Skip to content
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Python Dockerfile
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
output Added Dockerfile and docker-compose to allow container usage Jan 31, 2019
.gitignore ignore output dir Jan 3, 2020
Dockerfile add clone stats Jan 3, 2020 add function to check license key validity Jan 3, 2020 add key placeholder Jan 3, 2020
docker-compose.yml Added Dockerfile and docker-compose to allow container usage Jan 31, 2019
requirements.txt update version Nov 29, 2018

                            ____ ____ _  _ _    ____ ____ _  _ _  _ ___
                            |__| [__  |\ | |    |  | |  | |_/  |  | |__]
                            |  | ___] | \| |___ |__| |__| | \_ |__| |

                                     Author: Yassine Aboukir


An autonomous system number (ASN) is a unique number assigned to an autonomous system (AS) by the Internet Assigned Numbers Authority (IANA). An AS consists of blocks of IP addresses which have a distinctly defined policy for accessing external networks and are administered by a single organization

This tool will search an updated database for a specific organization's ASN then use the latter to look up all IP addresses (IPv4 and IPv6) registered and owned by the organization.

As of Jan 3rd, 2020.

A web application version of this tool which was built with Flask is live on


This script should be used during reconnaissance phase to identify properties owned by the company, and run a port scan on it to identify open ports and publicly exposed services.


  • Tested on Python >= 2.7 and Python 3.5. Execute the following:
$ git clone && cd Asnlookup
$ pip install -r requirements.txt (or pip3 install -r requirements.txt if you're using Python3)
  • Sign up for a free account on Maxmind:
  • Sign in and browse to > My License Key > Generate new license key > Check No for Will this key be used for GeoIP Update?.
  • Open with a text editor, and replace key_here placeholder with the license key you generated.

To use, execute:

$ python -o <Organization>`

Port Scanning

The tool exports the list of IP addresses as a text file which you can use with other tools such as Masscan. On the other hand, the tool supports Nmap and Masscan port scanning but it requires you to already have both installed on your machine. How to?

  • For Nmap:
- On CentOS

yum install nmap

- On Debian

apt-get install nmap

- On Ubuntu

sudo apt-get install nmap

- Mac OS

brew install nmap

Please refer to

To scan the IP addresses, append to the command -m arugment for Masscan or -n for Nmap:

$ python -m -o <Organization>

You can also pass your own Nmap/Masscan arguments (Default for nmap: -p 1-65535 -T4 -A -v; default for Masscan: -p0-65535 --rate 200).

$ python -m="<Masscan arguments>" -o <Organization>

Example using Nmap with custom arguments:

$ python -n="--top-ports 65535" -o twitter

It will export the result to a text file in the output directory (E.g: ./output/salesforce.txt) then run Nmap.


For smaller organizations the ASN will usually be that of their ISP whereas the hostname might not. One example of this is, a GitHub IP address. The ASN is AS27357 (Rackspace Hosting), but the hostname is


If you appreciate my work and wish to support it, feel free to:

You can’t perform that action at this time.