├── README.md
└── ip2hosts.sh


/README.md:
--------------------------------------------------------------------------------
1 | # ip2hosts
2 | 
3 | Dirty bash script that given an IP obtains hosts from Robtex, Virustotal, dig -x, nmap ssl-cert script, the first 10 Bing pages, hackertarget, threatcrowd, yougetsignal, viewdns and pagesinventory
4 | 
5 | 
6 | Usage: ./ip2hosts.sh [ip]
7 | 


--------------------------------------------------------------------------------
/ip2hosts.sh:
--------------------------------------------------------------------------------
 1 | if [ "$#" -ne 1 ]; then
 2 |     echo "ip2hosts <ip>"
 3 | 	exit 1
 4 | fi
 5 | 
 6 | ip2hosts() { 
 7 | 
 8 | 	rm /tmp/domains.txt 2>/dev/null
 9 | 	curl -ks https://freeapi.robtex.com/ipquery/$1 | grep -Po "(?<=\"o\":).*?(?=,)" | sed 's/\"//g' >> /tmp/domains.txt
10 | 	curl -s -A "Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0" "https://api.hackertarget.com/reverseiplookup/?q=$1" >> /tmp/domains.txt
11 |         echo "" >> /tmp/domains.txt
12 | 	curl "http://www.virustotal.com/vtapi/v2/ip-address/report?ip=$1&apikey=3c052e9a7339f3a73f00bd67baea747e47f59ee6c1596e59590fd953d00ce519" -s | grep -Po "(?<=hostname\": \").*?(?=\")" >> /tmp/domains.txt
13 | 	dig +short -x $1 2>&1 | grep -v "connection timed out" >> /tmp/domains.txt
14 | 	curl -ks "https://www.bing.com/search?q=ip%3a$1" | grep -Po "(?<=<a href=\").*?(?= h=)" | grep -Po "(?<=://).*?(?=/)" | egrep -v "microsoft|bing|pointdecontact" >> /tmp/domains.txt
15 | 	nmap -p443 -Pn --script ssl-cert $1 | grep Subject | grep -Po "(?<=commonName=).*?(?=/)" | tr '[:upper:]' '[:lower:]' >> /tmp/domains.txt
16 | 	sed -i 's/\.$//g' /tmp/domains.txt
17 | 	curl -X POST -F "remoteAddress=$1"  http://domains.yougetsignal.com/domains.php -s | /usr/bin/perl -p | grep -Poz "(?s)\[.*\]" | cat -v | grep -Po "(?<=\").+(?=\")" >> /tmp/domains.txt
18 | 	#curl -i -s -k  -X 'POST' -F "theinput=$1" -F "thetest=reverseiplookup" -F "name_of_nonce_field=23gk"    'https://hackertarget.com/reverse-ip-lookup/' | grep -Poz "(?s)(?<=<pre id=\"formResponse\">).*?(?=</pre>)" | grep -Piva "no records" | grep -Pa \w>> /tmp/domains.txt
19 | 	curl -m 3 -ks "https://www.threatcrowd.org/graphHtml.php?ip=$1" | grep -Po "(?<=id: ').*?(?=')" | grep -v  ^[0-9] | grep -v @ >> /tmp/domains.txt
20 | 	curl -s -m 3  "https://www.pagesinventory.com/ip/$1" | grep -Po "(?<=<a href=\"/domain/).*?(?=\.html)" >> /tmp/domains.txt
21 | 	curl -m 3 -A "Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0" -ks "https://securitytrails.com/list/ip/$1" | grep -Po "(?<=/dns\">).*?(?=</a>)" >> /tmp/domains.txt
22 | 	sort -u /tmp/domains.txt
23 | 
24 | 
25 | 
26 |  }
27 | 
28 | 
29 | ip2hosts $1
30 | 


--------------------------------------------------------------------------------