Merge pull request #11 from DanielAzulayy/master

added a new option - subdomain recon

index.js

@@ -20,6 +20,7 @@ const subdomainScanner = require('./src/subdomainScanner');
 const exifMetadata = require('./src/exif');
 const scanUrl = require('./src/scanUrl');
 const flagOptions = require('./src/flagOptions');
+const subdomainRecon = require('./src/subdomainRecon');
 
 const welcome = async () => {
   const glitchTitle = chalkAnimation.glitch('\nWelcome to Infoooze\n');
@@ -106,6 +107,11 @@ switch (optionKey) {
     banner();
     dnsLookup(flags.dnslookup);
     break;
+
+  case 'subdomainrecon':
+    banner();
+    subdomainRecon(flags.subdomainrecon);
+    break;
 
   default:
     (async function () {

src/flagOptions.js

@@ -16,7 +16,8 @@ const flagOptions = () => {
     .option(['s', 'subdomain'], 'find subdomains of website')
     .option(['x', 'exif'], 'extracts Exif metadata from image')
     .option(['a', 'webscan'], 'analyze suspicious URLs')
-    .option(['l', 'urlexpand'], 'long url of shorten URL');
+    .option(['l', 'urlexpand'], 'long url of shorten URL')
+    .option(['c', 'subdomainrecon'], 'find subdomains passively');
 
   args
     .example(

src/subdomainRecon.js

@@ -0,0 +1,22 @@
+const { spawn } = require('child_process');
+const { input, errorMsg, currentTimeStamp, info, goBack } = require('./helper');
+
+const subdomainRecon = async (host, showHome = false) => {
+  host = host || (await input('Enter your host (example.com):'));
+
+  const path = `${process.cwd()}/results/infoooze_subdomainRecon_${currentTimeStamp()}.txt`;
+  info(`Results will be saved in ${path}`);
+
+  // Passive subdomain scan:
+  const command = spawn('amass', ['enum', '-passive', '-d', host, '-o', path]);
+  command.stdout.on('data', (output) => {
+    console.log(output.toString());
+  });
+  command.on('error', (err) => {
+    errorMsg(
+      `amass might not be installed, try installing it: go install -v github.com/OWASP/Amass/v3/...@master`,
+    );
+  });
+};
+
+module.exports = subdomainRecon;