def test_get_san_failed(self):
"""Test if get_san() exits correctly with non-existant domain."""
captured_text = io.StringIO()
sys.stdout = captured_text
with self.assertRaises(Exception):
get_san(hostname='123oaenf.comasd', port=443)
sys.stdout = sys.__stdout__
def test_get_san_crt_sh_integration(self):
"""Test if get_san() returns domains from crt.sh."""
subdomain_set = get_san(hostname=self.hostname,
port=self.port,
crt_sh=True,
match=True)
self.assertIsInstance(subdomain_set, set)
self.assertTrue(len(subdomain_set) > 100)
def main():
"""Command Line Interface."""
# starting Colorama
init()
# CLI argumentation
parser = argparse.ArgumentParser(
formatter_class=lambda
prog: argparse.HelpFormatter(prog, max_help_position=100),
usage=banner_usage)
parser.add_argument('hostname', type=str,
help='Host or Nmap XML to analyze.')
parser.add_argument('-p', '--port', type=int,
default=443, help='Destiny port (default 443)')
parser.add_argument('-s', '--search-crt', metavar='timeout',
help='Retrieve subdomains found in crt.sh',
nargs='?', type=int, const=5)
parser.add_argument('-m', '--match-domain',
help='Matching domain names only', action='store_true')
parser.add_argument('-q', '--quiet', help='Supress output.',
action='store_true')
parser.add_argument('-o', '--output', type=str,
help='Set output filename')
parser.add_argument('-f', '--format', type=str,
help='Set output format', choices=['json', 'text'])
parser.add_argument('-c', '--clipboard',
help='Copy the output to the clipboard as a List \
or a Single string', choices=['l', 's'])
parser.add_argument('-d', '--debug',
help='Set debug enable', action='store_true')
parser.add_argument('-V', '--version', action='version',
help='Print version information.', version=version)
args = parser.parse_args()
"""
if GSAN detects the 'hostname' is actually a file, then it assumes
that it's an NMAP XML output and try to parse it. If it's not a file,
then it asummes that it is actually a hostname.
"""
if not isfile(args.hostname):
sans = get_san(
hostname=args.hostname,
port=args.port,
xml_parse=False,
crt_sh=args.search_crt,
match=args.match_domain
)
report_single(sans, args.hostname, args.format, args.quiet)
if args.clipboard:
clipboard_output(sans, args.clipboard)
if args.output:
output(sans, args.hostname, args.format, args.output)
else:
print(colored('[*] Scanning hosts from Nmap XML output\n', 'yellow'))
hosts = parse_nmap(args.hostname)
# if no hosts are found in XML then exits
if not any(hosts):
message = f'No hosts found in {args.hostname}'
print(colored(message, 'white', 'on_red'))
print(('Use -sV (service scan) flag in '
'Nmap to detect https services.'))
exit()
full_report = []
domains = []
if not args.format == 'json':
for host, ports in tqdm(hosts.items()):
for port in ports:
sans = get_san(host, port, xml_parse=True)
for san in sans:
domains.append(san)
report = collect_report(sans, host, port)
full_report.append(report)
for report in full_report:
if report is not False:
if not args.quiet:
print(report)
if args.output:
output(domains, 'host', 'text', args.output)
else:
domains = {}
for host, ports in tqdm(hosts.items()):
for port in ports:
sans = get_san(host, port, xml_parse=True)
count = len(sans)
domains[host] = {'count': count, 'subdomains': list(sans)}
json_report = json.dumps(domains, indent=2, sort_keys=True)
if not args.quiet:
print(json_report)
if args.output:
nmap_output(json_report, args.output)
def test_get_san_return_empty_list(self):
"""Returns empty list if host from Nmap XML returned no SAN's."""
subdomain_set = get_san(hostname='123oaenf.comasd',
port=self.port,
xml_parse=True)
self.assertIsInstance(subdomain_set, list)
def setUp(self):
"""Set up default values for tests."""
self.hostname = 'starbucks.com'
self.port = 443
self.subdomain_set = get_san(self.hostname, self.port)
self.example_xml = 'gsan/tests/test_nmap.xml'
