[![](https://blogger.googleusercontent.com/img/a/AVvXsEjbqMpCBUUuH_Cebb86EAw3o01arD1MdWw1KdtOCRSkwF81E7-nCpouAZZpYj6IJCOF6T5uKeSTVMlN4gsmfXObLsJ37Dk5lk1fiQ0acqK_XK8MTP2ZIJd8sUlgLfrrsLvzuM3ur23Sx8lf_VBCn6XlpifyAzmMjHRnZZN_yRo2bJ62-bKzrk7YsFJ39wMG=s320)]()
# HEDnsExtractor
Raw html [extractor]( “extractor” ) from Hurricane Electric portal
## Features
* Automatically identify IPAddr ou Networks through [command line]( “command line” ) parameter or stdin
* Extract networks based on IPAddr.
* Extract domains from networks.
## Installation
go install -v github.com/HuntDownProject/hednsextractor/cmd/hednsextractor@latest
## Usage
usage -h
Running
Getting the IP Addresses used for hackerone.com, and enumerating only the networks.
nslookup hackerone.com | awk ‘/Address: / {print $2}’ | hednsextractor -silent -only-networks
[INF] [104.16.99.52] 104.16.0.0/12
[INF] [104.16.99.52] 104.16.96.0/20
Getting the IP Addresses used for hackerone.com, and enumerating only the domains (using tail to show the first 10 results).
nslookup hackerone.com | awk ‘/Address: / {print $2}’ | hednsextractor -silent -only-domains | tail -n 10
herllus.com
hezzy.store
hilariostore.com
hiperdrop.com
hippratas.online
hitsstory.com
hobbyshop.site
holyangelstore.com
holzfallerstore.fun
homedescontoo.com
### Running with Virustotal
Edit the config file and add the Virustotal API Key
cat $HOME/.config/hednsextractor/config.yaml
virustotal score #vt: false # minimum virustotal score to show #vt-score: 0 # ip address or network to query #target: # show silent output #silent: false # show verbose output #verbose: false # virustotal api key vt-api-key: Your API [Key]( “Key” ) goes here” dir=”auto”>
# hednsextractor config file
# generated by https://github.com/projectdiscovery/goflags
# show only domains
#only-domains: false
# show only networks
#only-networks: false
# show virustotal score
#vt: false
# minimum virustotal score to show
#vt-score: 0
# ip address or network to query
#target:
# show silent output
#silent: false
# show verbose output
#verbose: false
# virustotal api key
vt-api-key: Your API Key goes here
So, run the `hednsextractor` with `-vt` parameter.
nslookup hackerone.com | awk ‘/Address: / {print $2}’ | hednsextractor -only-domains -vt
And the output will be as below
_______ ______ _ _______ _______ _________ _______ _______ _______ _________ _______ _______
| /|( ____ ( __ ( ( /|( ____ ( ____ | /|__ __/( ____ )( ___ )( ____ \__ __/( ___ )( ____ )
| ) ( || ( /| ( )| ( || ( /| ( /( / ) ) ( | ( )|| ( ) || ( / ) ( | ( ) || ( )|
| (___) || (__ | | ) || | || (_____ | (__ (_) / | | | (____)|| (___) || | | | | | | || (____)|
| ___ || __) | | | || ( ) |(_____ )| __) ) _ ( | | | __)| ___ || | | | | | | || __)
| ( ) || ( | | ) || | | ) || ( / ( ) | | | ( ( | ( ) || | | | | | | || ( (
| ) ( || (____/| (__/ )| ) |/____) || (____/( / ) | | | ) __| ) ( || (____/ | | | (___) || ) __
|/ |(_______/(______/ |/ )_)_______)(_______/|/ | )_( |/ __/|/ |(_______/ )_( (_______)|/ __/
[INF] Current hednsextractor version v1.0.0
[INF] [104.16.0.0/12] domain: ohst.ltd VT Score: 0
[INF] [104.16.0.0/12] domain: jxcraft.net VT Score: 0
[INF] [104.16.0.0/12] domain: teatimegm.com VT Score: 2
[INF] [104.16.0.0/12] domain: debugcheat.com VT Score: 0
**[Download HEDnsExtractor]( “Download HEDnsExtractor” )**Read More
References
Back to Main