-
-
Notifications
You must be signed in to change notification settings - Fork 340
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
18 changed files
with
611 additions
and
846 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
language: python | ||
os: | ||
- linux | ||
python: | ||
- 3.6 | ||
install: | ||
- pip install flake8 | ||
before_script: | ||
- pip install -r requirements.txt | ||
# stop the build if there are Python syntax errors | ||
- flake8 . --count --select=E901,E999,F401,F701,F702,F706,F822,F823 --show-source --statistics | ||
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide | ||
- flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics | ||
script: | ||
- python dog -t marvel.com -c 7 | python dog --domains |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,84 @@ | ||
# ReconDog | ||
Recon Dog is an all in one tool for all your basic information gathering needs. It uses APIs to gather all the information so your identity is not exposed. | ||
![ReconDog Screenshot](http://teamultimate.in/wp-content/uploads/2017/06/Screenshot-from-2017-06-12-23-14-54.png "Screenshot") | ||
|
||
## Downloading and running Recon Dog | ||
<h1 align="center"> | ||
<br> | ||
<a href="https://github.com/s0md3v/ReconDog"><img src="https://image.ibb.co/mxO9rz/recondog.png" alt="Photon"></a> | ||
<br> | ||
ReconDog | ||
<br> | ||
</h1> | ||
|
||
Enter the following command in the terminal to download it | ||
``` | ||
git clone https://github.com/UltimateHackers/ReconDog | ||
``` | ||
After downloading the program, enter the following command to navigate to the Recon Dog directory and listing the contents | ||
``` | ||
cd ReconDog && ls | ||
``` | ||
The directory contains `dog.py` which you can run with Python 2 and 3. | ||
|
||
Now run the script for your python version with the following command. | ||
<h4 align="center">Reconnaissance Swiss Army Knife</h4> | ||
|
||
<p align="center"> | ||
<a href="https://github.com/s0md3v/ReconDog/releases"> | ||
<img src="https://img.shields.io/github/release/s0md3v/ReconDog.svg"> | ||
</a> | ||
<a href="https://travis-ci.com/s0md3v/ReconDog"> | ||
<img src="https://img.shields.io/travis/com/s0md3v/ReconDog.svg"> | ||
</a> | ||
<a href="https://github.com/s0md3v/ReconDog/issues?q=is%3Aissue+is%3Aclosed"> | ||
<img src="https://img.shields.io/github/issues-closed-raw/s0md3v/ReconDog.svg"> | ||
</a> | ||
</p> | ||
|
||
### Main Features | ||
- Wizard + CLA interface | ||
- Can extracts targets from STDIN (piped input) and act upon them | ||
- All the information is extracted with APIs, no direct contact is made to the target | ||
|
||
|
||
### Utilities | ||
- [Censys](https://censys.io/): Uses censys.io to gather massive amount of information about an IP address. | ||
- [NS Lookup](https://hackertarget.com/dns-lookup/): Does name server lookup | ||
- [Port Scan](https://hackertarget.com/tcp-port-scan/): Scan most common TCP ports | ||
- [Detect CMS](https://whatcms.org): Can detect 400+ content management systems | ||
- [Whois lookup](https://hackertarget.com/whois-lookup/): Performs a whois lookup | ||
- [Detect honeypot](https://honeyscore.shodan.io/): Uses shodan.io to check if target is a honeypot | ||
- [Find subdomains](https://findsubdomains.com): Uses findsubdomains.com to find subdomains | ||
- [Reverse IP lookup](https://hackertarget.com/reverse-ip-lookup/): Does a reverse IP lookup to find domains associated with an IP address | ||
- [Detect technologies](https://www.wappalyzer.com): Uses wappalyzer.com to detect 1000+ technologies | ||
- [All](https://github.com/s0md3v/ReconDog): Runs all utilities against the target | ||
|
||
