This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.

Overview

EnumIT

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where this function first perform basic google dorking to find the targets public documents. These documents will then be downloaded to the attackers computer and can be used further to identify metadata about the client.

Installation

  • Create virtual enviroment: python3 -m venv enumit
  • Activate the virtual enviroment: source enumit/bin/activate
  • Install the required packages: pip install -r requirements.txt

Basic Usage

Google Dorking

Download the files found

python3 run.py --domain example.com --google --filetypes pdf --download-files

Create json list, no download

python3 run.py --domain example.com --google --filetypes pdf docx jpg

Certificates

This function will query https://crt.sh for the domain name, and create a de-duplicated list for further proccessing.

python3 run.py --domain example.com --cert

DNS

Perform dns lookup on the domain flag, can be used with the flag --cert to find DNS records of subdomains.

python3 run.py --domain example.com --dns --dns-records A AAAA MX NS

Shodan

In order to use the shodan function, you must have the shodan and api key flag enabled.

python3 run.py --domain example.com --shodan --shodan-api-key <KEY>

Portscan

This function will take all the ipv4 addresses previsuly found and perform a shodan lookup on them to find open ports. by default, it will only scan the IPv4 address resolved by the --domain flag. This flag is recomended if you've used the other functions with it.

python3 run.py --domain example.com --shodan --shodan-api-key <KEY> --portscan

Bananas

python3 run.py --domain example.com --cert --dns --dns-types A AAAA NS MX --shodan --shodan-api-key <KEY> --portscan --ssl

Notice!

  • When you perform a scan, the result will be saved under . \ in the folder.
  • You might be ratelimited by google if you use the function heavly.
  • Using the portscan function will not quaranty that all ports has been scanned on the host, but will rather give a indication on what to expect on the hosts.
Owner
Tobias
Tobias
Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.

This program is an non-object oriented opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-

35 Apr 17, 2022
Apache Solr SSRF(CVE-2021-27905)

Solr-SSRF Apache Solr SSRF #Use [-] Apache Solr SSRF漏洞 (CVE-2021-27905) [-] Options: -h or --help : 方法说明 -u or --url

Henry4E36 70 Nov 09, 2022
Searches through git repositories for high entropy strings and secrets, digging deep into commit history

truffleHog Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accident

Truffle Security 10.1k Jan 09, 2023
Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服

86 Dec 09, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

3 Feb 20, 2022
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Marcel 5 Nov 17, 2022
Add a Web Server based on Rogue Mysql Server to allow remote user get

介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-

6 May 17, 2022
Python HDFS client

Python HDFS client Because the world needs yet another way to talk to HDFS from Python. Usage This library provides a Python client for WebHDFS. NameN

Jing Wang 82 Dec 28, 2022
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
Generate your own NFTs and their metadata based on your desired probabilities.

Generate your own NFTs and their metadata based on your desired probabilities. Use your own art assets too! Perfect for use with Candy Machine.

hex 7 Sep 16, 2022
recover Firefox and more browsers logins

Browser Creds this script will recover saved browsers logins into txt files. It currently only support windows 10. currently support : Chrome Opera Fi

HugoLB 41 Nov 09, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t

Trewis [work] Scotch 4 Sep 23, 2022
macOS Initial Access Payload Generator

Mystikal macOS Initial Access Payload Generator Related Blog Post: https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520 Usage: Install Xcode

Leo Pitt 206 Dec 31, 2022
This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

Vacuum-Cleaner Python3 This is a Python3 agent that implements a simulator for a vacuum cleaner and it is introduction to Artificial Intelligence. A s

Abdultawwab Safarji 6 Nov 14, 2022
CVE-2022-22965 - CVE-2010-1622 redux

CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la

Duarte Duarte 20 Aug 25, 2022
大宝剑-信息收集和资产梳理工具(红队、蓝队、企业组织架构、子域名、Web资产梳理、Web指纹识别、ICON_Hash资产匹配)

大宝剑-信息收集和资产梳理工具(红队、蓝队、企业组织架构、子域名、Web资产梳理、Web指纹识别、ICON_Hash资产匹配)

Wolf Group Security Team 835 Jan 05, 2023
This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things.

Fuzzing PDFs like its 1990s This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things. Some discl

Chaithu 14 Sep 30, 2022
cve-2021-21985 exploit

cve-2021-21985 exploit 0x01 漏洞点 分析可见: https://attackerkb.com/topics/X85GKjaVER/cve-2021-21985?referrer=home#rapid7-analysis 0x02 exploit 对beans对象进行重新构

xnianq 105 Nov 22, 2022
⛤Keylogger Generator for Windows written in Python⛤

⛤Keylogger Generator for Windows written in Python⛤

FZGbzuw412 33 Nov 24, 2022
IDA Python Script for anti ollvm

IDA Python Script for anti ollvm

Shocker 62 Dec 23, 2022