dio-lookup
v0.2.0
Published
Pipe internet assets to lookup.disclose.io and get security-disclosure contacts as JSONL.
Maintainers
Readme
dio-lookup
Pipe internet assets into lookup.disclose.io and get security-disclosure contacts back — Unix-style, from your terminal.
Part of the disclose.io Project — the open, vendor-neutral infrastructure for vulnerability disclosure. Browse the ecosystem →
dio-lookup
Pipe internet assets to lookup.disclose.io and get the right security-disclosure contact for each — as JSONL, built for recon pipelines.
Give it a domain, IP, ASN, URL, email, package, repo, container, cloud resource, mobile app, hardware, browser extension, or org name; get back the owner and where to report a vulnerability (security.txt, bug bounty program, VDP, PSIRT, national CERT).
subfinder -d example.com | httpx -silent | dio-lookup > contacts.jsonl
cat hosts.txt | dio-lookup -c 8
dio-lookup cloudflare.com npm:express gh:facebook/reactInstall
With Bun (run from source):
bun install -g dio-lookup # or: git clone + bun linkPrebuilt binary (no runtime needed) — grab the right asset from Releases, then:
chmod +x dio-lookup && sudo mv dio-lookup /usr/local/bin/Usage
dio-lookup [options] [asset ...]
cat hosts.txt | dio-lookup [options]
-c, --concurrency N parallel requests (default 5)
-k, --key KEY API key (raises rate limits); or set DIO_API_KEY
--api URL API endpoint (default https://lookup.disclose.io/api/lookup)
--full emit the full LookupResult instead of the compact summary
--nuclei read `nuclei -jsonl` on stdin: extract & de-duplicate the
scanned hosts, then enrich each one
-V, --version print version
-h, --help helpOne JSON object per asset on stdout. Compact form:
{"input":"cloudflare.com","assetType":"domain","status":"complete","organization":"Cloudflare","jurisdiction":"US","contacts":[{"type":"security_txt","value":"https://www.cloudflare.com/.well-known/security.txt","confidence":"high"}]}Pull just the reporting channels with jq:
cat hosts.txt | dio-lookup | jq -r 'select(.status=="complete") | "\(.input)\t\(.contacts[0].value)"'Nuclei
Close the loop from "found something" to "here's who to tell." Pipe a Nuclei scan straight into dio-lookup and get the disclosure contact for every host it touched:
nuclei -u example.com -jsonl | dio-lookup --nuclei--nuclei reads Nuclei's JSONL (one finding object per line — not bare hosts), pulls the scanned host from each finding, and de-duplicates before looking anything up. That dedupe matters: a scan can emit hundreds of findings across the same handful of hosts, and collapsing them to one lookup per unique host keeps you well under the API rate limit. For large scans, pass an API key (-k / DIO_API_KEY).
Prefer no extra flag? This bridge is equivalent and works with any dio-lookup:
nuclei -u example.com -jsonl | jq -r '.host' | sort -u | dio-lookupHeads-up: each scanned host is sent to lookup.disclose.io (which logs requests). For target lists under NDA, use the deduped form and mind the egress.
Notes
- Free and anonymous. A free API key only raises rate limits — request one by emailing [email protected]. Pass it with
-korDIO_API_KEY. - Honors the API's
Retry-Afteron 429 and retries transient failures. --fullemits the completeLookupResult(attribution, contacts, resolution chain, data sources) — see the OpenAPI spec.
A disclose.io project. MIT licensed.