### Demo | ||
<img alt="demo" href="https://youtu.be/CHkIMcSzzCY" src="https://image.ibb.co/i11A69/Screenshot-2018-10-13-15-41-11.png"> | ||
|
||
### Compatibility | ||
Recon Dog will run on anything that has a python interpreter installed. However, it has been tested on the following configurations: | ||
|
||
Operating Systems: Windows, Linux, Mac\ | ||
Python Versions: Python2.7, Python 3.6 | ||
|
||
### Installation | ||
Recon Dog requires no manual configuration and can be simply run as a normal python script.\ | ||
However, a debian package can be downloaded from [here](https://github.com/s0md3v/s0md3v.github.io/blob/master/repo/Recon-Dog_2.0_all.deb?raw=true) if you want to install it. | ||
|
||
### Usage | ||
#### Wizard Interface | ||
Wizard interface is the most straightforward way you can use Recon Dog in. Just run the program, select what you want to do and enter the target, it's that simple. | ||
#### CLA Interface | ||
Recon Dog also has a **C**ommand **L**ine **A**rgument inteface. | ||
Here's how you can find subdomains: | ||
|
||
`python dog -t marvel.com -c 7` | ||
|
||
There's more to it! Do you have a program that can enumerate subdomains and you want to scan ports of all the subdomains it finds? Don't worry, Recon Dog is designed for handling with such cases. You can simply do this: | ||
|
||
`subdomainfinder -t example.com | python dog --domains -c 3` | ||
|
||
Also, it doesn't matter what kind of output the other program generates, Recon Dog uses regular expressions to find targets which makes it easy to integrate will literally every tool. | ||
There are two switchs available: | ||
``` | ||
python dog.py | ||
--domains extract domains from STDIN | ||
--ips extract ip addresses from STDIN | ||
``` | ||
|
||
### Contribution & License | ||
You can contribute in following ways: | ||
|
||
- Report bugs | ||
- Develop plugins | ||
- Give suggestions to make it better | ||
- Fix issues & submit a pull request | ||
|
||
Do you want to have a conversation in private? Hit me up on [my twitter](https://twitter.com/s0md3v), inbox is open :) \ | ||
Recon Dog is licensed under **Apache 2.0 License**. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
white = '\033[97m' | ||
green = '\033[92m' | ||
red = '\033[91m' | ||
yellow = '\033[93m' | ||
end = '\033[0m' | ||
back = '\033[7;91m' | ||
info = '\033[93m[!]\033[0m' | ||
que = '\033[94m[?]\033[0m' | ||
bad = '\033[91m[-]\033[0m' | ||
good = '\033[32m[+]\033[0m' | ||
run = '\033[97m[~]\033[0m' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
import re | ||
|
||
|
||
def extractor(inpList, kind): | ||
parsed = set() | ||
inp = ''.join(inpList) | ||
domain = r'[\w\.\-]+' | ||
ip = r'\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' | ||
if kind == 'domain': | ||
pattern = domain | ||
else: | ||
pattern = ip | ||
matches = re.findall(pattern, inp) | ||
for match in matches: | ||
if kind == 'ip': | ||
parsed.add(match) | ||
else: | ||
if not re.match(ip, match): | ||
parsed.add(match) | ||
return parsed |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
import re | ||
import sys | ||
import requests | ||
|
||
from core.colors import bad, red, end | ||
|
||
from plugins.whois import whois | ||
from plugins.nsLookup import nsLookup | ||
from plugins.findSubdomains import findSubdomains | ||
from plugins.portScan import portScan | ||
from plugins.detectTech import detectTech | ||
from plugins.honeypot import honeypot | ||
from plugins.detectCMS import detectCMS | ||
from plugins.censys import censys | ||
from plugins.reverseLookup import reverseLookup | ||
|
||
database = { | ||
'1': [censys, 'ip'], | ||
'2': [nsLookup, 'domain'], | ||
'3': [portScan, 'domip'], | ||
'4': [detectCMS, 'domain'], | ||
'5': [whois, 'domip'], | ||
'6': [honeypot, 'ip'], | ||
