Class: Zetalytics::Api
- Inherits:
-
Object
- Object
- Zetalytics::Api
- Defined in:
- lib/zetalytics.rb
Instance Method Summary collapse
-
#initialize(api_key = nil, options = {}) ⇒ Api
constructor
A new instance of Api.
-
#search_by_hostname(domain) ⇒ Object
Search passive dns by hostname for mixed resource record types.
-
#search_by_ip(ip) ⇒ Object
Search passive dns by IP, CIDR, or Range (v6 compatible).
-
#search_by_unique_email_address(email) ⇒ Object
Search for domains sharing a registration email address or SOA email from passive.
- #search_cname2qname(cname) ⇒ Object
-
#search_domain2cname(domain) ⇒ Object
Search passive dns by domain for CNAME records.
-
#search_domain2ip(domain) ⇒ Object
Search passive dns by domain for A (IPv4) records.
-
#search_domain2malwaredns(domain) ⇒ Object
Search malware dns by domain (some of the results are obsolete).
-
#search_domain2malwarehttp(domain) ⇒ Object
Search malware http by domain (some of the results are obsolete).
-
#search_domain2mx(domain) ⇒ Object
Search passive dns by domain for MX records.
-
#search_domain2ns(domain) ⇒ Object
Search passive dns by domain for NS records.
-
#search_domain2nsglue(domain) ⇒ Object
Search name server glue (IP) records by domain name.
-
#search_domain2ptr(domain) ⇒ Object
Search passive dns by domain for PTR records.
-
#search_domain2txt(domain) ⇒ Object
Search passive dns by domain for TXT records.
-
#search_domain2whois(domain) ⇒ Object
Search historical whois records.
-
#search_domain_dname_records(domain) ⇒ Object
Search zonefile changes by domain for DNAME record.
-
#search_domain_for_ipv6_records(domain) ⇒ Object
Search passive dns by domain for AAAA (IPv6) records.
-
#search_email_address(domain) ⇒ Object
Search for domains sharing a known registered email address or SOA email from passive.
-
#search_email_domain(domain) ⇒ Object
Search for domains sharing a registration email address domain.
-
#search_hash2malwaredns(hash) ⇒ Object
Search malware http by md5 hash.
-
#search_historical_live_dnsrecords(domain) ⇒ Object
Search historical d8s records and/or live d8s.
-
#search_ip2malwaredns(ip) ⇒ Object
Search malware dns by IP.
-
#search_ip2malwarehttp(ip) ⇒ Object
Search malware http by IP/CIDR for x.x.x.x/ (not the IP a hostname resolved to).
-
#search_ip2nsglue(ip) ⇒ Object
Search name server glue (IP) records by IP, CIDR, or Range (v6 compatible) what is dns glue record? => ns1.com/blog/glue-records-and-dedicated-dns#:~:text=What%20is%20a%20Glue%20Record,ns2.example.net%E2%80%9D.
-
#search_livedns(domain) ⇒ Object
Perform a live DNS lookup for a domain.
-
#search_mx2domain(nameserver) ⇒ Object
Search passive dns by MX domain for any domain served by the MX domain.
-
#search_ns2domain(nameserver) ⇒ Object
Search current zone files and passive DNS for domains served by nameserver.
-
#search_nszoneactivity(nameserver) ⇒ Object
Search zonefile changes by nameserver.
-
#search_subdomains(domain) ⇒ Object
Search passive dns by domain for a list of subdomains from any record type.
Constructor Details
#initialize(api_key = nil, options = {}) ⇒ Api
Returns a new instance of Api.
