### Get OneForAll Command Help Source: https://github.com/shmilylty/oneforall/blob/master/README.md Display the help information for the OneForAll command-line interface. This command shows available options and usage examples. ```bash python oneforall.py --help ``` ```bash NAME oneforall.py - OneForAll帮助信息 SYNOPSIS oneforall.py COMMAND | --target=TARGET DESCRIPTION OneForAll是一款功能强大的子域收集工具 Example: python3 oneforall.py version python3 oneforall.py --target example.com run python3 oneforall.py --targets ./domains.txt run ``` -------------------------------- ### Install Dependencies on Darwin Source: https://github.com/shmilylty/oneforall/blob/master/docs/installation_dependency.md Upgrades pip, setuptools, and wheel, then installs project dependencies from requirements.txt. Assumes git is already installed or handled separately. ```bash cd OneForAll/ python3 -m pip install -U pip setuptools wheel -i https://mirrors.aliyun.com/pypi/simple/ pip3 install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/ python3 oneforall.py --help ``` -------------------------------- ### takeover.py Usage Examples Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md Provides examples of how to run the takeover.py module with different targets and configurations. The format parameter supports various output types. ```bash python3 takeover.py --target www.example.com --format csv run ``` ```bash python3 takeover.py --target ./subdomains.txt --thread 10 run ``` -------------------------------- ### Install Dependencies on Windows Source: https://github.com/shmilylty/oneforall/blob/master/docs/installation_dependency.md Run these commands in a Windows command prompt, as administrator if Python is in Program Files. Installs and upgrades pip, setuptools, and wheel, then installs project dependencies from requirements.txt. ```bash cd OneForAll/ python -m pip install -U pip setuptools wheel -i https://mirrors.aliyun.com/pypi/simple/ pip3 install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/ python oneforall.py --help ``` -------------------------------- ### Install Dependencies on Ubuntu/Debian Source: https://github.com/shmilylty/oneforall/blob/master/docs/installation_dependency.md Installs Python development headers, pip, and test resources, then upgrades pip, setuptools, and wheel. Finally, it installs project dependencies from requirements.txt, ignoring already installed packages. ```bash cd OneForAll/ sudo apt install python3-dev python3-pip python3-testresources -y sudo python3 -m pip install -U pip setuptools wheel -i https://mirrors.aliyun.com/pypi/simple/ sudo pip3 install --ignore-installed -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/ python3 oneforall.py --help ``` -------------------------------- ### Run OneForAll with various configuration flags Source: https://github.com/shmilylty/oneforall/blob/master/README.md Examples of executing the OneForAll tool with different command-line arguments to control subdomain collection, brute-forcing, port scanning, and output formatting. ```bash python3 oneforall.py --target example.com --valid None run ``` ```bash python3 oneforall.py --target example.com --brute True run ``` ```bash python3 oneforall.py --target example.com --port small run ``` ```bash python3 oneforall.py --target example.com --fmt csv run ``` ```bash python3 oneforall.py --target example.com --dns False run ``` ```bash python3 oneforall.py --target example.com --req False run ``` ```bash python3 oneforall.py --target example.com --takeover False run ``` ```bash python3 oneforall.py --target example.com --show True run ``` -------------------------------- ### Install Dependencies on RHEL/Centos Source: https://github.com/shmilylty/oneforall/blob/master/docs/installation_dependency.md Installs GCC, Python development headers, and pip, then upgrades pip, setuptools, and wheel. Finally, it installs project dependencies from requirements.txt, ignoring already installed packages. ```bash cd OneForAll/ sudo yum install gcc python3-devel python3-pip -y sudo python3 -m pip install -U pip