Add dangle.sh

new repo with public access

dangle.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Load environment variables from .env file
+if [ -f .env ]; then
+    source .env
+else
+    echo "Error: .env file not found. create one with your API keys."
+    exit 1
+fi
+
+# AWS CLI Configuration (ensure you have AWS CLI configured)
+AWS_PROFILE="$AWS_PROFILE"
+
+# J1 API Configuration (read from .env)
+J1_API_KEY="$J1_API_KEY"
+J1_ACCOUNT="$J1_ACCOUNT"
+
+# Get all hosted zones
+hosted_zones=$(aws route53 list-hosted-zones --profile $AWS_PROFILE --output text | cut -f 3)
+
+for zone_id in $hosted_zones; do
+    # Get all resource record sets for each zone
+    record_sets=$(aws route53 list-resource-record-sets --hosted-zone-id $zone_id --profile $AWS_PROFILE --output text)
+
+    while read -r line; do
+        # Extract relevant information from each record set
+        name=$(echo $line | cut -f 2)
+        type=$(echo $line | cut -f 3)
+        values=$(echo $line | cut -f 5-)
+
+        # Handle different record types (you might need to add more types)
+        if [ "$type" == "A" ] || [ "$type" == "CNAME" ]; then
+            for value in $values; do
+                # Query JupiterOne to check asset ownership
+                # (This part needs to be implemented using JupiterOne's API)
+                j1_query="Find asset where properties.value = '$value'"
+                j1_result=$(curl -s -H "Authorization: Bearer $J1_API_KEY" "https://api.us.jupiterone.io/graphql/$J1_ACCOUNT" -d '{"query": "'"$j1_query"'"}')
+
+                # Process JupiterOne result and output information
+                if [[ $j1_result == *"\"totalCount\":0"* ]]; then
+                    echo "$name ($type) points to $value (Asset not found in JupiterOne)"
+                else
+                    echo "$name ($type) points to $value (Asset found in JupiterOne)"
+                fi
+            done
+        fi
+    done <<< "$record_sets"
+done