Check out pasv-agrsv, our new passive recon / OSINT automation script which we recently released on the ISAudits github page:
- Runs passive recon tools specified in config file given a TLD
- Extracts email addresses, IP addresses, and DNS names from tool output using regex
- Queries various OSINT sites specified in config file for TLD and saves result to specified format (default pdf)
- Runs additional recon tools and website queries on IPs and DNS names found from initial TLD analysis
All scan parameters are pulled from config files so multiple configurations can be developed and specified with the -c flag. An example config file (default.example) is included and will be copied into the default path (default.cfg) upon initial launch.
Please feel free to submit bugfixes or additional tools/sites/regex for default config file!
Script tested on Kali Linux as well as OSX and should function on UNIX-based systems with required dependencies.