-
Notifications
You must be signed in to change notification settings - Fork 3.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
06c274e
commit 3280df8
Showing
1 changed file
with
216 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,216 @@ | ||
### Passive Reconnaissance Analysis of secretcorp.org | ||
|
||
The passive reconnaissance using Amass on secretcorp.org revealed the following: | ||
|
||
- Unique Domains: 16 | ||
- Unique IP Addresses: 1 | ||
|
||
### Types of DNS Records Found: | ||
- (FQDN): 14 | ||
- : 18 | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b3.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b1.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b2.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b4.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> mx_record --> mxb.mailgun.org (FQDN) | ||
secretcorp.org (FQDN) --> mx_record --> mxa.mailgun.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> finance-app.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> backdoor.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> vpn.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> cloud.secretcorp.org (FQDN) | ||
finance-app.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
backdoor.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
vpn.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
cloud.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
secretcorp.org (FQDN) --> node --> app1.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> internal.secretcorp.org (FQDN) | ||
app1.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
ns-cloud-b2.googledomains.com (FQDN) --> a_record --> 216.239.34.107 (IPAddress) | ||
ns-cloud-b2.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:34::6b (IPAddress) | ||
ns-cloud-b4.googledomains.com (FQDN) --> a_record --> 216.239.38.107 (IPAddress) | ||
ns-cloud-b4.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:38::6b (IPAddress) | ||
internal.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.34.107 (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.38.107 (IPAddress) | ||
15169 (ASN) --> managed_by --> GOOGLE - Google LLC (RIROrganization) | ||
15169 (ASN) --> announces --> 216.239.32.0/20 (Netblock) | ||
ns-cloud-b3.googledomains.com (FQDN) --> a_record --> 216.239.36.107 (IPAddress) | ||
ns-cloud-b3.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:36::6b (IPAddress) | ||
ns-cloud-b1.googledomains.com (FQDN) --> a_record --> 216.239.32.107 (IPAddress) | ||
ns-cloud-b1.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:32::6b (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.32.107 (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.36.107 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.111.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.110.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.108.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.109.153 (IPAddress) | ||
secretcorp.org (FQDN) --> node --> mail.secretcorp.org (FQDN) | ||
mail.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:32::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:34::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:36::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:38::6b (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.111.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.110.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.108.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.109.153 (IPAddress) | ||
15169 (ASN) --> announces --> 2001:4860::/32 (Netblock) | ||
54113 (ASN) --> managed_by --> FASTLY - Fastly (RIROrganization) | ||
54113 (ASN) --> announces --> 185.199.108.0/22 (Netblock) | ||
secretcorp.org (FQDN) --> node --> sslvpn.secretcorp.org (FQDN) | ||
sslvpn.secretcorp.org (FQDN) --> cname_record --> ext-sq.squarespace.com (FQDN) | ||
mxa.mailgun.org (FQDN) --> a_record --> 34.149.236.64 (IPAddress) | ||
34.144.0.0/13 (Netblock) --> contains --> 34.149.236.64 (IPAddress) | ||
15169 (ASN) --> announces --> 34.144.0.0/13 (Netblock) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.49.23.144 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.185.159.144 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.185.159.145 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.49.23.145 (IPAddress) | ||
198.49.23.0/24 (Netblock) --> contains --> 198.49.23.144 (IPAddress) | ||
198.49.23.0/24 (Netblock) --> contains --> 198.49.23.145 (IPAddress) | ||
198.185.159.0/24 (Netblock) --> contains --> 198.185.159.144 (IPAddress) | ||
198.185.159.0/24 (Netblock) --> contains --> 198.185.159.145 (IPAddress) | ||
53831 (ASN) --> managed_by --> SQUARESPACE - Squarespace, Inc. (RIROrganization) | ||
53831 (ASN) --> announces --> 198.49.23.0/24 (Netblock) | ||
