• 站点信息搜集

    站点信息搜集

    1. whatweb 工具

    kali自带的工具, 命令:

    whatweb httpbin.org

    • 1
    '''
http://httpbin.org [200 OK] 
Country[UNITED STATES][US], Email[me@kennethreitz.org], HTML5, 
HTTPServer[gunicorn/19.9.0], IP[54.161.141.91], JQuery, 
Script[text/javascript], Title[httpbin.org], 
UncommonHeaders[access-control-allow-origin,access-control-allow-credentials]
'''

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7

    2. whois信息

    域名注册网站直接查询相关信息, 比如注册信息:

    万网: https://wanwang.aliyun.com/
Whois: https://www.whois.com

    • 1
    • 2
    Domain Information
Domain:httpbin.org
Registrar:Amazon Registrar, Inc.
Registered On:2011-06-12
Expires On:2025-06-12
Updated On:2022-12-26
Status:clientDeleteProhibited
clientTransferProhibited
clientUpdateProhibited
Name Servers:
ns-1053.awsdns-03.org
ns-1555.awsdns-02.co.uk
ns-173.awsdns-21.com
ns-884.awsdns-46.net

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14

    3. python-whois 库

    from whois import whois
import json
result = whois('httpbin.org')
print(json.loads(str(result)))

    • 1
    • 2
    • 3
    • 4
    {'domain_name': 'httpbin.org', 'registrar': 'Amazon Registrar, Inc.', 
'whois_server': 'whois.registrar.amazon.com', 
'referral_url': None, 
'updated_date': '2022-12-26 23:25:54', 
'creation_date': '2011-06-12 21:57:10', 'expiration_date': '2025-06-12 21:57:10', 
'name_servers': ['ns-1053.awsdns-03.org', 'ns-1555.awsdns-02.co.uk', 'ns-173.awsdns-21.com', 'ns-884.awsdns-46.net', 'NS-1053.AWSDNS-03.ORG', 'NS-1555.AWSDNS-02.CO.UK', 'NS-173.AWSDNS-21.COM', 'NS-884.AWSDNS-46.NET'], 
'status': ['clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited', 'clientTransferProhibited https://icann.org/epp#clientTransferProhibited', 'clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited'], 
'emails': ['abuse@amazonaws.com', 'd3060793-073d-4def-8ad4-2254589e6cae@identity-protect.org'], 
'dnssec': 'unsigned', 
'name': ['REDACTED FOR PRIVACY', 'On behalf of httpbin.org owner'], 
'org': 'Identity Protection Service', 
'address': ['REDACTED FOR PRIVACY', 'PO Box 786'], 
'city': ['REDACTED FOR PRIVACY', 'Hayes'], 
'state': 'Middlesex', 
'registrant_postal_code': ['REDACTED FOR PRIVACY', 'UB3 9TR'], 'country': 'GB'}

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15

    4. nslookup 命令

    该命令win和linux都有, 获取到的ip如果有多个, 可能使用了CDN服务器

    nslookup httpbin.org

    • 1
    服务器:  192.168.1.1
Address:  192.168.1.1

非权威应答:
名称:    httpbin.org
Addresses:  54.85.134.100
          54.161.141.91

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7

    5. fofa 搜索引擎

    探测服务器的地点, 端口, 协议, 组件(收费):

    https://fofa.info/

    • 1

    说明: 点击 IP聚合 可以看到服务器的端口, 下方提供各个端口的访问链接

    6. shodan 搜索引擎

    这是一个功能非常多的搜索引擎, 可以搜索路由器, 摄像头, 打印机, 服务器等各种联网设备.

    https://www.shodan.io/

    • 1
  • 相关阅读:
    window下VS2022封装动态库以及调用动态库
    【Leetcode】664. Strange Printer(配数学证明)
    JMeter接口自动化发包与示例
    【c++刷题Day2】专题3栈与队列&单调栈与单调队列T1
    python中常用的魔术方法总结(二)
    Linux教程
    libVLC 制作一款精美的播放器
    算法篇之(排序)
    每日练习------生成13位条形, Ean-13码规则:第十三位数字是前十二位数字经过计算得到的校验码。
    JAVA向上转型和向下转型
  • 原文地址:https://blog.csdn.net/bua200720411091/article/details/133499051