'7': [findSubdomains, 'domain'], | ||
'8': [reverseLookup, 'ip'], | ||
'9': [detectTech, 'url'] | ||
} | ||
|
||
if sys.version_info < (3, 0): | ||
input = raw_input | ||
|
||
|
||
def getInput(typ): | ||
if typ == 'domip': | ||
typ = 'domain or ip' | ||
inp = input('%s%s>>%s ' % (typ, red, end)) | ||
return inp | ||
|
||
|
||
def validate(inp, typ): | ||
if typ == 'ip': | ||
match = re.match(r'\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b', inp) | ||
if match: | ||
return inp | ||
else: | ||
return False | ||
elif typ == 'url': | ||
if inp.startswith('http'): | ||
return inp | ||
else: | ||
try: | ||
requests.get('https://' + inp) | ||
return 'https://' + inp | ||
except: | ||
return 'http://' + inp | ||
else: | ||
return inp | ||
|
||
|
||
def hq(choice, target=False): | ||
if target: | ||
try: | ||
database[choice][0](target) | ||
except: | ||
print ('%s Skipped due to error: %s' % (bad, target)) | ||
elif choice == '0': | ||
inp = getInput('all') | ||
for func in list(database.values()): | ||
try: | ||
func[0](inp) | ||
print (red + ('-' * 60) + end) | ||
except: | ||
pass | ||
elif not target: | ||
typ = database[choice][1] | ||
inp = getInput(typ) | ||
validatedInp = validate(inp, typ) | ||
if validatedInp: | ||
plugin = database[choice][0] | ||
plugin(validatedInp) | ||
else: | ||
print ('%s Invalid input type' % bad) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
#!/usr/bin/env python3 | ||
import sys | ||
import requests | ||
import argparse | ||
|
||
from core.hq import hq | ||
from core.extractor import extractor | ||
from core.colors import white, green, end, red, yellow, run | ||
|
||
parser = argparse.ArgumentParser() | ||
parser.add_argument('-t', help='target', dest='target') | ||
parser.add_argument('-c', help='choice', dest='choice') | ||
parser.add_argument('--domains', help='stdin type: domain', dest='domains', action='store_true') | ||
parser.add_argument('--ips', help='stdin type: ip', dest='ips', action='store_true') | ||
args = parser.parse_args() | ||
|
||
ips = args.ips | ||
target = args.target | ||
choice = args.choice | ||
domains = args.domains | ||
|
||
data = False | ||
if ips or domains: | ||
data = sys.stdin.readlines() | ||
|
||
arged = False | ||
if target and choice: | ||
arged = True | ||
|
||
if sys.version_info < (3, 0): | ||
input = raw_input | ||
|
||
|
||
def banner(): | ||
print ('''%s | ||
_____ ____ | ||
| __ |___ ___ ___ ___ %s|\_/|%s | \ ___ ___ | ||
| -| -_| _| . | | %s|. .|%s | | | . | . | | ||
|__|__|___|___|___|_|_| %s \_/ %s |____/|___|_ | | ||
|___| v2.0%s''' % (white, red, white, red, white, red, white, end)) | ||
|
||
|
||
def menu(): | ||
print(''' | ||
%s1.%s Censys | ||
%s2.%s NS lookup | ||
%s3.%s Port scan | ||
%s4.%s Detect CMS | ||
%s5.%s Whois lookup | ||
%s6.%s Detect honeypot | ||
%s7.%s Find subdomains | ||
%s8.%s Reverse IP lookup | ||
%s9.%s Detect technologies | ||
%s0.%s All''' % (white, end, white, end, white, end, white, end, white, end, white, end, white, end, white, end, white, end, white, end)) | ||
|
||
|
||
def dog(choice, target): | ||
if not args.target: | ||
banner() | ||
if arged: | ||
hq(choice, target) | ||
else: | ||
while True: | ||
menu() | ||
result = False | ||
choice = input('\033[1;91m>>\033[0m ') | ||
hq(choice) | ||
|
||
|
||
if data: | ||
kind = 'domain' | ||
if ips: | ||
kind = 'ip' | ||
targets = extractor(data, kind) | ||
if choice: | ||
for target in targets: | ||
print ('%s %s' % (run, target)) | ||
hq(choice, target) | ||
print (red + ('-' * 60) + end) | ||
else: | ||
for target in targets: | ||
sys.stdout.write(target + '\n') | ||
else: | ||
try: | ||
dog(choice, target) | ||
except KeyboardInterrupt: | ||
quit('') |
Oops, something went wrong.