53831 (ASN) --> announces --> 198.185.159.0/24 (Netblock) | ||
mxb.mailgun.org (FQDN) --> a_record --> 34.160.157.95 (IPAddress) | ||
34.160.0.0/13 (Netblock) --> contains --> 34.160.157.95 (IPAddress) | ||
15169 (ASN) --> announces --> 34.160.0.0/13 (Netblock) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b3.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b1.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b2.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b4.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> mx_record --> mxb.mailgun.org (FQDN) | ||
secretcorp.org (FQDN) --> mx_record --> mxa.mailgun.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> finance-app.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> backdoor.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> vpn.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> cloud.secretcorp.org (FQDN) | ||
finance-app.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
backdoor.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
vpn.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
cloud.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
secretcorp.org (FQDN) --> node --> app1.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> internal.secretcorp.org (FQDN) | ||
app1.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
ns-cloud-b2.googledomains.com (FQDN) --> a_record --> 216.239.34.107 (IPAddress) | ||
ns-cloud-b2.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:34::6b (IPAddress) | ||
ns-cloud-b4.googledomains.com (FQDN) --> a_record --> 216.239.38.107 (IPAddress) | ||
ns-cloud-b4.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:38::6b (IPAddress) | ||
internal.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.34.107 (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.38.107 (IPAddress) | ||
15169 (ASN) --> managed_by --> GOOGLE - Google LLC (RIROrganization) | ||
15169 (ASN) --> announces --> 216.239.32.0/20 (Netblock) | ||
ns-cloud-b3.googledomains.com (FQDN) --> a_record --> 216.239.36.107 (IPAddress) | ||
ns-cloud-b3.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:36::6b (IPAddress) | ||
ns-cloud-b1.googledomains.com (FQDN) --> a_record --> 216.239.32.107 (IPAddress) | ||
ns-cloud-b1.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:32::6b (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.32.107 (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.36.107 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.111.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.110.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.108.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.109.153 (IPAddress) | ||
secretcorp.org (FQDN) --> node --> mail.secretcorp.org (FQDN) | ||
mail.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:32::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:34::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:36::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:38::6b (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.111.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.110.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.108.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.109.153 (IPAddress) | ||
15169 (ASN) --> announces --> 2001:4860::/32 (Netblock) | ||
54113 (ASN) --> managed_by --> FASTLY - Fastly (RIROrganization) | ||
54113 (ASN) --> announces --> 185.199.108.0/22 (Netblock) | ||
secretcorp.org (FQDN) --> node --> sslvpn.secretcorp.org (FQDN) | ||
sslvpn.secretcorp.org (FQDN) --> cname_record --> ext-sq.squarespace.com (FQDN) | ||
mxa.mailgun.org (FQDN) --> a_record --> 34.149.236.64 (IPAddress) | ||
34.144.0.0/13 (Netblock) --> contains --> 34.149.236.64 (IPAddress) | ||
15169 (ASN) --> announces --> 34.144.0.0/13 (Netblock) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.49.23.144 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.185.159.144 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.185.159.145 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.49.23.145 (IPAddress) | ||
198.49.23.0/24 (Netblock) --> contains --> 198.49.23.144 (IPAddress) | ||
198.49.23.0/24 (Netblock) --> contains --> 198.49.23.145 (IPAddress) | ||
198.185.159.0/24 (Netblock) --> contains --> 198.185.159.144 (IPAddress) | ||
198.185.159.0/24 (Netblock) --> contains --> 198.185.159.145 (IPAddress) | ||
53831 (ASN) --> managed_by --> SQUARESPACE - Squarespace, Inc. (RIROrganization) | ||
53831 (ASN) --> announces --> 198.49.23.0/24 (Netblock) | ||
53831 (ASN) --> announces --> 198.185.159.0/24 (Netblock) | ||
mxb.mailgun.org (FQDN) --> a_record --> 34.160.157.95 (IPAddress) | ||
34.160.0.0/13 (Netblock) --> contains --> 34.160.157.95 (IPAddress) | ||