setuptools wheel -i https://mirrors.aliyun.com/pypi/simple/ sudo pip3 install --ignore-installed -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/ python3 oneforall.py --help ``` -------------------------------- ### Check Python and Pip Version Source: https://github.com/shmilylty/oneforall/blob/master/README.md Verify that your Python and pip3 installations meet the minimum requirements for OneForAll. Ensure you see output similar to the example. ```bash python -V pip3 -V ``` ```bash Python 3.6.0 pip 19.2.2 from C:\Users\shmilylty\AppData\Roaming\Python\Python36\site-packages\pip (python 3.6) ``` -------------------------------- ### Install Git and Pip3 on Ubuntu/Debian Source: https://github.com/shmilylty/oneforall/blob/master/docs/installation_dependency.md Installs git and python3-pip packages using apt. Ensure you have internet connectivity. ```bash sudo apt update sudo apt install git python3-pip -y ``` -------------------------------- ### Install Git and Pip3 on RHEL/Centos Source: https://github.com/shmilylty/oneforall/blob/master/docs/installation_dependency.md Installs git and python3-pip packages using yum. Ensure you have internet connectivity. ```bash sudo yum update sudo yum install git python3-pip -y ``` -------------------------------- ### Manually Install Python Wheel File Source: https://github.com/shmilylty/oneforall/blob/master/docs/troubleshooting.md Use this command to manually install a Python wheel file when dependency compilation fails. Ensure you have downloaded the correct .whl file for your system and Python version. ```bash pip3 install brotlipy‑0.7.0‑cp38‑cp38‑win_amd64.whl ``` -------------------------------- ### dbexport.py Usage Examples Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md Illustrates various ways to use the dbexport.py module for exporting data, including specifying the database, target type, format, and output path. The 'show' flag controls terminal output. ```bash python3 dbexport.py --target name --format csv --dir= ./result.csv ``` ```bash python3 dbexport.py --db result.db --target name --show False ``` ```bash python3 dbexport.py --target table_name --tb True --show False ``` -------------------------------- ### Install Dependencies Ignoring Installed Packages Source: https://github.com/shmilylty/oneforall/blob/master/docs/troubleshooting.md When encountering errors during dependency installation related to uninstalling existing packages (like PyYAML), use the --ignore-installed flag to proceed. ```bash pip3 install -r requirements.txt --ignore-installed ``` -------------------------------- ### takeover.py Help Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md Displays the help information for the takeover.py module, outlining its purpose and available commands. ```bash python takeover.py --help ``` -------------------------------- ### OneForAll Main Command Help Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md Displays the help message for the main OneForAll script, outlining available commands and flags for subdomain enumeration. ```bash python oneforall.py --help ``` ```text NAME oneforall.py - OneForAll使用帮助 SYNOPSIS oneforall.pyCOMMAND | DESCRIPTION OneForAll是一款功能强大的子域收集工具 Example: python3 oneforall.py version python3 oneforall.py check python3 oneforall.py --target example.com run python3 oneforall.py --targets ./domains.txt run python3 oneforall.py --target example.com --alive False run python3 oneforall.py --target example.com --brute True run python3 oneforall.py --target example.com --port medium run python3 oneforall.py --target example.com --format csv run python3 oneforall.py --target example.com --dns False run python3 oneforall.py --target example.com --req False run python3 oneforall.py --target example.com --takeover False run python3 oneforall.py --target example.com --show True run Note: --port small/medium/large 详见./config/setting.py(默认small) --format csv/json (结果格式,默认CSV) --path 结果路径(默认None,自动生成) FLAGS --target=TARGET 单个域名(必须提供target或targets参数) --targets=TARGETS 每行一个域名的文件路径 --brute=BRUTE 使用爆破模块(默认True) --dns=DNS 开启子域解析(默认True) --req=REQ 开启子域请求(默认True) --port=PORT 请求验证的端口范围(默认medium) --alive=ALIVE 只导出存活子域(默认False) --format=FORMAT 结果格式(默认csv) --path=PATH 结果路径(默认None,自动生成) --takeover=TAKEOVER 开启子域接管检查(默认False) COMMANDS COMMAND is one of the following: check 检查新版本并退出 version 打印版本信息并退出 ``` -------------------------------- ### Run OneForAll with Docker Source: https://github.com/shmilylty/oneforall/blob/master/README.md Execute OneForAll using Docker. Mount your local configuration and results directories to persist settings and output. Replace `~/results` and `~/.config` with your desired paths. ```bash docker pull shmilylty/oneforall docker run -it --rm -v ~/results:/OneForAll/results -v ~/.config:/OneForAll/config shmilylty/oneforall --target example.com run ``` -------------------------------- ### Deploy with Docker Source: https://context7.com/shmilylty/oneforall/llms.txt Run OneForAll using Docker containers for isolated execution and configuration management. ```bash # 拉取Docker镜像 docker pull shmilylty/oneforall # 基础运行 docker run -it --rm \ -v ~/results:/OneForAll/results \ shmilylty/oneforall --target example.com run # 挂载自定义配置文件 docker run -it --rm \ -v ~/results:/OneForAll/results \ -v ~/.config:/OneForAll/config \ shmilylty/oneforall --target example.com run # 批量收集 docker run -it --rm \ -v ~/results:/OneForAll/results \ -v ~/domains.txt:/OneForAll/domains.txt \ shmilylty/oneforall --targets /OneForAll/domains.txt run # 完整参数示例 docker run -it --rm \ -v ~/results:/OneForAll/results \ shmilylty/oneforall \ --target example.com \ --brute True \ --port medium \ --fmt json \ run ``` -------------------------------- ### OneForAll CLI Usage Source: https://context7.com/shmilylty/oneforall/llms.txt Execute subdomain collection tasks using the main entry point script. ```bash # 基础用法 - 收集单个域名的子域名 python3 oneforall.py --target example.com run # 批量收集 - 从文件读取多个域名 python3 oneforall.py --targets ./domains.txt run # 只导出存活的子域名 python3 oneforall.py --target example.com --alive True run # 禁用暴力破解模块(加快速度) python3 oneforall.py --target example.com --brute False run # 指定HTTP请求端口范围 (small=80,443 / medium=常用端口 / large=全端口) python3 oneforall.py --target example.com --port medium run # 禁用DNS解析(只收集不验证) python3 oneforall.py --target example.com --dns False run # 禁用HTTP请求验证 python3 oneforall.py --target example.com --req False run # 启用子域名接管风险检查 python3 oneforall.py --target example.com --takeover True run # 指定输出格式和路径 python3 oneforall.py --target example.com --fmt json --path ./output.json run # 查看版本信息 python3 oneforall.py version # 检查更新 python3 oneforall.py check ``` -------------------------------- ### CLI: oneforall.py Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md The main entry point for OneForAll, used for subdomain collection, resolution, and takeover checks. ```APIDOC ## CLI oneforall.py ### Description Main program entry for subdomain collection. Supports target specification, brute-forcing, DNS resolution, and takeover checks. ### Parameters #### Flags - **target** (string) - Optional - Single domain to scan. - **targets** (string) - Optional - File path containing a list of domains. - **brute** (boolean) - Optional - Enable brute-force module (default: True). - **dns** (boolean) - Optional - Enable subdomain resolution (default: True). - **req** (boolean) - Optional - Enable subdomain request (default: True). - **port** (string) - Optional - Port range for verification: small/medium/large (default: medium). - **alive** (boolean) - Optional - Export only alive subdomains (default: False). - **format** (string) - Optional - Output format: csv/json (default: csv). - **path** (string) - Optional - Result output path. - **takeover** (boolean) - Optional - Enable subdomain takeover check (default: False). ### Commands - **check**: Check for new version. - **version**: Print version information. ``` -------------------------------- ### dbexport.py Help Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md Displays the help information for the dbexport.py module, detailing its functionality for exporting data from the