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# File 'lib/zetalytics.rb', line 9 def initialize(api_key=nil, ={}) @base_uri = "https://zonecruncher.com/api/v2" @api_key = api_key # if we weren't passed a config unless @api_key # check to see if a config file exists config_file_path = "#{File.dirname(__FILE__)}/../config/config.json" if File.exist? config_file_path config = JSON.parse(File.open(config_file_path,"r").read) @api_key = config["api_key"] else raise "Unable to continue... no api key!" end end end |
Instance Method Details
#search_by_hostname(domain) ⇒ Object
Search passive dns by hostname for mixed resource record types
227 228 229 230 231 232 233 234 |
# File 'lib/zetalytics.rb', line 227 def search_by_hostname (domain) result = JSON.parse RestClient.get "#{@base_uri}/hostname?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_by_ip(ip) ⇒ Object
Search passive dns by IP, CIDR, or Range (v6 compatible)
237 238 239 240 241 242 243 244 |
# File 'lib/zetalytics.rb', line 237 def search_by_ip (ip) result = JSON.parse RestClient.get "#{@base_uri}/ip?q=#{ip}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_by_unique_email_address(email) ⇒ Object
Search for domains sharing a registration email address or SOA email from passive
187 188 189 190 191 192 193 194 |
# File 'lib/zetalytics.rb', line 187 def search_by_unique_email_address (email) result = JSON.parse RestClient.get "#{@base_uri}/email_address?q=#{email}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_cname2qname(cname) ⇒ Object
27 28 29 30 31 32 33 34 |
# File 'lib/zetalytics.rb', line 27 def search_cname2qname (cname) result = JSON.parse RestClient.get "#{@base_uri}/cname2qname?q=#{cname}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2cname(domain) ⇒ Object
Search passive dns by domain for CNAME records
59 60 61 62 63 64 65 66 |
# File 'lib/zetalytics.rb', line 59 def search_domain2cname (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2cname?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2ip(domain) ⇒ Object
Search passive dns by domain for A (IPv4) records
80 81 82 83 84 85 86 87 |
# File 'lib/zetalytics.rb', line 80 def search_domain2ip (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2ip?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2malwaredns(domain) ⇒ Object
Search malware dns by domain (some of the results are obsolete)
90 91 92 93 94 95 96 97 |
# File 'lib/zetalytics.rb', line 90 def search_domain2malwaredns (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2malwaredns?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2malwarehttp(domain) ⇒ Object
Search malware http by domain (some of the results are obsolete)
100 101 102 103 104 105 106 107 |
# File 'lib/zetalytics.rb', line 100 def search_domain2malwarehttp (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2malwarehttp?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2mx(domain) ⇒ Object
Search passive dns by domain for MX records
110 111 112 113 114 115 116 117 |
# File 'lib/zetalytics.rb', line 110 def search_domain2mx (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2mx?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2ns(domain) ⇒ Object
Search passive dns by domain for NS records
120 121 122 123 124 125 126 127 |
# File 'lib/zetalytics.rb', line 120 def search_domain2ns (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2ns?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2nsglue(domain) ⇒ Object
Search name server glue (IP) records by domain name. NOTE: these are only the glue records found in gTLD zone files and NOT all IP records for every name server domain. what is dns glue record? => ns1.com/blog/glue-records-and-dedicated-dns#:~:text=What%20is%20a%20Glue%20Record,ns2.example.net%E2%80%9D.
133 134 135 136 137 138 139 140 |
# File 'lib/zetalytics.rb', line 133 def search_domain2nsglue (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2nsglue?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2ptr(domain) ⇒ Object
Search passive dns by domain for PTR records
143 144 145 146 147 148 149 150 |
# File 'lib/zetalytics.rb', line 143 def search_domain2ptr (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2ptr?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2txt(domain) ⇒ Object
Search passive dns by domain for TXT records
153 154 155 156 157 158 159 160 161 162 |
# File 'lib/zetalytics.rb', line 153 def search_domain2txt (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2txt?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain2whois(domain) ⇒ Object
Search historical whois records
165 166 167 168 169 170 171 172 |
# File 'lib/zetalytics.rb', line 165 def search_domain2whois (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2whois?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain_dname_records(domain) ⇒ Object
Search zonefile changes by domain for DNAME record. A DNAME record creates an alias for an entire subtree of the domain name tree
