Termux ID: Selenium -->

    Social Items

Home / Selenium

An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills.
Check out the example (digraph), which is based on mine and my colleagues (David Prince) LinkedIn profile. By glancing at the visualisation you can easily see, by the number of "arrows", there is some sort of relationship between us and "Zoƫ Rose" (we all work together on the same team in this case).

Due to the way LinkedIn's privacy settings work this tool works best when your target is within your 3rd degree network or higher. Using a LinkedIn Premium or Recruiter account will allow you to map targets outside of your network.

Installation
The Endorser will work on pretty much any *nix (Linux, Mac, BSD) system with Python 3.0+.
  1. git clone https://github.com/eth0izzle/the-endorser.git
  2. sudo pip3 install -r requirements.txt
  3. Setup your LinkedIn credentials in config.yaml
  4. Download ChromeDriver for your platform (requires Chrome) and place in ./drivers. Alternatively you can use PhantomJS and launch with the --driver phantomjs flag (note phantomjs is 8x slower).
  5. python3 the-endorser.py <profile1> <profile2>

Usage
usage: python the-endorser.py https://www.linkedin.com/in/user1 https://www.linkedin.com/in/user2

Maps out relationships between peoples endorsements on LinkedIn.

positional arguments:
  profiles              Space separated list of LinkedIn profile URLs to map

optional arguments:
  -h, --help            show this help message and exit
  --config_file CONFIG_FILE
                        Specify the path of the config.yaml file (default:
                        ./the-endorser/config.yaml)
  --driver DRIVER       Selenium WebDriver to use to parse the webpages:
                        chromedriver, phantomjs (default: chromedriver)
  --output OUTPUT       Output module to visualise the relationships: digraph,
                        stdout (default: digraph)
  --log LOG             Path of log file. None for stdout. (default: None)
  --log-level LOG_LEVEL
                        Logging output level: DEBUG, INFO, WARNING, ERROR.
                        (default: INFO)

Outputs
The Endorser is "modular" in the sense that it can output and visualise the data in different ways. An output module just needs one method: def run(profiles)
Currently there is only one output module (digraph). In the future the plan is add modules for Maltego and and Plot.ly - but feel free to get involved!

Digraph
It's best to read this from right-to-left to identify people that have arrows from multiple profiles. Square box = skill, ellipse = person.


The Endorser - An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills


Selenium powered Python script to automate searching the web for vulnerable applications.
DorkNet can take a single dork or a list of dorks as arguments. After the proper command line arguments have been passed, the script will use Selenium and Geckodriver to find the results we want and save them to a textfile for further processing with SQLmap or similar utilities.

Usage
git clone https://github.com/NullArray/DorkNet.git
cd DorkNet
python dorknet.py
The options for the program are as follows.
-h, --help              show this help message and exit
-d DORK, --dork DORK    specify the dork you wish to use
-l LIST, --list LIST    specify path to list with dorks
-v, --verbose           toggle verbosity
Some examples for clarity.
DorkNet.py -h
DorkNet.py -d inurl:show.php?id= -v
DorkNet.py -l /path/to/list.txt --verbose

Dependencies
You will need the Mozilla Geckodriver for this to work. After it has been installed feel free to use the requirements file i made for this program
pip install -r requirements.txt

Known Issue
By using Selenium and Geckodriver, DorkNet is effective at emulating a regular browser. In this manner the program is able to avoid captchas most of the time. However on limited occasions, Google throws one regardless. The same sometimes happens when manually searching for strings that look like a dork. Should you encounter one, you can just fill out the captcha in the Geckodriver and DorkNet will continue it's normal operation.


DorkNet - Selenium Powered Python Script To Automate Searching For Vulnerable Web Apps


Intelligence and Reconnaissance Package/Bundle installer.
IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well it aims to be a comprehensive assistant in setting up your intelligence gathering environment. Below is an overview of the tools and utilities it will help you set up.

+-----------------------+-------------------------------------------+
| Tool                  | Utility type and feature summary          |
+-----------------------+-------------------------------------------+
|1. QuickScan         | Port Scanner/WHOIS/Domain Resolver        | 
|2. DNSRecon         | Advanced DNS Enumeration & Domain Utility |
|3. Sublist3r           | OSINT Based Subdomain Enumeration         |
|4. TekDefense-Automator| OSINT Based IP, URL and Hash Analyzer     |
|5. TheHarvester        | eMail, vHost, Domain and PII Enumeration  |
|6. IOC-Parser          | Threat Intel, parses IOC data from reports|
|7. PyParser-CVE        | Multi Source Exploit Parser/CVE Lookup    |
|8. Mimir               | HoneyDB CLI/Threat Intelligence Utility   |
|9. Harbinger           | Cymon.io, Virus Total, Threat Feed Parser |
|10.Spiderfoot          | Advanced OSINT/Reconnaissance Framework   |
+-----------------------+-------------------------------------------+
Furthermore I have included functionality within the Bash script that allows the user to easily pull up two web based resources. Namely OSINT-Framework and HoneyDB. The former serves as a curated list of open source intelligence tools, websites and related materials for use as a reference guide. While the latter is an OSINT aggregative threat intelligence pool that collects and organizes data provided by HoneyPy honeypots. My Command Line Interface for which is included in the selection of tools available for download with IntRec-Pack as well.

Usage
Clone the tool from the repo and make it executable like so.
git clone https://github.com/NullArray/IntRec-Pack.git
cd IntRec-Pack
chmod +x intrec.sh
After which it can be started from the command line with sudo ./intrec.sh. Upon doing so you will be presented with a menu the options for which are as follows:
1) Help                  4) Specify Install Location
2) List and Install      5) Online Resources
3) Install All           6) Quit
The help option displays further usage information and general details about the tool. List and Install will list all the tools available for download/installation and lets you select the ones you would like. Upon doing so the tool plus it's dependencies will be installed in the current working directory. Unless the Specify Install Location option has been used to provide a path to a custom location. Install All will download and install all the tools available with this script and Online Resources will open the web applications previously mentioned.

Update
The script has been updated to version 1.0.1.

Changelog
Each installation operation now has its own function in order to make the script modular. This will also allow for the easy addition of operations that would install other/more tools in the future.
Additional checks have been added to the script in order to look for the presence of utilities such as wget, git and pip. This is important because some distros such as Debian and Devuan do not come with some of these utilities installed by default. Should the script find any of these utilities are missing it will attempt to automatically resolve the issue. Making the script effective and compatible with most Debian based distros.
From now on IntRec-Pack will check to see if it has been started with super user privilege. Since there are a lot of sudo commands in the script this will prevent the user from running into trouble halfway through the execution.


IntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer

Subscribe to: Posts (Atom)