Asnip
Asnip retrieves all IPs of a target organization—used for attack surface mapping in reconnaissance phases.
It uses the IP or domain name and looks up the Autonomous System Number (ASN), retrieves the Classless Inter-Domain Routing (CIDR) subnet masks and converts them to IPs.
IP / Domain → ASN → CIDRs → IPs
Please note that this technique only makes sense if the target has its own ASN. It is also advised to not perform tests on IP ranges that you do not have permission to.
Installation
go get -v github.com/harleo/asnip
This tool requires golang
Update
go get -u github.com/harleo/asnip
Options
Usage:
-t string
Domain or IP address (Required)
-p string
Print results to console
Example
$ asnip -t google.com -p
[?] ASN: "15169" ORG: "GOOGLE, US"
8.8.4.0/24
--- snip ---
[:] Writing 616 CIDRs to file...
[:] Converting to IPs...
8.8.8.1
--- snip ---
[:] Writing 14725936 IPs to file...
[!] Done.
Disclaimer
This tool must use an external API (which is subject to rate limiting) courtesy of HackerTarget to retrieve relevant data. The conversion of CIDRs to IPs will be done locally.
Asnip is work in progress, if you make optimization changes yourself, you are invited to create a pull request or check the GitHub issues page—help is always appreciated.
© github.com/harleo