zPrototype/crtsh.py

## crtsh.py
#!/usr/bin/python3

import requests
import argparse
import re
from rich.console import Console

CONSOLE = Console()

parser = argparse.ArgumentParser()
group = parser.add_mutually_exclusive_group(required=True)
group.add_argument("-d", "--domain", help="The target domain i.e. tesla.com")
group.add_argument("-f", "--file", help="A file containing domains separated by line breaks")
args = parser.parse_args()

BASE_URL = "https://crt.sh/?q="
USER_AGENT = {"User-Agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0"}


def process_input():
    if args.file:
        with open(args.file, "r") as handle:
            domains = handle.readlines()
        domains = list(map(lambda d: d.strip(), domains))
    else:
        domains = [args.domain]
    return domains


def make_request(domain):
    url = BASE_URL + domain.strip()
    response = requests.get(url, headers=USER_AGENT)
    if not response.status_code == 200:
        CONSOLE.print("[bold red] Something went wrong! Aborting...")
        exit(1)
    return response.text


def parse_output(output, domain):
    subdomain_regex = re.compile(f"[\w].*{domain}")
    spaces_regex = re.compile("(.*[\ ].*)")
    result = re.findall(subdomain_regex, output.replace("TD>", "").replace("<BR>", "\n").replace("TD ", ""))
    result = [re.sub(spaces_regex, "", x) for x in set(result)]
    result = [elem for elem in result if elem.strip() != ""]
    return result


def main():
    domains = process_input()
    for domain in domains:
        output = make_request(domain)
        results = parse_output(output, domain)
        with open(f"{domain}.txt", "w") as handle:
            handle.write("\n".join(results))
        CONSOLE.print(f"[bold green][+] Found {len(results)} unique subdomains for {domain}!\n")
        CONSOLE.print(f"[bold]Results written to {domain}.txt!\n")


if __name__ == "__main__":
    main()
	#!/usr/bin/python3

	import requests
	import argparse
	import re
	from rich.console import Console

	CONSOLE = Console()

	parser = argparse.ArgumentParser()
	group = parser.add_mutually_exclusive_group(required=True)
	group.add_argument("-d", "--domain", help="The target domain i.e. tesla.com")
	group.add_argument("-f", "--file", help="A file containing domains separated by line breaks")
	args = parser.parse_args()

	BASE_URL = "https://crt.sh/?q="
	USER_AGENT = {"User-Agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0"}


	def process_input():
	if args.file:
	with open(args.file, "r") as handle:
	domains = handle.readlines()
	domains = list(map(lambda d: d.strip(), domains))
	else:
	domains = [args.domain]
	return domains


	def make_request(domain):
	url = BASE_URL + domain.strip()
	response = requests.get(url, headers=USER_AGENT)
	if not response.status_code == 200:
	CONSOLE.print("[bold red] Something went wrong! Aborting...")
	exit(1)
	return response.text


	def parse_output(output, domain):
	subdomain_regex = re.compile(f"[\w].*{domain}")
	spaces_regex = re.compile("(.[\ ].)")
	result = re.findall(subdomain_regex, output.replace("TD>", "").replace("<BR>", "\n").replace("TD ", ""))
	result = [re.sub(spaces_regex, "", x) for x in set(result)]
	result = [elem for elem in result if elem.strip() != ""]
	return result


	def main():
	domains = process_input()
	for domain in domains:
	output = make_request(domain)
	results = parse_output(output, domain)
	with open(f"{domain}.txt", "w") as handle:
	handle.write("\n".join(results))
	CONSOLE.print(f"[bold green][+] Found {len(results)} unique subdomains for {domain}!\n")
	CONSOLE.print(f"[bold]Results written to {domain}.txt!\n")


	if __name__ == "__main__":
	main()