Web-eyes - OSINT tools for website research

Overview

WEB-EYES V1.0

web-eyes: OSINT tools for website research, 14 research methods are available:

  1. HINFO: HTTP HEADERS SCANNER
  2. HSECURE: HTTP SECURITY HEADERS SCANNER
  3. WEBTECH: WEBSITE TECHNOLOGY LOOKUP
  4. WHOIS: WHOIS LOOKUP
  5. RWHOIS: REVERSE WHOIS LOOKUP
  6. IPHISTORY: IP HISTORY LOOKUP
  7. DNSLOOK: DNS RECORDS LOOKUP
  8. SUBDOMAINS: SUBDOMAINS SCANNER
  9. CERTFILE: CERTIFICATE LOOKUP
  10. IPLOOK: IP ADDRESS LOOKUP
  11. RIPLOOK: REVERSE IP ADDRESS LOOKUP
  12. RDNSLOOK: REVERSE DNS LOOKUP
  13. TCPSCAN: TCP PORTS SCANNER
  14. UDPSCAN: UDP PORTS SCANNER

  1. HINFO: HINFO [URL] => HINFO [https://example.com]
  2. HSECURE: HSECURE [URL] => HSECURE [https://example.com]
  3. WEBTECH: WEBTECH [DOMAIN] => WEBTECH [example.com]
  4. WHOIS: WHOIS: WHOIS [DOMAIN] => WHOIS [example.com]
  5. RWHOIS: RWHOIS: RWHOIS [DOMAIN] => RWHOIS [example.com]
  6. IPHISTORY: IPHISTORY: IPHISTORY [DOMAIN] => IPHISTORY [example.com]
  7. DNSLOOK: DNSLOOK [DOMAIN] => DNSLOOK [example.com]
  8. SUBDOMAINS: SUBDOMAINS [DOMAIN] => SUBDOMAINS [example.com]
  9. CERTFILE: CERTFILE [DOMAIN] => CERTFILE [example.com]
  10. IPLOOK: IPLOOK [IP] => IPLOOK [1.1.1.1]
  11. RIPLOOK: RIPLOOK [DOMAIN, IP] => RIPLOOK [https://example.com, 1.1.1.1]
  12. RDNSLOOK: RDNSLOOK [IP] => RDNSLOOK [1.1.1.1]
  13. TCPSCAN: TCPSCAN [IP] [PORT => COMMON, OWN] => TCPSCAN [1.1.1.1] [COMMON, 80]
  14. UDPSCAN: UDPSCAN [IP] [PORT => COMMON, OWN] => UDPSCAN [1.1.1.1] [COMMON, 80]

Prerequisites

apt-get install python3
pip3 install requests
pip3 install dnspython

Install

git clone https://github.com/r4bin/web-eyes.git
cd web-eyes
chmod +x web-eyes.py
./web-eyes.py

or

git clone https://github.com/r4bin/web-eyes.git
cd web-eyes
python3 web-eyes.py
Automatic SQL injection and database takeover tool

sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of

sqlmapproject 25.7k Jan 08, 2023
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

This project is no longer maintained March 2020 Update: Please go see the amazing Pysa tutorial that should get you up to speed finding security vulne

2.1k Dec 25, 2022
Convert a collection of features to a fixed-dimensional matrix using the hashing trick.

FeatureHasher Convert a collection of features to a fixed-dimensional matrix using the hashing trick. Note, this requires Jina=2.2.4. Example Here I

Jina AI 5 Mar 15, 2022
Python tool for dumping flash via uboot reliably

Reliable Uboot Flash Dumper is a Python tool for dumping flash via uboot reliably. If you've ever had to dump flash via uboot and a serial connection and became frustrated about doing it several time

SecurityJon 25 May 10, 2022
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
GitLab CI security tools runner

Common Security Pipeline Описание проекта: Данный проект является вариантом реализации DevSecOps практик, на базе: GitLab DefectDojo OpenSouce tools g

Сити-Мобил 14 Dec 23, 2022
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Astro 9 Sep 27, 2022
A python script to bypass 403-forbidden.

4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us

11 Aug 27, 2022
Generate your own NFTs and their metadata based on your desired probabilities.

Generate your own NFTs and their metadata based on your desired probabilities. Use your own art assets too! Perfect for use with Candy Machine.

hex 7 Sep 16, 2022
CVE-2022-21907 Vulnerability PoC

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm

Michele 16 Dec 18, 2022
The First Python Compatible Camera Hacking Tool

ZCam Hack webcam using python by sending malicious link. FEATURES : [+] Real-time Camera hacking [+] Python compatible [+] URL Shortener using bitly [

Sanketh J 109 Dec 28, 2022
Community Repository for Unofficial Saltbox Add-ons

Saltbox Sandbox Repo Community Repository for Unofficial Saltbox Add-ons Requirements Saltbox Documentation Undetermined Roles List of roles can be fo

Salty Organization 31 Dec 19, 2022
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021
log4j2 passive burp rce scanning tool get post cookie full parameter recognition

log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址

5 Dec 10, 2021
labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

Dylan Meca 16 Dec 08, 2022
MVT is a forensic tool to look for signs of infection in smartphone devices

Mobile Verification Toolkit Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic

8.3k Jan 08, 2023
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228

1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://

Isuru Umayanga 7 Aug 06, 2022
A Telegram Bot to force users to join a specific channel before sending messages in a group.

Promoter A Telegram Bot to force users to join a specific channel before sending messages in a group. Introduction A Telegram Bot to force users to jo

Mr. Dynamic 1 Jan 27, 2022
A decompilation of the Nintendo Switch version of Captain Toad: Treasure Tracker

cttt-decomp A decompilation of the Nintendo Switch version of Captain Toad: Trea

shibbs 14 Aug 17, 2022
Webpack自动化信息收集

Webpack-信息收集工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:小洲 团队:横戈安全团队,未来一段时间将陆续开源工具,欢迎关注微信公众号: 定位:协助红队人员快速的信息收集,测绘目

小洲 214 Dec 19, 2022