Idea for a security application

I think the best way to learn a new (programming) language is to address a real world problem :). So here is one, I want to solve in the next few months.

One of the things I like to do as part of a evaluation security process is to check the amount of public information available for a website. I frequently find that people find information leakage from websites they thought were secure or not publicly accessible.

The idea is to create a python script to do the following

  • Must have
    • Inject list of hostnames and do the following
      • Check whether they resolve to a public IP or not
      • If resolving to public IP, check the amount of data being exposed by this site by doing a quick google search
      • Report on the amount of information available sorted by amount
  • Nice to have
    • take domain name instead of hostnames and try to do a domain transfer and capture all hostnames in the domain
    • leverage Google API instead of web scraping
    • web interface to allow input and show output

Why python? Well, I have been trying to learn it for sometime now and I think it is time to put all that learning to use :).

Anyone interested in joining the fun?