OneForAll database. ```bash python dbexport.py --help ``` -------------------------------- ### OneForAll Subdomain Brute-Force Module Help Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md Displays help for the aiobrute.py module, detailing options for subdomain brute-forcing, including wordlists, recursion, and fuzzing modes. ```bash python aiobrute.py --help ``` ```text NAME brute.py - OneForAll子域爆破模块 SYNOPSIS brute.py DESCRIPTION Example: brute.py --target domain.com --word True run brute.py --targets ./domains.txt --word True run brute.py --target domain.com --word True --coroutine 2000 run brute.py --target domain.com --word True --wordlist subnames.txt run brute.py --target domain.com --word True --recursive True --depth 2 run brute.py --target d.com --fuzz True --place m.*.d.com --rule '[a-z]' run brute.py --target d.com --fuzz True --place m.*.d.com --fuzzlist subnames.txt run Note: --format rst/csv/tsv/json/yaml/html/jira/xls/xlsx/dbf/latex/ods (结果格式,默认CSV) --path 导出路径(默认None,自动生成) FLAGS --target=TARGET 单个域名(必须提供target或targets参数) --targets=TARGETS 每行一个域名的文件路径 --process=PROCESS 爆破的进程数(默认CPU核心数) --coroutine=COROUTINE 每个爆破进程下的协程数(默认2000) --wordlist=WORDLIST 指定爆破所使用的字典路径(默认使用config.py配置) --recursive=RECURSIVE 是否使用递归爆破(默认False) --depth=DEPTH 递归爆破的深度(默认2) --nextlist=NEXTLIST 指定递归爆破所使用的字典路径(默认使用config.py配置) --fuzz=FUZZ 是否使用fuzz模式进行爆破(默认False) --rule=RULE fuzz模式使用的正则规则(默认使用config.py配置) --fuzzlist=FUZZLIST ``` -------------------------------- ### Configure Proxy Settings in api.py Source: https://github.com/shmilylty/oneforall/blob/master/docs/collection_modules.md Use `enable_proxy` to turn on proxy usage. Set `proxy_all_module` to `False` if you only want to proxy specific modules listed in `proxy_partial_module`. ```python enable_proxy = True # 使用代理 proxy_all_module = False # 不代理所有模块 proxy_partial_module = ['GoogleQuery', 'AskSearch'] ``` -------------------------------- ### Run OneForAll with Single Target Source: https://github.com/shmilylty/oneforall/blob/master/README.md Execute OneForAll to scan subdomains for a single target domain. The results will be saved in the 'results' directory. ```bash python3 oneforall.py --target example.com run ``` -------------------------------- ### Configure API Keys Source: https://context7.com/shmilylty/oneforall/llms.txt Set up required API credentials for various collection modules in config/api.py. ```python # config/api.py API配置示例 # Censys API - https://censys.io/api censys_api_id = 'your_api_id' censys_api_secret = 'your_api_secret' # SecurityTrails API - https://securitytrails.com/corp/api securitytrails_api = 'your_api_key' # Shodan API - https://account.shodan.io/register shodan_api_key = 'your_api_key' # VirusTotal API - https://developers.virustotal.com/reference virustotal_api_key = 'your_api_key' # Fofa API - https://fofa.so/api fofa_api_email = 'your_email' fofa_api_key = 'your_api_key' # ZoomEye API - https://www.zoomeye.org/doc zoomeye_api_key = 'your_api_key' # GitHub API - https://github.com/settings/tokens github_api_user = 'your_username' github_api_token = 'your_token' # BinaryEdge API - https://app.binaryedge.io/account/api binaryedge_api = 'your_api_key' # Google Custom Search API google_api_id = 'your_search_engine_id' google_api_key = 'your_api_key' ``` -------------------------------- ### Run OneForAll with Multiple Targets Source: https://github.com/shmilylty/oneforall/blob/master/README.md Execute OneForAll to scan subdomains for multiple target domains listed in a text file. Ensure the file contains one domain per line. ```bash python3 oneforall.py --targets ./example.txt run ``` -------------------------------- ### Takeover Detection Module CLI Source: https://context7.com/shmilylty/oneforall/llms.txt Identify potential subdomain takeover risks by matching CNAME records. ```bash # 检测单个子域名 python3 takeover.py --target www.example.com run # 从文件批量检测子域名 python3 takeover.py --targets ./subdomains.txt run # 指定线程数(默认20) python3 takeover.py --targets ./subdomains.txt --thread 50 run # 指定输出格式和路径 python3 takeover.py --targets ./subdomains.txt --fmt csv --path ./takeover_result.csv run # JSON格式输出 python3 takeover.py --targets ./subdomains.txt --fmt json run ``` -------------------------------- ### Configure OneForAll Settings Source: https://context7.com/shmilylty/oneforall/llms.txt Modify global parameters such as module toggles, concurrency, and proxy settings in config/setting.py. ```python # config/setting.py 主要配置项示例 # 模块开关 enable_brute_module = True # 启用暴力破解模块 enable_dns_resolve = True # 启用DNS解析 enable_http_request = True # 启用HTTP请求验证 enable_finder_module = True # 启用JS中子域名发现 enable_altdns_module = True # 启用子域名置换技术 enable_takeover_check = False # 启用接管检测 # 请求端口范围 http_request_port = 'small' # small=80,443 | medium=常用端口 | large=全端口 # 结果导出设置 result_export_alive = False # 只导出存活子域 result_save_format = 'csv' # 保存格式: csv/json # 暴力破解设置 brute_concurrent_num = 2000 # 并发查询数量(最大建议10000) brute_wordlist_path = None # 自定义字典路径 enable_recursive_brute = False # 递归爆破 brute_recursive_depth = 2 # 递归深度 # 代理设置 enable_request_proxy = False # 启用代理 proxy_all_module = False # 代理所有模块 proxy_partial_module = ['GoogleQuery', 'YahooSearch'] # 代理指定模块 request_proxy_pool = [ {'http': 'http://127.0.0.1:1080', 'https': 'http://127.0.0.1:1080'} ] # 泛解析处理 ip_appear_maximum = 100 # IP出现超过100次标记为泛解析 cname_appear_maximum = 50 # CNAME出现超过50次标记为泛解析 ``` -------------------------------- ### CLI: aiobrute.py Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md A specialized module for high-performance subdomain brute-forcing. ```APIDOC ## CLI aiobrute.py ### Description Standalone module for subdomain brute-forcing with support for recursive brute-forcing and fuzzing modes. ### Parameters #### Flags - **target** (string) - Optional - Single domain to scan. - **targets** (string) - Optional - File path containing a list of domains. - **process** (integer) - Optional - Number of brute-force processes (default: CPU core count). - **coroutine** (integer) - Optional - Number of coroutines per process (default: 2000). - **wordlist** (string) - Optional - Path to custom dictionary. - **recursive** (boolean) - Optional - Enable recursive brute-forcing (default: False). - **depth** (integer) - Optional - Depth for recursive brute-forcing (default: 2). - **fuzz** (boolean) - Optional - Enable fuzzing mode (default: False). - **rule** (string) - Optional - Regex rule for fuzzing mode. ``` -------------------------------- ### Clone OneForAll Repository Source: https://github.com/shmilylty/oneforall/blob/master/README.md Clone the latest version of the OneForAll project using git. This is recommended for continuous updates. You can use either the Gitee or GitHub repository. ```bash git clone https://gitee.com/shmilylty/OneForAll.git ``` ```bash git clone https://github.com/shmilylty/OneForAll.git ``` -------------------------------- ### Clone OneForAll Repository Source: https://github.com/shmilylty/oneforall/blob/master/docs/installation_dependency.md Clones the OneForAll project from the specified Gitee repository URL. This command is common for Linux and Darwin systems. ```bash git clone https://gitee.com/shmilylty/OneForAll.git ``` -------------------------------- ### Configure Enabled Modules in api.py Source: https://github.com/shmilylty/oneforall/blob/master/docs/collection_modules.md Set `enable_all_module` to `False` and `enable_partial_module` to a list of tuples specifying modules to enable. Each tuple contains the module path and the specific function or module name. ```python enable_all_module = False # 不开启所有模块 enable_partial_module = [('modules.search', 'ask'), ('modules.search', 'baidu')] ``` -------------------------------- ### Understand Result Data Structure Source: https://context7.com/shmilylty/oneforall/llms.txt Review the fields returned in the collection results. ```python # 结果字段说明 { 'id': 1, # 唯一ID 'alive': 1, # 是否存活 (1=存活, 0=不存活) 'request': 1, # HTTP请求状态 'resolve': 1, # DNS解析状态 'url': 'http://www.example.com', # 完整URL 'subdomain': 'www.example.com', # 子域名 'port': 80, # 端口号 'level': 1, # 子域层级 'cname': 'example.cdn.com', # CNAME记录 'ip': '1.2.3.4', # IP地址 