bing
Bing.com is a search engine owned by Microsoft formerly known as MSN Search and Live Search. It has a unique feature to search for websites hosted on a specific IP address. This feature is can be used with the IP: parameter in the search query as shown in the image above.
Bing-ip2hosts uses this feature to enumerate all hostnames which Bing has indexed for a specific IP address. This technique is considered best practice during the reconnaissance phase of a penetration test in order to discover a larger potential attack surface.
Bing-ip2hosts is written in the Bash scripting language for Linux. This uses the mobile interface and no API key is required.
Version 0.2
- You can enter a hostname not just an IP, eg. bing-ip2hosts foo.com
- Uses /tmp instead of the current path for creating temporary files
- Optional CSV output. Outputs the IP and hostname on each line, separated by a comma.
- Optionally prefix hostnames with http:// so they can be right-clicked in the shell
Usage
Usage: ./bing-ip2hosts [OPTIONS] <IP|hostname>
OPTIONS are:
-n Turn off the progress indicator animation
-t <DIR> Use this directory instead of /tmp. The directory must exist.
-i Optional CSV output. Outputs the IP and hostname on each line, separated by a comma.
-p Optional http:// prefix output. Useful for right-clicking in the shell.
More information: here
Thanks to our friend, Andrew Horton (aka urbanadventurer), from MorningStar Security.
Post scriptum
Related Articles
Bing-ip2hosts |
|
Enumeration |
|
Information Gathering |
|