Perform a reverse IP.. lookup to lớn find all A records associated with an IP.. address. The results can pinpoint virtual hosts being served from a website server. Information gathered can be used khổng lồ expand the attack surface when identifying vulnerabilities on a hệ thống.

Bạn đang xem: Reverse ip lookup

What is a Reverse IPhường Lookup?

The technique known as Reverse IPhường Lookup is a way lớn identify hostnames that have sầu DNS (A) records associated with an IP address.

A web server can be configured lớn serve sầu multiple virtual hosts from a single IP address. This is a common technique in shared hosting environments. It is also common in many organizations và can be an excellent way lớn exp& the attaông chồng surface during reconnaissance of a website server. If for example, your primary target web site appears lớn be secure, you may be able to gain access to lớn the underlying operating system by attacking a less secure site on the same VPS. Potentially bypassing the security controls of the target site.

CIDR Search

Not only can you use the Reverse IPhường lookup to lớn find website hosts on a single IP.. address, the query can also be performed against a CIDR network block. Search hosts across up to lớn a /24 of public IP. addresses.

Free users are limited by the number of results. Registered members can get up to 500"000 results from a single query using the website form or 6 million using the API (see below).

Reverse IPhường Limits
FREE USER Membership
Queries / day20500 - 20000# based on plan
Max # of Results500up lớn 6 million

With a membership get up lớn six million results from a single query. A gold mine of data for security analysts, network defenders and other cyber security professionals.


Bing Reverse IP Search

There are usually not many reasons to use Bing, however, the Bing reverse IPhường search is sometimes one. Of the major search engines, Bing is the only service khổng lồ offer a search query that resolves hostnames from an IPhường address.

A few years ago this was a popular method for finding virtual web hosts from an IPhường address. The search query is straight forward to lớn use. Here is an example.


Making a query such as one in the example will show results from hosts that are using the ip address that matches the query. Bing uses its search index to persize the reverse IP.. lookup và it can still be used today.

Popular Use Cases for the Reverse IPhường. Lookup

Attaông xã Surface Discovery for Blue và Red Teams

When attacking a host, one of the first things you will vị is attempt khổng lồ identify the attaông xã surface of the host. With an understanding of the attaông chồng surface, the next step is khổng lồ enumerate the applications & services in use. Following enumeration, a skilled penetration tester will be able khổng lồ identify weak spots where vulnerabilities may become opportunities for exploitation.

Xem thêm: Các Quy Định Về An Toàn Thiết Bị Nâng Là Gì ? Định Nghĩa Thiết Bị Nâng Hạ Là Gì

Using the Reverse IPhường Lookup technique, it is possible khổng lồ identify web sites on the host that may contain vulnerabilities khổng lồ exploit. Even if no vulnerabilities are present, information disclosure can be used khổng lồ build the penetration tester"s knowledge of the target.

Simply identifying additional hostnames that are related lớn the target can further inform the information discovery cycle as the new hostnames may have sầu additional DNS records that can point lớn new target hosts.


In the above OSINT discovery chart you can see that a reverse IP. lookup is one part of the information discovery process.

Incident Response và Threat Intelligence

Whether responding lớn an incident, identifying a botnet C2, or simply tracking down noisy Internet scanning, a reverse IP lookup can identify hostnames associated with an attacking system. These findings can further inkhung the investigation & lead to lớn additional information sources.

Oversubscribed Web Hosting

When purchasing website hosting in a shared hosting environment, the web host provider sells small amounts of resources on a hệ thống lớn a number of website sites. To cut costs, the website host provider may oversubscribe, that is, sell more website sites than the VPS can handle. This is common in cheaper shared hosting providers, where a single web VPS can hosts thousands of small website sites. Using the reverse IPhường address lookup you can identify how many sites you are sharing that host with.

Web Hosting Reputation

Hosts with poor reputation can affect gmail delivery, blacklisting of your site, và tìm kiếm engine ranking. Use the reverse IP address lookup service to identify other sites on your host. Next, use investigative sầu tools lớn identify if these other hosts are of poor chất lượng, perhaps even spam or phishing sites.

How is the DNS data queried?

The bulk of the data for the reverse IP.. lookup tool comes from our crawls of the Alexa Top 1 Million sites, Search Engines (Bing), Common Crawl, Certificate Transparency, & the excellent project. The DNS A records total approximately 90G of plain text host records. The query simply searches through this data on our backkết thúc systems to lớn find all hosts that match the IP address entered.

Reverse DNS Lookup

A reverse DNS lookup is a bit different lớn the commonly used definition for a reverse IP.. lookup. In the case of a reverse dns lookup, the IPhường. address is checked against a DNS server khổng lồ see if there is a PTR record associated with that IP. address. This PTR record is assigned by the IP address bloông xã owner.

Reverse IPhường. Lookup API

An easy to lớn use simple API for quiông chồng access to our backend database. Use curl, pynhỏ nhắn or any website request against the API url below lớn receive sầu the results in plain text format. more than 500000 results?Simply use the &page= parameter on the API request. Will work for up to lớn 6 million results for a single IPhường address (any membership level required). API is simple to lớn use and aims to be a quiông chồng reference tool. Like all our IPhường Tools there is a limit of 50 queries per day and a max of 500 results as a Free user. Remove sầu limits with a Full Membership..

For those who need lớn sover more packets nâng cấp lớn Enterprise Plans.