December 9, 2022

A Simple Website Scanner for Information Gathering with Python

“The first step in pentesting is information gathering.”

I wrote a simple python script that could help with information gathering. It takes one input from the user, which is a website’s url or link. With that information the script can start with the information gathering process. It can get the website’s IP address, IP lookup, Geolocalisation, http header, a list of IP address, and finally scans the IP address for open ports.

CLICK ON THE PICTURE TO SEE THE SCRIPT ON GITHUB

This image has an empty alt attribute; its file name is github-logo-1-1024x340.png
import whois, socket, requests, os
from ip2geotools.databases.noncommercial import DbIpCity

def check_ip():
    try:
        socket.gethostbyname(url)
        return 1
    except socket.error:
        return 0

while True:
    url = input("Type website without https:// Example: google.com ==>")
    if url == "":
        pass
    elif int(check_ip()) == 0:
        pass
    else:
        break

def your_ip():
    s = socket.gethostbyname(url)
    print("*** WEBSITE'S IP ADDRESS ***\n")
    print(s,"\n")

def ip_list():
    s = socket.gethostbyname_ex(url) 
    print("*** LIST OF IP FOR YOUR DOMAIN ***\n")
    print(s,"\n")
    
def ip_lookup():
    try:
        domain = whois.whois(url)
        print("*** IP LOOKUP ***\n")
        print(domain.text,"\n")
    except:
        print("IP LOOKUP NOT FOUND")
    
def website_header():
    try:
        print("*** WEBSITE HEADER ***\n")
        x = requests.head("https://"+ url)
        print(x.headers,"\n")
    except:
        print("COULD NOT GET THE WEBSITE'S HEADER")
    
def geo_tool():
    try:
        print("*** GEOLOCATION INFORMATION ***\n")
        s = socket.gethostbyname(url)
        response = DbIpCity.get(s, api_key='free')
        print(response,"\n")
    except:
        print("GEOLOCATION TOOL IS NOT WORKING")

def port_scan():
    ip = socket.gethostbyname(url)
    print("*** PORT SCANNER ***\n")
       
    for port in range(7, 500):
        try:
            s = socket.socket()
            s.settimeout(1)  
            conn = s.connect_ex((ip,port))

            if(conn == 0):
                print ("[+] PORT",port,"IS OPEN",socket.getservbyport(port,"tcp"))
            # else:
                # print("PORT",port,"IS CLOSED")
            s.close()
        except:
            pass
            
def display():
    color = lambda: os.system('color A')
    color()
    your_ip()   
    ip_list()
    ip_lookup()
    website_header()
    geo_tool()
    #port_scan() # port scanner works, but it's better to use other tool like nmap.
    #this function is very slow, and it will skip some open port to stop the script from craching
    
display()