Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[feature] Suggestions for further resources to export #5

Open
2 of 4 tasks
ResistanceIsUseless opened this issue Dec 18, 2020 · 3 comments · Fixed by #316
Open
2 of 4 tasks

[feature] Suggestions for further resources to export #5

ResistanceIsUseless opened this issue Dec 18, 2020 · 3 comments · Fixed by #316
Labels
Status: Available No one has claimed responsibility for resolving this issue Type: Enhancement Most issues will probably ask for additions or changes.

Comments

@ResistanceIsUseless
Copy link

ResistanceIsUseless commented Dec 18, 2020

Speaking from personal experience, besides standard VM/NIC assigned IP's it would be so amazing if this could pull all the other endpoints that are publicly available and allow for misconfiguration. These are the examples that come to mind.

AWS:

Azure:

  • Blob Endpoints
  • AKS Management API Endpoints
  • Service Fabric Cluster Explorer Endpoints
  • Traffic Manager Endpoints
  • PaaS Database Endpoints(Redis, MySQL, Postgres, etc)
  • APIM Endpoints (Developer portal URL & Gateway URL)
  • Enterprise Applications (Homepage URL's)
@ehsandeep ehsandeep added Priority: Medium This issue may be useful, and needs some attention. Status: Available No one has claimed responsibility for resolving this issue Type: Enhancement Most issues will probably ask for additions or changes. labels Dec 19, 2020
@0xtavian
Copy link

Whenever the work on this starts, this site might be helpful to identify similar services offered on different cloud providers https://comparecloud.in/

@ehsandeep ehsandeep removed the Priority: Medium This issue may be useful, and needs some attention. label Dec 30, 2021
@sullo
Copy link
Contributor

sullo commented Feb 23, 2022

This should extend to all cloud providers to compile the best dataset possible.

  • All proxies/load balancers
  • Floating IPs (DO)
  • Containers

@mzpqnxow
Copy link

mzpqnxow commented Oct 5, 2022

Not sure if you prefer this as a new issue, or as a comment here or in #2 but I have a few more sources that should be considered if resources are invested into expanding data sources

For some background, I've been working for a few years on a project with similar objectives- exporting "all the things" from a large collection of Cloud providers, CDNs, DNS providers, commercial DNS "OSINT" services, on-prem commercial products, and proprietary/internal sources (e.g. proprietary IPAM/DNS solutions)

The focus is on domains/FQDNs and IPv4/IPv6 addresses and networks

Unfortunately, that work is not my intellectual property as it is developed and maintained for my employer.

That said, I'd be happy to contribute whatever I can get approved for

What I wrote is in Python and has no "special sauce," so getting approval to share information from that work with this project shouldn't be a major challenge

There is significant overlap in the sources supported, but there are a few that are unique to what I have that I may be able to provide an implementation for (or at least a suggestion for implementing the source, brief notes on which endpoints are relevant for which data points, and/or testing)

The sources on my side, some of which would definitely be of interest to this project, others possibly not:

  • Zycada (major-ish CDN)
  • CSC (Registrar, Full DNS Zone/RR hosting, Certificate issuance- DNS SAN extension field being of potential interest)
  • MarkMonitor (domains, no Zone/RR data though)
  • ProofPoint (E-mail Defense API, not necessarily appropriate for this project but contains DNS domains with some caveats)
  • BugCrowd (Vulnerability bounty platform, not necessarily appropriate for this project but contains FQDNs and IP addresses)

Another thing that may be of some value to the project (and relevant to this specific issue) is a curated set of metadata for the "big three" cloud platforms, focusing on the description of all "resource types" that are useful for asset inventory purposes ("resource type" is the Azure term, I don't recall off the top of my head what AWS and GCP call them)

For this, I maintain 3 large YaML files that have details about GCP, Azure and AWS resources respectively

Each file contains metadata that includes each of the resource type names supported by that platform (e.g. "microsoft.web.sites" is one of several hundred Azure resource types) as well as metadata describing (with jq syntax) how to programmatically extract FQDNs or IP addresses from the structured data returned by the respective API

I can provide that metadata and you can evaluate each resource type to determine if it's suitable for this project. You may even be able to use the extraction rules as a reference, though that depends on which APIs you're using to pull the data

Please let me know if you're interested in the YaML metadata and I can see if I'll be able to contribute it in part or in full (this metadata was developed as part of the larger solution I mentioned, which was not developed under an open-source license)

I can't commit any development time for the other sources I mentioned at this time, though I'd like to if I can find the time in the next 6 months

Thanks for your work on this project. It's always nice (and often very helpful) to see others working on similar problems. It seems this project does this very well

EDIT: Amazingly, I wrote this on mobile, so I apologize for any redundant text or typos; I already notice i mixed up the issue numbers, fixed that

@ShubhamRasal ShubhamRasal linked a pull request Apr 10, 2023 that will close this issue
@olearycrew olearycrew mentioned this issue Apr 11, 2024
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Status: Available No one has claimed responsibility for resolving this issue Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants