loading
loading
Utilities
Verify a target organization from WHOIS results and extract its IP ranges.
overview
whois-verify-targets checks that the IP space in a pile of WHOIS records belongs to the organization you are scoping. Give it an organization name and a WHOIS data file, and it matches the records to the org and returns the IP ranges that check out, so a scan hits the right address space and not someone else's.
This matters at the boundary of an engagement. WHOIS data is noisy, and a name match alone can pull in ranges owned by a hosting provider or an unrelated entity. Confirming ownership before scanning keeps the work inside scope and the results attributable.
Reach for it after a WHOIS or ASN collector and before a port scanner. It verifies ownership, it does not look ranges up, so feed it records from an upstream step and hand its confirmed ranges to naabu or nmap.
source github.com/trickest
use cases
Match WHOIS records to the target organization so only verified, owned IP ranges flow into the next scanning stage.
Filter out ranges that share a name but belong to a hosting provider or third party, keeping the assessment inside authorized address space.
Hand the verified ranges to a scanner such as naabu or nmap so port discovery runs against confirmed-owned hosts.
Tie found hosts back to the organization that owns the range, so external asset-discovery findings carry clear ownership for reporting.
reference
| Name | Type | Flag | Description |
|---|---|---|---|
| target-org | STRING | · | Organization name to verify ownership against. |
| whois-file | FILE | · | WHOIS data file the verification reads its ranges from. |
Showing key inputs. whois-verify-targets exposes 2 inputs in total.
example
# confirm Example Corp owns the IP ranges in the collected WHOIS datawhois-verify-targets 'Example Corp' whois.txt[+] target organization: Example Corp[+] parsed 7 netblocks from whois.txt[+] verified 4 ranges owned by Example Corp198.51.100.0/24198.51.100.0/25203.0.113.0/24203.0.113.0/25[-] skipped 3 ranges (registered to hosting providers)guidance
Use whois-verify-targets after gathering WHOIS data and before scanning, to confirm an organization owns the IP ranges in scope. It verifies ownership, it does not look ranges up, so pair it with a WHOIS or ASN collector upstream.
Maps an organization or ASN to its IP ranges. Run it upstream to gather the ranges this tool verifies.
Raw WHOIS lookup that produces the data file this tool consumes and verifies.
Broad OSINT that can pull org-linked netblocks as part of attack-surface mapping.
faq
related
Import, export, and link workflow data with Airtable.
Decode Android APK files into smali sources and resources.
Check a file's values against conditions and exit with a matching code.
Extract all hosted zones from AWS Route53.
Output file lines by batch size, given START_LINE and END_LINE.
Extract a batch range from a file's lines or a folder's files, with parallel processing.
An organization name and a WHOIS file feed whois-verify-targets, which returns the confirmed-owned IP ranges as a queryable output.
Facts on this page come from the live Trickest tool library.