The Web Local




The BiLE suite includes a number of PERL scripts that can be used by a Penetration Tester to aid in the enumeration phase of a test.  BiLE itself stands for Bi-directional Link Extraction utilities. The suite of tools essentially can be used in the footprinting process to find both obvious and non-obvious relationships between disparate.  With this information a Pen Tester may then decide to try and access sites with close realtionships to the target as a means of a stepping stone into the target network.


Note: - This process depends on the fact that the linked sites you plan to attack to get thru to your target are actually owned by the target company and are in the scope of the test.


The BiLE suite is available from here.




There is one requirement to enable the suite of perl scripts to function correctly and that is httrack, the website copying application which is available from here.


To install httrack:


tar -zxvf httrack-3.40-2.tar.gz


make make install


To install BiLE:


tar -zxvf BilePublic.gz

tar -zxvf BiLE-suite.gz




To identify links between sites we use the script:


Usage <site> <outfile>

root@hacker Bile]# perl blackhat


This produces 2 text files blackhat.mine and blackhat.walrus.  The latter file details just the links between the sites in the format target_site:linked_site i.e.


The former details sites that links from:


====> Link from: []

====> Link from: []

====> Link from: []

====> Link from: []

====> Link from: []

====> Link from: []

====> Link from: []

====> Link from: []

====> Link from: []


With this information we can then try and determine the weight of the link between sites, utilising


Usage: perl output.file.from.bile.mine

root@hacker Bile]# perl blackhat.mine


The file blackhat.mine.sorted is then created:


Obviously the higher the number the more of a link between each sites and hence the relationship.


Other tools that come in this suite include:


This script performs DNS lookups for a set of DNS names.  The IP addresses obtained are stored and a DNS lookup is performed on a second set of DNS names.  If the IP addresses returned match any from the first query they are written to file.  This tool is very useful for determining the use of virtual hosting and grouping of domains.


Usage:  perl [input file] [true domain file] [output file] <range>


As vet-IPrange, this script queries mx records to interpret if any relationships between domains can be detected.


Usage:  perl [input file] [true domain file] [output file]


This script takes a given list of domain names and tries to determine if any are valid in other TLD's.


Usage:  perl [input file] [output file]


IT Security News:


Pen Testing Framework:


Latest Tool Reviews: