ARTICLE hostmap v0.2 - hostname discovery tool

Friday 18 December 2009 - 762 read - ( Keywords : Enumeration , hostmap , Network Discovery )

hostmap is a free, automatic, hostnames and virtual hosts discovery tool written in Ruby, licensed under GNU General Public License version 3 (GPLv3). It’s goal is to enumerate all hostnames and configured virtual hosts on an IP address. The primary users of hostmap are professionals performing vulnerability assessments and penetration tests.

hostmap helps you using several techniques to enumerate all the hostnames associated with an IP address.

The major features are:

  • DNS names and virtual hosts enumeration
  • Multiple discovery techniques, to read more see documentation.
  • Results correlation, aggregation and normalization
  • Multithreaded and event based engine
  • Platform independent

Version 0.2

  • Fully refactored and rewritten in Ruby.
  • Removed whois.webhosting.info check due to captcha authentication.
  • Removed domainsdb.net check because the website is down.
  • Fixed brute forcing of DNS names with multiple A records.
  • User requested interrupt (CTRL+C) now is handled.
  • Added Rakefile to automatize task. For example readme and API documentation rebuilding.
  • Changed info gathering plugin architecture. Now using PlugMan library.
  • Added some host names to brute forcing dictionaries.
  • Added parsing of alternate subject (subjectAltName) from X.509 certificates.
  • Added info gathering plugin using dnshistory.org.

More Information: here


POSTSCRIPTUM

Download hostmap v0.2


COMPLIANCE MANDATES

Network Discovery : PCI DSS 11.2, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5


RELATED ARTICLES

Enumeration, hostmap, Network Discovery,

29 December 2009 : hostmap v0.2.1 released
18 December 2009 : hostmap v0.2 - hostname discovery tool