38 39 40 41 42 43 44 45 46 |
# File 'lib/zetalytics.rb', line 38 def search_domain_dname_records (domain) domain_name = domain.split('.')[0] result = JSON.parse RestClient.get "#{@base_uri}/domain-zone-activity?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_domain_for_ipv6_records(domain) ⇒ Object
Search passive dns by domain for AAAA (IPv6) records
49 50 51 52 53 54 55 56 |
# File 'lib/zetalytics.rb', line 49 def search_domain_for_ipv6_records (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2aaaa?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_email_address(domain) ⇒ Object
Search for domains sharing a known registered email address or SOA email from passive
175 176 177 178 179 180 181 182 183 184 |
# File 'lib/zetalytics.rb', line 175 def search_email_address (domain) # using "a*@" is for identifying a large number of domains since the majority of DNS recorded contains else the administrator contact or abuse contact email = "a*@"+ domain result = JSON.parse RestClient.get "#{@base_uri}/email_address?q=#{email}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_email_domain(domain) ⇒ Object
Search for domains sharing a registration email address domain
197 198 199 200 201 202 203 204 |
# File 'lib/zetalytics.rb', line 197 def search_email_domain (domain) result = JSON.parse RestClient.get "#{@base_uri}/email_domain?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_hash2malwaredns(hash) ⇒ Object
Search malware http by md5 hash
207 208 209 210 211 212 213 214 |
# File 'lib/zetalytics.rb', line 207 def search_hash2malwaredns (hash) result = JSON.parse RestClient.get "#{@base_uri}/hash2malwaredns?q=#{hash}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_historical_live_dnsrecords(domain) ⇒ Object
Search historical d8s records and/or live d8s
69 70 71 72 73 74 75 76 |
# File 'lib/zetalytics.rb', line 69 def search_historical_live_dnsrecords (domain) result = JSON.parse RestClient.get "#{@base_uri}/domain2d8s?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_ip2malwaredns(ip) ⇒ Object
Search malware dns by IP
247 248 249 250 251 252 253 254 |
# File 'lib/zetalytics.rb', line 247 def search_ip2malwaredns(ip) result = JSON.parse RestClient.get "#{@base_uri}/ip2malwaredns?q=#{ip}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_ip2malwarehttp(ip) ⇒ Object
Search malware http by IP/CIDR for x.x.x.x/ (not the IP a hostname resolved to). These results would not appear in the malware dns result since they do not require a DNS lookup.
258 259 260 261 262 263 264 265 |
# File 'lib/zetalytics.rb', line 258 def search_ip2malwarehttp(ip) result = JSON.parse RestClient.get "#{@base_uri}/ip2malwarehttp?q=#{ip}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_ip2nsglue(ip) ⇒ Object
Search name server glue (IP) records by IP, CIDR, or Range (v6 compatible) what is dns glue record? => ns1.com/blog/glue-records-and-dedicated-dns#:~:text=What%20is%20a%20Glue%20Record,ns2.example.net%E2%80%9D.
269 270 271 272 273 274 275 276 |
# File 'lib/zetalytics.rb', line 269 def search_ip2nsglue(ip) result = JSON.parse RestClient.get "#{@base_uri}/ip2nsglue?q=#{ip}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_livedns(domain) ⇒ Object
Perform a live DNS lookup for a domain
279 280 281 282 283 284 285 286 |
# File 'lib/zetalytics.rb', line 279 def search_livedns(domain) result = JSON.parse RestClient.get "#{@base_uri}/liveDNS?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_mx2domain(nameserver) ⇒ Object
Search passive dns by MX domain for any domain served by the MX domain
299 300 301 302 303 304 305 306 |
# File 'lib/zetalytics.rb', line 299 def search_mx2domain(nameserver) result = JSON.parse RestClient.get "#{@base_uri}/mx2domain?q=#{nameserver}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_ns2domain(nameserver) ⇒ Object
Search current zone files and passive DNS for domains served by nameserver.
309 310 311 312 313 314 315 316 |
# File 'lib/zetalytics.rb', line 309 def search_ns2domain(nameserver) result = JSON.parse RestClient.get"#{@base_uri}/ns2domain?q=#{nameserver}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_nszoneactivity(nameserver) ⇒ Object
Search zonefile changes by nameserver
289 290 291 292 293 294 295 296 |
# File 'lib/zetalytics.rb', line 289 def search_nszoneactivity(nameserver) result = JSON.parse RestClient.get "#{@base_uri}/ns-zone-activity?q=#{nameserver}&token=#{@api_key}" if result["total"] > 0 return result else return end end |
#search_subdomains(domain) ⇒ Object
Search passive dns by domain for a list of subdomains from any record type.
319 320 321 322 323 324 325 326 |
# File 'lib/zetalytics.rb', line 319 def search_subdomains(domain) result = JSON.parse RestClient.get "#{@base_uri}/subdomains?q=#{domain}&token=#{@api_key}" if result["total"] > 0 return result else return end end |