Seca Posted July 22, 2011 Share Posted July 22, 2011 I've seen a tool on Vimeo that can map websites and ip addresses associated with a target ip. Anyone know what it is called? Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted July 22, 2011 Share Posted July 22, 2011 Do you have the link to the Vimeo video you saw? I may be able to tell you what the tool is called? Quote Link to comment Share on other sites More sharing options...
Seca Posted July 22, 2011 Author Share Posted July 22, 2011 nm, I found the application. It is called maltego. Took me a good two hours to track it down but it looks like a cool piece of software. Video demo at Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted July 22, 2011 Share Posted July 22, 2011 Ahh Maltego heard of it before but I couldn't remember it at the time. Quote Link to comment Share on other sites More sharing options...
digip Posted July 22, 2011 Share Posted July 22, 2011 Um, Maltego is a tool for gathering info, mostly based on social networks and databases, but mapping IP's to Domain Names, in itself, is simply DNS and not unique to Maltego. Also, there are plenty of online tools to do reverse lookups, with varying results, as not all DNS providers will know every possible list of sites hosted on a single IP)other than the host itself), so use multiple tools, Maltego included. I personally use the following for looking them up, but even built into your OS or nearly every OS are DNS tools as well. For linux users, DIG is an invaluable tool(may not be installed by default) as well as nslooukp. For windows users, you can use nslookup against a website to get its IP and domain servers, as well as a simple ping. Ping against google.com will return the IP. "ping -a x.x.x.x" where x.x.x.x is the IP address, will return the associated name, so long as a single site is responding to the query. If its a vhost with multiple sites, most likely will only return the IP or even the vhost name, such as the way dreamhost has names for each of its file servers which also host domains, you would get some subdomain of dreamhost in the response instead of one of the hosted sites names. For online tools, try http://whois.domaintools.com as well as http://www.yougetsignal.com/tools/web-sites-on-web-server/ There is also http://reverseinternet.com/ which will tell you domains hosted on an IP if you feed it an IP addresses(sometimes this site is lacking, other times it has more than the others. ymmv). Results vary on all of these tools, so don't take one as the holy grail of reconnaissance tools, as there are many more out there which can help in recovering information. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.