/fast-flux-scanner.sh
Created Nov 13, 2017
Monitoring and get all the IP's of a Fast Flux domain and scan with nmap
| #!/bin/bash | |
| # cd | |
| # mkdir domain.com | |
| # cd domain.com | |
| # mkdir nmap | |
| # add crontab job every minute: | |
| # * * * * * /home/user/fast-flux-scanner.sh domain.com /home/user/domain.com >/dev/null 2>&1 | |
| domain=$1 | |
| path_job=$2 | |
| cd "$path_job" | |
| hosts=$(host -t A "$domain" | awk '{print $4}') | |
| echo "$hosts" >> hosts_history.txt | |
| hosts_uniq=$(cat hosts_history.txt | sort | uniq) | |
| echo "$hosts_uniq" > hosts_history.txt | |
| while read line; do | |
| ls "nmap/$line" &>/dev/null | |
| if [ $? -eq 0 ] ; then | |
| echo "nmap ok" | |
| else | |
| nohup nmap -v -sT -T4 -Pn -p- -A -oN "nmap/$line" "$line" & | |
| fi | |
| done <<< "$hosts" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment