In this article i’m gonna show you how to create a information gathering tool using python with the help of APIs. So let’s get started.

What is an API?

In simple words an Application Programming Interface (API) is a program which allows two applications to communicate with each other. To create this tool we are using the APIs provided by the website Hacker Target. By the way we are using the free API access in this tutorial. Therefore we have a rate limit that amounts to a maximum of 3 requests per second from a single IP address.  You can remove these limits with a full membership.

Information Gathering

Information gathering a.k.a reconnaissance is the process of collecting information related to a specific target in order to learn about that specific target. Reconnaissance is the first phase in hacking.

Let’s Start…

So in this tool we are going to include the following sub tools.

  • Whois Lookup
  • Traceroute
  • DNS Lookup
  • Reverse DNS Lookup
  • GeoIP Lookup
  • Port Scan
  • URL Extractor
  • HTTP Header Check

Also Read: Cracking the Pattern Lock Protection

First of all let’s create a function to check the availability of API server. We can do this easily by checking the status code of the http request.

def check_status():
    print("\t [#] Checking the availability of API server...")
    request = requests.get("https://hackertarget.com")
    http = request.status_code
    if http == 200:
        print("\t [#] API Server is Online")
    else:
        print("\t [!] Oops Error occured, Server offline")
        exit()

Using the API

Hackers target API output is basic text. The target system IP address or host name can be added to the q= parameter. For example,

curl https://api.hackertarget.com/dnslookup/?q=tutorialsoverflow.com
Whois Lookup

First of all we need to ask for the domain name of the website from the user.

x = input("Enter IP or Domain for lookup:- ")

When user insert the domain name we can append that to the q= parameter in the API.

result = requests.get("https://api.hackertarget.com/whois/?q=" + x).content.decode("UTF-8")
print(result)
Traceroute

Same as above first we need to ask for the domain name of the website from the user.

x = input("Enter IP or Domain for lookup:- ")

Then we can append it with the q= parameter in the API.

result = requests.get("https://api.hackertarget.com/mtr/?q=" + x)
print(result)

In the same way we can complete the remaining 6 tools. Next we need to create a main function to include all of these 8 tools and inside the function we need to if and else statements so that the user can select any tool that he want. You can get the complete code by visiting the below link.

See you from the next tutorial.


0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *