I wrote a nifty Python commandline tool for looking up FQDNs and domains using various OSINT sources. It’s definitely useful to me, but I hope it is too to security researchers, incident responders and the like. Check out the project page here:

pirxthepilot/wtfis

It’s available in Pypi, so installation is as easy as

$ pip install wtfis

I wrote this because I wanted a faster way to gather information on a hostname or domain. Most of the time, it is the same set of data that I look for, but spread out across different websites.

Instead of numerous keystrokes and mouse clicks, I can simply run a command and get the essential details:

It’s also designed to be easy on the eyes, with text that is organized and color-coded. (I am not a UX designer but I hope I’ve provided just enough niceness to satisfy most users.)

It uses Virustotal, Passivetotal and IPWhois as data sources. A future version will also use Shodan for additional IP enrichment.

Interested? Head to the project page for setup and usage instructions!