I had a crazy idea the other day. I started manually putting random DNS ( a couple from my list of about 2.4 million lol) into virus totals website to check to see known threats and often times what threat they contain. I noticed that if you find a dns that has multiple hits, it will also tell you domains that relate to the one you entered.
Now I am not very good at Python but I am kind of hobbling along to get python working with virus totals api to do a couple things:
- if theres no threats found delete the entry (maybe)
- if there are threats, download and get all the domains related to the one searched.
Would anybody be interested in this? Its ugly right now and only half working so I will clean it up before I release it to the public.