Asnip retrieves all IPs of a target organization—used for attack surface mapping in reconnaissance phases.
It uses the IP or domain name and looks up the Autonomous System Number (ASN), retrieves the Classless Inter-Domain Routing (CIDR) subnet masks and converts them to IPs.
IP / Domain → ASN → CIDRs → IPs
Please note that this technique only makes sense if the target has its own ASN. It is also advised to not perform tests on IP ranges that belong to multiple entities.
go get github.com/harleo/asnip
This tool requires golang
go get -u github.com/harleo/asnip
Usage: -t string Domain or IP address (Required) -p string Print results to console
$ asnip -t google.com -p [:] ASN: 15169 / GOOGLE - Google LLC, US 184.108.40.206/24 --- snip --- [:] Writing 501 CIDRs to file... [:] Converting to IPs... 220.127.116.11 --- snip --- [:] Writing 14222870 IPs to file...
This tool must use an external API (which is subject to rate limiting) such as HackerTarget to retrieve relevant data. The conversion of CIDRs to IPs will be done locally.
Asnip is work in progress, if you make optimization changes yourself, you are invited to create a pull request or check the GitHub issues page—help is always appreciated.
© 2019 Leonid Hartmann