'public': 1, # 是否公网IP 'cdn': 0, # 是否CDN 'status': 200, # HTTP状态码 'reason': 'OK', # 状态原因 'title': 'Example Domain', # 页面标题 'banner': 'nginx/1.18.0', # 服务Banner 'cidr': '1.2.3.0/24', # CIDR网段 'asn': 'AS12345', # ASN号 'org': 'Example Inc.', # 组织名称 'addr': 'United States', # 地理位置 'isp': 'Amazon', # ISP提供商 'source': 'crtsh', # 发现来源模块 } ``` -------------------------------- ### Database Export Module CLI Source: https://context7.com/shmilylty/oneforall/llms.txt Export collected subdomain data from the SQLite database. ```bash # 导出指定域名的结果为CSV python3 export.py --target example.com --fmt csv run # 只导出存活的子域名 python3 export.py --target example.com --alive True run # 指定数据库路径 python3 export.py --db ./results/result.sqlite3 --target example.com run # 导出为JSON格式 python3 export.py --target example.com --fmt json --path ./result.json run # 在终端显示导出数据 python3 export.py --target example.com --show True run ``` -------------------------------- ### Brute Force Module CLI Source: https://context7.com/shmilylty/oneforall/llms.txt Perform subdomain brute-forcing using dictionary or Fuzz modes. ```bash # 字典模式爆破 - 使用默认字典 python3 brute.py --target example.com --word True run # 批量爆破多个域名 python3 brute.py --targets ./domains.txt --word True run # 指定并发数量(默认2000) python3 brute.py --target example.com --word True --concurrent 5000 run # 使用自定义字典 python3 brute.py --target example.com --word True --wordlist /path/to/wordlist.txt run # 递归爆破 - 发现子域后继续爆破下一层 python3 brute.py --target example.com --word True --recursive True --depth 3 run # Fuzz模式 - 使用正则规则生成字典 python3 brute.py --target example.com --fuzz True --place "*.example.com" --rule '[a-z]{3}' run # Fuzz模式 - 使用自定义位置和字典 python3 brute.py --target example.com --fuzz True --place "api-*.example.com" --fuzzlist ./fuzz.txt run # 指定输出格式 python3 brute.py --target example.com --word True --fmt json run ``` -------------------------------- ### Update OneForAll Project Source: https://github.com/shmilylty/oneforall/blob/master/README.md Update your local OneForAll repository to the latest version while preserving local modifications to configuration files. This involves stashing changes, fetching updates, pulling, and reapplying stashed changes. ```bash git stash git fetch --all git pull git stash pop ``` -------------------------------- ### takeover.py - Subdomain Takeover Risk Assessment Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md The takeover.py module performs multi-threaded subdomain takeover risk checks. ```APIDOC ## takeover.py ### Description OneForAll multi-threaded subdomain takeover risk check module. ### Method CLI Execution ### Parameters #### Positional Arguments - **TARGET** (string) - Required - Single subdomain or file path containing subdomains per line. #### Flags - **--thread** (int) - Optional - Number of threads (default: 100). - **--dpath** (string) - Optional - Export directory (default: None). - **--format** (string) - Optional - Export format (default: xls). Options: 'txt', 'rst', 'csv', 'tsv', 'json', 'yaml', 'html', 'jira', 'xls', 'xlsx', 'dbf', 'latex', 'ods'. ### Request Example python3 takeover.py --target www.example.com --format csv run ``` -------------------------------- ### dbexport.py - Database Export Module Source: https://github.com/shmilylty/oneforall/blob/master/docs/usage_help.md The dbexport.py module allows for exporting data from the OneForAll database into various formats. ```APIDOC ## dbexport.py ### Description OneForAll database export module. ### Method CLI Execution ### Parameters #### Positional Arguments - **TARGET** (string) - Required - The target type to export. #### Flags - **--type** (string) - Optional - Target type to export (default: target). - **--db** (string) - Optional - Path to the database (default: results/result.sqlite3). - **--valid** (string) - Optional - Validity of subdomains to export (default: None). - **--path** (string) - Optional - Export path (default: None). - **--format** (string) - Optional - Export format (default: xlsx). Options: 'rst', 'csv', 'tsv', 'json', 'yaml', 'html', 'jira', 'xls', 'xlsx', 'dbf', 