项目作者: 17fk

项目描述 :
17iGT is a OSINT and sensitive info gathering toolkit. All features are not making direct contact with targets.
高级语言: Python
项目地址: git://github.com/17fk/17infoGatheringToolkit.git
创建时间: 2020-09-28T07:02:16Z
项目社区:https://github.com/17fk/17infoGatheringToolkit

开源协议:GNU Affero General Public License v3.0

下载


17infoGatheringToolkit

  1. | .--------------. |#| .--------------. |#| .--------------. |#| .--------------. |#| .--------------. |#
  2. | | __ | |#| | _______ | |#| | | |#| | ______ | |#| | _________ | |#
  3. | | / | | |#| | | ___ | | |#| | |_| | |#| | .' ___ | | |#| | | _ _ | | |#
  4. | | `| | | |#| | |_/ / / | |#| | | |#| | / .' \_| | |#| | |_/ | | \_| | |#
  5. | | | | | |#| | / / | |#| | | | | |#| | | | ____ | |#| | | | | |#
  6. | | _| |_ | |#| | / / | |#| | | | | |#| | \ `.___] _| | |#| | _| |_ | |#
  7. | | |_____| | |#| | /_/ | |#| | |_| | |#| | `._____.' | |#| | |_____| | |#
  8. | | | |#| | | |#| | | |#| | | |#| | | |#
  9. | '--------------' |#| '--------------' |#| '--------------' |#| '--------------' |#| '--------------' |#
  10. '----------------' # '---------------' # '----------------' # '----------------' # '----------------' #

LicenseRelease

What you might need

  • An account at https://shodan.io take a look at honeypot.py and config api_key accordingly
  • An account at https://larger.io take a look at detectTech.py and config api_key accordingly
  • An account at https://facebook.com scan sensitive info needs Facebook account, detailed instruction below

Features

  • Censys.io info for IP address
  • Detect the possibility of honeypot
  • NSlookup
  • Port scan
  • IP reverse lookup
  • Whois lookup
  • Web technologies detection
  • Scan sensitive information/file leaks in a website/uDork v2.0 (not working in China)
  • GitHub Sensitive Information Leakage / GSIL v2.0

Usage

  1. git clone https://github.com/17fk/17infoGatheringTools.git
  2. cd 17infoGatheringTools
  3. #pip3 install -r requirements.txt
  4. pip install -r requirements.txt
  5. #python3 17iGT
  6. python 17iGT

Scan senstive information instruction

The feature is pure uDork(https://github.com/m3n0sd0n4ld/uDork), more details can be found at the original repo.

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).

Configure the cookie in uDork.sh is a MUST! Steps are listed here:

https://github.com/m3n0sd0n4ld/uDork#steps-to-obtain-the-cookie-and-configure-the-cookie

Modifications will be made in future releases.

Sample:

target.com -e pdf //Example of searching pdf files

target.com -s password //Example of searching routes with the word “password”

Usage:

  1. -h, --help show this help message and exit
  2. -d DOMAIN, --domain DOMAIN
  3. Domain or IP address.
  4. -e EXTENSION, --extension EXTENSION
  5. Search files by extension. Use 'all' to find the list
  6. extension.
  7. -t TEXT, --text TEXT Find text in website content.
  8. -s STRING, --string STRING
  9. Locate text strings within the URL.
  10. -m MASSIVE, --massive MASSIVE
  11. Attack a site with a predefined list of dorks. Review
  12. list <-l / - list>
  13. -l LIST, --list LIST Shows the list of predefined dorks (Exploit-DB).
  14. -f FILE, --file FILE Use your own personalized list of dorks.
  15. -k DORK, --dork DORK Specifies the type of dork <filetype | intext | inurl>
  16. (Required for '<-f / - file'>).
  17. -p PAGES, --pages PAGES
  18. Number of pages to search in Google. (By default 5
  19. pages).
  20. -o OUTPUT, --output OUTPUT
  21. Export results to a file.

Clarification

This toolkit is only for study purpose, all the features are implemented using free resources on the Internet.

Any suggestions would be much appreciate.

17Fk.