Map external attack surface through opensource and paid APIs.
- This is still an active work in progress. Bugs
- Not ready for production
- https://censys.io
- https://api.shodan.io
- https://www.virustotal.com
- https://api.securitytrails.com
- https://crt.sh
- https://dnsdumpster.com
- https://dns.bufferover.run
- https://index.commoncrawl.org
- https://riddler.io
- https://api.certspotter.com
- https://api.hackertarget.com
- https://api.threatminer.org
- https://community.riskiq.com
- https://docs.binaryedge.io
- https://graph.facebook.com
- https://otx.alienvault.com
- https://rapiddns.io
- https://spyse.com
- https://urlscan.io
- https://www.dnsdb.info
- https://www.virustotal.com
- https://threatcrowd.org
- https://web.archive.org
- Elasticsearch
- CSV
- JSON
- Splunk
- Postgres
- Mongo
- Common Port Scan
- Slack Notifications
- API Keys * Security Trails / Censys / Shodan / Virus Total
- go get github.com/redmap
- cp config/config.json.example config.json
- ./redmap -domain example.com
- ./redmap -domain example.com -scan