Python program that mines whois databases for a organisation name/keyword and returns CIDR net-ranges for further investigation.
Currently the program mines:
- whois.arin.net
- whois.ripe.net
- whois.afrinic.net
- whois.apnic.net
Ideal for red-teaming and bug-bounty hunters
$ ./whereis.py example
23.30.98.184/29
76.12.11.152/29
76.12.110.96/29
64.136.255.92/30
Manual check of each CIDR to confirm example keyword is actually returned:
NetRange: 23.30.98.184 - 23.30.98.191
CIDR: 23.30.98.184/29
NetName: IMPORTEXAMPLES
NetRange: 76.12.11.152 - 76.12.11.159
CIDR: 76.12.11.152/29
NetName: EXAMPLEESSAYS
NetRange: 64.136.255.92 - 64.136.255.95
CIDR: 64.136.255.92/30
NetName: CTSC-S3362
NetHandle: NET-64-136-255-92-1
Parent: CTSTELECOM-BLK-1 (NET-64-136-224-0-1)
NetType: Reassigned
OriginAS:
Customer: Digital Example (C06469865)
$ ./whereis.py "private bank"
173.8.132.248/29
12.130.41.144/29
216.47.232.224/28
...
manual check:
NetRange: 173.8.132.248 - 173.8.132.255
CIDR: 173.8.132.248/29
NetName: BORELPRIVATEBANKTRUS