ASN discovery


  • There are third-party web services that provide IP to ASN mapping
$ curl -s |  jq -r .as
AS36459 GitHub, Inc.
  • The ASN numbers found can be used to find netblocks of the domain.
  • We can use advanced WHOIS queries to find all the IP ranges that belong to an ASN
$ whois -h  -- '-i origin AS36459' | grep -Eo "([0-9.]+){4}/[0-9]+" | uniq


$ nmap --script targets-asn --script-args targets-asn.asn=17012 > paypal_netblocks.txt


results matching ""

    No results matching ""