SecurityDragon · March 14, 2019 16:16
diff --git a/gistfile1.txt b/gistfile1.txt
 # ---------------------------------------------                                                                               
 # Proof of Concept Script                                                                                                     
 # H. Sonesson, Atea                                                                                                           
 # 190313                                                                                                                       
 # ---------------------------------------------  

 import os
 import sys
 import time
 import censys.certificates
 import censys.ipv4
 import censys
 from docx import Document
 from docx.shared import Inches

 # Init docx ----
 document = Document()

 def create_documentheader():
    document.add_picture('atea_logo.png', width=Inches(1.25))
    document.add_heading('Atea Open Source Intelligence Report', 1)
    document.add_page_break()

 def create_documentbody():
    p = document.add_paragraph('Identifierade domains:')


 def subdomain_find(domain, censys_id, censys_secret):
    try:
        censys_cert = censys.certificates.CensysCertificates(api_id=censys_id, api_secret=censys_secret)
        cert_query = 'parsed.names: %s' % domain
        cert_search_results = censys_cert.search(cert_query, fields=['parsed.names'])

        subdomains = []  # List of subdomains
        for s in cert_search_results:
            subdomains.extend(s['parsed.names'])

        return set(subdomains)  # removes duplicate values
    except censys.base.CensysUnauthorizedException:
        sys.stderr.write('[+] Censys account details wrong. n')
        exit(1)
    except censys.base.CensysRateLimitExceededException:
        sys.stderr.write('[+] Limit exceeded.')
        exit(1)


 def subdomain_filter(domain, subdomains):  # If subdomain has *.domain.com It will filter out from list of subdomains.
    return [subdomain for subdomain in subdomains if '*' not in subdomain and subdomain.endswith(domain)]


 def subdomains_list(domain, subdomains):  # Take the list and showing structured way.
    if len(subdomains) is 0:
        print('[-] Did not find any subdomain')
        return

    print('[*] Found %d unique subdomain n' % (len(subdomains)))

    # Create document header and body ----
    create_documentheader()
    create_documentbody()

    for subdomain in subdomains:
        document.add_paragraph(subdomain, style='List Bullet')
        print(subdomain)


 def main(domain, censys_id, censys_secret):
    print ("[+] Finding the subdomains of %s " % domain)
    subdomains = subdomain_find(domain, censys_id, censys_secret)
    subdomains = subdomain_filter(domain, subdomains)
    subdomains_list(domain, subdomains)


 if __name__ == "__main__":
    censys_id = "<<< CENSYS ID - PASTE HERE >>>"
    censys_secret = "<<< CENSYS KEY - PASTE HERE >>>"
    domain = raw_input("Enter the domain:")
    main(domain, censys_id, censys_secret)
    document.save(domain+'.docx')
	# ---------------------------------------------
	# Proof of Concept Script
	# H. Sonesson, Atea
	# 190313
	# ---------------------------------------------

	import os
	import sys
	import time
	import censys.certificates
	import censys.ipv4
	import censys
	from docx import Document
	from docx.shared import Inches

	# Init docx ----
	document = Document()

	def create_documentheader():
	document.add_picture('atea_logo.png', width=Inches(1.25))
	document.add_heading('Atea Open Source Intelligence Report', 1)
	document.add_page_break()

	def create_documentbody():
	p = document.add_paragraph('Identifierade domains:')


	def subdomain_find(domain, censys_id, censys_secret):
	try:
	censys_cert = censys.certificates.CensysCertificates(api_id=censys_id, api_secret=censys_secret)
	cert_query = 'parsed.names: %s' % domain
	cert_search_results = censys_cert.search(cert_query, fields=['parsed.names'])

	subdomains = [] # List of subdomains
	for s in cert_search_results:
	subdomains.extend(s['parsed.names'])

	return set(subdomains) # removes duplicate values
	except censys.base.CensysUnauthorizedException:
	sys.stderr.write('[+] Censys account details wrong. n')
	exit(1)
	except censys.base.CensysRateLimitExceededException:
	sys.stderr.write('[+] Limit exceeded.')
	exit(1)


	def subdomain_filter(domain, subdomains): # If subdomain has *.domain.com It will filter out from list of subdomains.
	return [subdomain for subdomain in subdomains if '*' not in subdomain and subdomain.endswith(domain)]


	def subdomains_list(domain, subdomains): # Take the list and showing structured way.
	if len(subdomains) is 0:
	print('[-] Did not find any subdomain')
	return

	print('[*] Found %d unique subdomain n' % (len(subdomains)))

	# Create document header and body ----
	create_documentheader()
	create_documentbody()

	for subdomain in subdomains:
	document.add_paragraph(subdomain, style='List Bullet')
	print(subdomain)


	def main(domain, censys_id, censys_secret):
	print ("[+] Finding the subdomains of %s " % domain)
	subdomains = subdomain_find(domain, censys_id, censys_secret)
	subdomains = subdomain_filter(domain, subdomains)
	subdomains_list(domain, subdomains)


	if __name__ == "__main__":
	censys_id = "<<< CENSYS ID - PASTE HERE >>>"
	censys_secret = "<<< CENSYS KEY - PASTE HERE >>>"
	domain = raw_input("Enter the domain:")
	main(domain, censys_id, censys_secret)
	document.save(domain+'.docx')