sn0int是一款功能强大的半自动化OSINT框架和包管理工具,可以帮助广大研究人员快速完成网络安全测试阶段的OSINT任务。
sn0int(发音为/snoɪnt/),允许IT 安全专业人员、漏洞赏金猎人、执法机构和安全意识培训使用它来收集有关特定目标或您自己的情报。sn0int 通过半自动处理公共信息并以统一格式映射结果以供后续调查,从而枚举攻击面,以提升应用安全性。
1、从证书透明日志和被动 DNS 中获取子域名;
2、批量解析收集的子域名并扫描 http 或 https 服务;
3、使用 asn 和 geoip 信息丰富 ip 地址;
4、从 pgp 密钥服务器和 whois 中获取电子邮件;
5、发现违规行为中的受损登录信息;
6、在互联网上查找某人的个人资料;
7、使用被动 arp 等独特技术枚举本地网络;
8、收集有关电话号码的信息;
9、从社交媒体资料中收集活动和图像;
10、基本图像处理;
Archlinux
$ pacman -S sn0int
Mac OSX
$ brew install sn0int
Debian >= bookwork, Ubuntu >= 22.10, Kali
$ sudo apt install curl sq $ curl -sSf https://apt.vulns.sexy/kpcyrd.pgp | sq keyring filter -B --handle 64B13F7117D6E07D661BBCE0FE763A64F5E54FD6 | sudo tee /etc/apt/trusted.gpg.d/apt-vulns-sexy.gpg > /dev/null $ echo deb http://apt.vulns.sexy stable main | sudo tee /etc/apt/sources.list.d/apt-vulns-sexy.list $ apt update $ apt install sn0int
Docker
$ docker run --rm --init -it -v "$PWD/.cache:/cache" -v "$PWD/.data:/data" kpcyrd/sn0int
Alpine
$ apk add sn0int
OpenBSD
$ pkg_add sn0int
Gentoo
$ layman -a pentoo $ emerge --ask net-analyzer/sn0int
NixOS
$ nix-env -i sn0int
Windows
$ git clone https://github.com/kpcyrd/sn0int.git $ cd sn0int $ cargo install -f --path .
安装默认模块:
$ sn0int ___/ . ____ , __ .' / ` , __ _/_ ( |' `. | / | | |' `. | `--. | | |,' | | | | | ___.' / | /`---' / / | __/ osint | recon | security irc.hackint.org:6697/#sn0int [+] Connecting to database [+] Downloading public suffix list [+] Downloading "GeoLite2-City.mmdb" [+] Downloading "GeoLite2-ASN.mmdb" [+] Loaded 0 modules [*] No modules found, run pkg quickstart to install default modules [sn0int][default] >
获取功能模块:
[sn0int][default] > pkg quickstart [+] Installing kpcyrd/asn [+] Installing kpcyrd/ctlogs [+] Installing kpcyrd/dns-resolve [+] Installing kpcyrd/geoip [+] Installing kpcyrd/hackertarget-subdomains [+] Installing kpcyrd/otx-subdomains [+] Installing kpcyrd/passive-spider [+] Installing kpcyrd/pgp-keyserver [+] Installing kpcyrd/threatminer-ipaddr [+] Installing kpcyrd/threatminer-subdomains [+] Installing kpcyrd/url-scan [+] Installing kpcyrd/waybackurls [+] Loaded 12 modules [sn0int][default] >
运行模块并获取结果:
[sn0int][demo][kpcyrd/ctlogs] > use dns-resolve [sn0int][demo][kpcyrd/dns-resolve] > run [*] "www.example.com" : Updating "www.example.com" (resolvable => true) [*] "www.example.com" : IpAddr: 93.184.216.34 [*] "www.example.com" : "www.example.com" -> 93.184.216.34 [*] "m.example.com" : Updating "m.example.com" (resolvable => false) [*] "dev.example.com" : Updating "dev.example.com" (resolvable => false) [*] "products.example.com" : Updating "products.example.com" (resolvable => false) [*] "support.example.com" : Updating "support.example.com" (resolvable => false) [+] Finished kpcyrd/dns-resolve [sn0int][demo][kpcyrd/dns-resolve] >
[sn0int][demo][kpcyrd/dns-resolve] > use url-scan [sn0int][demo][kpcyrd/url-scan] > target #1, "www.example.com" 93.184.216.34 #2, "m.example.com" #3, "dev.example.com" #4, "products.example.com" #5, "support.example.com" [sn0int][demo][kpcyrd/url-scan] > target where resolvable [+] 1 entities selected [sn0int][demo][kpcyrd/url-scan] > target #1, "www.example.com" 93.184.216.34 [sn0int][demo][kpcyrd/url-scan] >
本项目的开发与发布遵循GPL-3.0开源许可协议。
sn0int:【GitHub传送门】
到此这篇steadi工具包(stan工具)的文章就介绍到这了,更多相关内容请继续浏览下面的相关推荐文章,希望大家都能在编程的领域有一番成就!https://webirc.hackint.org/#irc://irc.hackint.org/#sn0int
版权声明:
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。
如若内容造成侵权、违法违规、事实不符,请将相关资料发送至xkadmin@xkablog.com进行投诉反馈,一经查实,立即处理!
转载请注明出处,原文链接:https://www.xkablog.com/bcyy/37059.html