Domain-scanner NPM

Installation

$ npm install domain-scanner

Usage

The usage is simple, just pass to the scanner the domain you want to scan and some options, than wait for the response:

const domainScanner = require('domain-scanner');

const options = {
  deep: false,
  sections: [],
  exclude: [],
  keys: {
    hunterio: '<api-key>',
    google: '<api-key>',
    virustotal: '<api-key>'
  }
};

domainScanner('codekraft.it', options, (err, results) => {
  console.log(results);
});

Options

sections

An array with the names of the sections you want to scan, leave empty to scan all sections. Available sections are:

details: Will perform some system based evaluations against the domain.
emails: Will scan the domain looking for known emails with node-emailhunter
breaches: Will check the HaveIBeenPwned database against the domain
certificate: SSL Certificate test and verification using node-ssllabs talking with SSL Labs API
robots: Will scan the domain robots.txt file with robots-parse
subdomains: Will enumerate all hostname subdomains using subquest
threats: Will scan the domain using Google Safe Browsing API looking for known threats
virustotal: Will scan the domain using Virus Total APIv2 on domain/report endpoint
tld: Will scan all the other root TLDs possibilities for a given domain
typosquotting: Perform various typosquotting techniques and collect results
archived: Lookup the site using Wayback Machine API looking for archived pages
ctl: Find subdomains by abusing Certificate Transparency logs
tags: Will scan the domain's tracking code footprint with tag-recon to discover connections with other affiliated websites

const options = {
  sections: [
    'details',
    'emails',
    'breaches',
    'certificate',
    'robots',
    'subdomains',
    'threats',
    'virustotal',
    'tld',
    'typosquotting',
    'archived',
    'ctl',
    'tags'
  ]
};

exclude

An array of sections to exclude from the tasks of the scanner:

const options = {
  exclude: ['emails']
};

keys

An object with the API keys for the services involved in the scan. For example to use Hunter.io API:

const options = {
  keys: {
    hunterio: '<api-key>',
    google: '<api-key>',
    virustotal: '<api-key>',
    spyonweb: '<api-key>'
  }
};

Possible keys for now: hunterio, google, virustotal, spyonweb

deep

Perform additional tasks for the gathered results. For example test resulting emails with node-pwned for breaches, or testing nested domain details informations.