The official command-line client for spyse.com.
NOTE: This tool is currently in the early stage beta and shouldn't be used in production.
Your feedback and suggestions are highly appreciated.
Targeted recon:
Gather associated targets:
- Subdomains lookup
- Reverse IP lookup
- Reverse NS lookup
- Reverse MX lookup
- Reverse PTR lookup
- Reverse AdSense ID lookup
- Reverse iTunes ID lookup
- Reverse Google Play ID lookup
- Reverse Google Analytics ID lookup
- Reverse Google Site Verification ID lookup
- Reverse Email lookup
Gather historical records
- Get historical DNS A records
- Get historical DNS AAAA records
- Get historical DNS CNAME records
- Get historical DNS TXT records
- Get historical DNS MX records
- Get historical DNS NS records
- Get historical WHOIS records
Custom Internet-wide assets search:
NOTE: Spyse API token is required to use this tool.
API tokens are available only for registered users on their account page.
For more information about the API, please check the API Reference.
docker build -t spysecli .
echo "tesla.com" | docker run --interactive spysecli --api_token=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx subdomains
pip3 install spysecli
spysecli --api_token=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -h
# API token also can be read from environment
export SPYSE_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
spysecli -h
This repository is about CLI only. If you want to integrate spyse.com into your application, you should check out our SDKs.
Official:
Community:
Targeted recon:
Get DNS records, SSL/TLS certificate, structured HTTP response, technologies, potential vulnerabilities, and other details about domain by its name.
# Command example:
echo "tesla.com" | spysecli domain
# Examples of valid input lines:
domain.com
https://example.com
https://example.com/path
Get Open ports, autonomous system number/organization, ISP, technologies, ip reputation and abuse reports, structured HTTP response, potential vulnerabilities, and other details about IP address.
# Command example:
echo "8.8.8.8" | spysecli ip
# Examples of valid input lines:
8.8.8.8
8.8.8.0/24
Get associated organization, IPv4 prefixes, IPv6 prefixes, and other details about autonomous system.
# Command example:
echo "AS15169" | spysecli as
# Examples of valid input lines:
AS15169
as15169
15169
Get a list of sources in which an email was seen.
# Command example:
echo "[email protected]" | spysecli email
# Examples of valid input lines:
[email protected]
Gather associated targets:
Find subdomains of a target domain
# Command example:
echo "tesla.com" | spysecli subdomains
# Examples of valid input lines:
domain.com
https://example.com
https://example.com/path
Find domains hosted on IPv4 host
# Command example:
echo "8.8.8.8" | spysecli reverse-ip
# Examples of valid input lines:
8.8.8.8
8.8.8.0/24
Shows which domains are using given name server
# Command example:
echo "ns1.google.com" | spysecli reverse-ns
# Examples of valid input lines:
ns1.domain.com
Shows which domains are using given mail server
# Command example:
echo "mx.google.com" | spysecli reverse-mx
# Examples of valid input lines:
mx.google.com
Shows which IPv4 hosts are using given PTR record
# Command example:
echo "google.com" | spysecli reverse-ptr
# Examples of valid input lines:
domain.com
Find all domains sharing the same AdSense ID
# Command example:
echo "1234567891234567" | spysecli reverse-adsense
# Examples of valid input lines:
pub-1234567891234567
1234567891234567
Find all domains sharing the same iTunes app ID
# Command example:
echo "1188352635" | spysecli reverse-itunes
# Examples of valid input lines:
1188352635
Find all domains sharing the same Google Play app ID
# Command example:
echo "google.com" | spysecli reverse-google-play
# Examples of valid input lines:
domain.com
Find all domains sharing the same Google Analytics ID
# Command example:
echo "UA-12345-12" | spysecli reverse-google-analytics
# Examples of valid input lines:
UA-12345-12
Find all domains sharing the same Google site verification code
# Command example:
echo "rXOxyZounnZasA8Z7oaD3c14JdjS9aKSWvsR1EbUSIQ" | spysecli reverse-google-site-verification
# Examples of valid input lines:
rXOxyZounnZasA8Z7oaD3c14JdjS9aKSWvsR1EbUSIQ
Find all websites mentioning the same email address on the homepage
# Command example:
echo "[email protected]" | spysecli reverse-email
# Examples of valid input lines:
[email protected]
Gather historical records
Get historical DNS A records
# Command example:
echo "google.com" | spysecli history-dns-a
# Examples of valid input lines:
domain.com
Get historical DNS AAAA records
# Command example:
echo "google.com" | spysecli history-dns-aaaa
# Examples of valid input lines:
domain.com
Get historical DNS CNAME records
# Command example:
echo "google.com" | spysecli history-dns-cname
# Examples of valid input lines:
domain.com
Get historical DNS TXT records
# Command example:
echo "google.com" | spysecli history-dns-txt
# Examples of valid input lines:
domain.com
Get historical DNS MX records
# Command example:
echo "google.com" | spysecli history-dns-mx
# Examples of valid input lines:
domain.com
Get historical DNS NS records
# Command example:
echo "google.com" | spysecli history-dns-ns
# Examples of valid input lines:
domain.com
Get historical DNS WHOIS records
# Command example:
echo "google.com" | spysecli history-whois
# Examples of valid input lines:
domain.com
Returns a list of domains that matched the search query.
Use API docs and Spyse Advanced Search to craft your own request.
# Command example:
echo '{"search_params":[{"name":{"operator":"ends","value":".spyse.com"}}]}' | spysecli search-domains
Returns a list of IPv4 hosts that matched the search query.
Use API docs and Spyse Advanced Search to craft your own request.
# Command example:
echo '{"search_params":[{"open_port":{"operator":"eq","value":"22"}}]}' | spysecli search-ip