'latex', 'ods'. - **--show** (boolean) - Optional - Display exported data in terminal (default: False). ### Request Example python3 dbexport.py --target name --format csv --dir= ./result.csv ``` -------------------------------- ### OneForAll Python API Integration Source: https://context7.com/shmilylty/oneforall/llms.txt Integrate OneForAll functionality directly into Python scripts. ```python # 基础API调用 from oneforall import OneForAll # 创建OneForAll实例 ofa = OneForAll(target='example.com') # 配置参数 ofa.brute = True # 启用暴力破解 ofa.dns = True # 启用DNS解析 ofa.req = True # 启用HTTP请求 ofa.takeover = False # 禁用接管检测 ofa.port = 'small' # 端口范围: small/medium/large ofa.alive = False # 导出全部结果 ofa.fmt = 'csv' # 输出格式 # 运行收集 ofa.run() # 获取结果 results = ofa.datas # 所有子域名结果列表 ``` ```python # 独立使用暴力破解模块 from brute import Brute # 字典模式爆破 brute = Brute(target='example.com', word=True) brute.concurrent_num = 3000 # 并发数 brute.wordlist = './data/subnames.txt' # 字典路径 brute.run() # 递归爆破 brute = Brute( target='example.com', word=True, recursive=True, depth=2 ) brute.run() # Fuzz模式 brute = Brute( target='example.com', fuzz=True, place='*.example.com', rule='[a-z]{2}[0-9]' ) brute.run() ``` ```python # 独立使用接管检测模块 from takeover import Takeover # 检测子域名列表 subdomains = {'www.example.com', 'api.example.com', 'cdn.example.com'} takeover = Takeover(targets=subdomains) takeover.thread = 30 # 线程数 takeover.run() # 从文件加载子域名 takeover = Takeover(targets='./subdomains.txt') takeover.fmt = 'json' takeover.path = './takeover_results.json' takeover.run() ``` ```python # 数据库操作 from common.database import Database from export import export_data # 直接导出数据 data = export_data( target='example.com', alive=True, # 只导出存活子域 fmt='csv', path='./result.csv' ) # 数据库查询操作 db = Database() # 检查表是否存在 exists = db.exist_table('example_com') # 获取所有数据 results = db.get_data('example_com') # 获取指定字段 fields = ['subdomain', 'ip', 'status', 'title'] data = db.get_data_by_fields('example_com', fields) # 统计存活数量 alive_count = db.count_alive('example_com') # 关闭连接 db.close() ``` -------------------------------- ### Subdomain Result Schema Source: https://github.com/shmilylty/oneforall/blob/master/docs/field.md Detailed breakdown of the fields stored in the OneForAll result database for discovered subdomains. ```APIDOC ## Subdomain Result Fields ### Description This schema defines the fields stored in the OneForAll result database for each discovered subdomain. ### Fields - **id** (int) - Identifier. - **new** (boolean) - Marks if the subdomain is newly discovered. - **alive** (boolean) - Indicates if the subdomain is alive (false if DNS resolution fails, network unreachable, or 400/5XX errors). - **request** (int) - HTTP request status: empty (DNS fail), 0 (unreachable), 1 (success). - **resolve** (boolean) - Indicates if DNS resolution was successful. - **url** (string) - The requested URL. - **subdomain** (string) - The discovered subdomain. - **level** (int) - Subdomain level. - **cname** (string) - CNAME record. - **ip** (string) - Resolved IP address. - **public** (boolean) - Indicates if the IP is a public IP. - **cdn** (boolean) - Indicates if the IP is behind a CDN. - **port** (int) - Network port. - **status** (int) - HTTP response status code. - **reason** (string) - Network connection details. - **title** (string) - Website title. - **banner** (string) - Website fingerprint information. - **history** (string) - URL redirect history. - **response** (string) - Response body text. - **times** (int) - Frequency of IP appearance during brute-forcing. - **ttl** (int) - DNS TTL value. - **cidr** (string) - CIDR from ip2location. - **asn** (string) - ASN from ip2location. - **addr** (string) - Physical address from ip2region. - **isp** (string) - ISP from ip2region. - **resolver** (string) - DNS resolver used. - **module** (string) - Module used to discover the subdomain. - **source** (string) - Specific source of discovery. - **elapse** (float) - Time taken by the module. - **find** (int) - Number of subdomains found by the module. ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.