This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.

Related tags

Security related resourcesenumit
Overview

EnumIT

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where this function first perform basic google dorking to find the targets public documents. These documents will then be downloaded to the attackers computer and can be used further to identify metadata about the client.

Installation

  • Create virtual enviroment: python3 -m venv enumit
  • Activate the virtual enviroment: source enumit/bin/activate
  • Install the required packages: pip install -r requirements.txt

Basic Usage

Google Dorking

Download the files found

python3 run.py --domain example.com --google --filetypes pdf --download-files

Create json list, no download

python3 run.py --domain example.com --google --filetypes pdf docx jpg

Certificates

This function will query https://crt.sh for the domain name, and create a de-duplicated list for further proccessing.

python3 run.py --domain example.com --cert

DNS

Perform dns lookup on the domain flag, can be used with the flag --cert to find DNS records of subdomains.

python3 run.py --domain example.com --dns --dns-records A AAAA MX NS

Shodan

In order to use the shodan function, you must have the shodan and api key flag enabled.

python3 run.py --domain example.com --shodan --shodan-api-key <KEY>

Portscan

This function will take all the ipv4 addresses previsuly found and perform a shodan lookup on them to find open ports. by default, it will only scan the IPv4 address resolved by the --domain flag. This flag is recomended if you've used the other functions with it.

python3 run.py --domain example.com --shodan --shodan-api-key <KEY> --portscan

Bananas

python3 run.py --domain example.com --cert --dns --dns-types A AAAA NS MX --shodan --shodan-api-key <KEY> --portscan --ssl

Notice!

  • When you perform a scan, the result will be saved under . \ in the folder.
  • You might be ratelimited by google if you use the function heavly.
  • Using the portscan function will not quaranty that all ports has been scanned on the host, but will rather give a indication on what to expect on the hosts.
Owner
Tobias
Tobias
GitHub Repository
DoSer.py - Simple DoSer in Python

DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this

1 Oct 12, 2021
A simple linux keylogger project.

The project This project is a simple linux keylogger. When activated, it registers all the actions made with the keyboard. The log files are registere

1 Oct 24, 2021
Ini membuat tema berbasis bendera Indonesia with Python + Linux.py

tema Ubah Tema Termux Menjadi Linux Ubah Font Termux Jadi Linux dibuat oleh wahyudioputra INSTALL pkg update && pkg upgrade pkg install python pkg ins

wahyudioputra 2 Nov 30, 2021
automatically crawl every URL and find cross site scripting (XSS)

scancss Fastest tool to find XSS. scancss is a fastest tool to detect Cross Site scripting (XSS) automatically and it's also an intelligent payload ge

Md. Nur habib 30 Sep 24, 2022
Generates password lists/dictionaries based on keywords written in python3.

dicbyru Introduction Generates password lists/dictionaries based on keywords. It uses the keywords and adds capital letters, numbers and special chara

ru55o 2 Oct 31, 2022
Python tool for enumerating directories and for fuzzing

Python tool for enumerating directories and for fuzzing

Gourab Roy 5 Feb 21, 2022
Automatic SQL injection and database takeover tool

sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of

sqlmapproject 25.7k Jan 08, 2023
logmap: Log4j2 jndi injection fuzz tool

logmap - Log4j2 jndi injection fuzz tool Used for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path Use http

之乎者也 67 Oct 25, 2022
the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr

Taroballz 25 Nov 15, 2022
Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

ScratchABit is an interactive incremental disassembler with data/control flow analysis capabilities. ScratchABit is dedicated to the effor

Paul Sokolovsky 380 Dec 28, 2022
Gmail Accounts Hacking

gmail-hack Gmail Accounts Hacking Gemail-Hack python script for Hack gmail account brute force What is brute force attack? In brute force attack,scrip

Aryan 25 Nov 10, 2022
A Python tool to automate some dorking stuff to find information disclosures.

WebDork v1.0.3 A open-source tool to find publicly available sensitive information about Companies/Organisations! WebDork A Python tool to automate so

Rahul rc 123 Jan 08, 2023
LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

Mathias Hall-Andersen 4 Dec 14, 2021
cve-2021-21985 exploit

cve-2021-21985 exploit 0x01 漏洞点 分析可见: https://attackerkb.com/topics/X85GKjaVER/cve-2021-21985?referrer=home#rapid7-analysis 0x02 exploit 对beans对象进行重新构

xnianq 105 Nov 22, 2022
This repository is one of a few malware collections on the GitHub.

This repository is one of a few malware collections on the GitHub.

Andrew 1.7k Dec 28, 2022
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

EntySec 118 Dec 24, 2022
Holehe OSINT - Email to Registered Accounts

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

Palenath 3.8k Jan 06, 2023
POC for detecting the Log4Shell (Log4J RCE) vulnerability.

log4shell-poc-py POC for detecting the Log4Shell (Log4J RCE) vulnerability. Run on a system with python3 python3 log4shell-poc.py pathToTargetFile

BCC Risk Advisory 2 Dec 22, 2021
ssh-audit is a tool for ssh server & client configuration auditing.

SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Joe Testa 1.4k Dec 31, 2022
Python implementation for PrintNightmare using standard Impacket.

PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket

ollypwn 141 Dec 31, 2022