15169 (ASN) --> announces --> 34.160.0.0/13 (Netblock) | ||
|
||
## Amass Output: | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b3.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b1.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b2.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> ns_record --> ns-cloud-b4.googledomains.com (FQDN) | ||
secretcorp.org (FQDN) --> mx_record --> mxb.mailgun.org (FQDN) | ||
secretcorp.org (FQDN) --> mx_record --> mxa.mailgun.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> finance-app.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> backdoor.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> vpn.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> cloud.secretcorp.org (FQDN) | ||
finance-app.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
backdoor.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
vpn.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
cloud.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
secretcorp.org (FQDN) --> node --> app1.secretcorp.org (FQDN) | ||
secretcorp.org (FQDN) --> node --> internal.secretcorp.org (FQDN) | ||
app1.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
ns-cloud-b2.googledomains.com (FQDN) --> a_record --> 216.239.34.107 (IPAddress) | ||
ns-cloud-b2.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:34::6b (IPAddress) | ||
ns-cloud-b4.googledomains.com (FQDN) --> a_record --> 216.239.38.107 (IPAddress) | ||
ns-cloud-b4.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:38::6b (IPAddress) | ||
internal.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.34.107 (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.38.107 (IPAddress) | ||
15169 (ASN) --> managed_by --> GOOGLE - Google LLC (RIROrganization) | ||
15169 (ASN) --> announces --> 216.239.32.0/20 (Netblock) | ||
ns-cloud-b3.googledomains.com (FQDN) --> a_record --> 216.239.36.107 (IPAddress) | ||
ns-cloud-b3.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:36::6b (IPAddress) | ||
ns-cloud-b1.googledomains.com (FQDN) --> a_record --> 216.239.32.107 (IPAddress) | ||
ns-cloud-b1.googledomains.com (FQDN) --> aaaa_record --> 2001:4860:4802:32::6b (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.32.107 (IPAddress) | ||
216.239.32.0/20 (Netblock) --> contains --> 216.239.36.107 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.111.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.110.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.108.153 (IPAddress) | ||
secretcorp.org (FQDN) --> a_record --> 185.199.109.153 (IPAddress) | ||
secretcorp.org (FQDN) --> node --> mail.secretcorp.org (FQDN) | ||
mail.secretcorp.org (FQDN) --> cname_record --> santosomar.github.io (FQDN) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:32::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:34::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:36::6b (IPAddress) | ||
2001:4860::/32 (Netblock) --> contains --> 2001:4860:4802:38::6b (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.111.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.110.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.108.153 (IPAddress) | ||
185.199.108.0/22 (Netblock) --> contains --> 185.199.109.153 (IPAddress) | ||
15169 (ASN) --> announces --> 2001:4860::/32 (Netblock) | ||
54113 (ASN) --> managed_by --> FASTLY - Fastly (RIROrganization) | ||
54113 (ASN) --> announces --> 185.199.108.0/22 (Netblock) | ||
secretcorp.org (FQDN) --> node --> sslvpn.secretcorp.org (FQDN) | ||
sslvpn.secretcorp.org (FQDN) --> cname_record --> ext-sq.squarespace.com (FQDN) | ||
mxa.mailgun.org (FQDN) --> a_record --> 34.149.236.64 (IPAddress) | ||
34.144.0.0/13 (Netblock) --> contains --> 34.149.236.64 (IPAddress) | ||
15169 (ASN) --> announces --> 34.144.0.0/13 (Netblock) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.49.23.144 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.185.159.144 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.185.159.145 (IPAddress) | ||
ext-sq.squarespace.com (FQDN) --> a_record --> 198.49.23.145 (IPAddress) | ||
198.49.23.0/24 (Netblock) --> contains --> 198.49.23.144 (IPAddress) | ||
198.49.23.0/24 (Netblock) --> contains --> 198.49.23.145 (IPAddress) | ||
198.185.159.0/24 (Netblock) --> contains --> 198.185.159.144 (IPAddress) | ||
198.185.159.0/24 (Netblock) --> contains --> 198.185.159.145 (IPAddress) | ||
53831 (ASN) --> managed_by --> SQUARESPACE - Squarespace, Inc. (RIROrganization) | ||
53831 (ASN) --> announces --> 198.49.23.0/24 (Netblock) | ||
53831 (ASN) --> announces --> 198.185.159.0/24 (Netblock) | ||
mxb.mailgun.org (FQDN) --> a_record --> 34.160.157.95 (IPAddress) | ||
34.160.0.0/13 (Netblock) --> contains --> 34.160.157.95 (IPAddress) | ||
15169 (ASN) --> announces --> 34.160.0.0/13 (Netblock) |