sn0int是一款功能强大的半自动化OSINT框架和包管理工具,可以帮助广大研究人员快速完成网络安全测试阶段的OSINT任务。
sn0int(发音为/snoɪnt/),允许IT 安全专业人员、漏洞赏金猎人、执法机构和安全意识培训使用它来收集有关特定目标或您自己的情报。sn0int 通过半自动处理公共信息并以统一格式映射结果以供后续调查,从而枚举攻击面,以提升应用安全性。
1、从证书透明日志和被动 DNS 中获取子域名;
2、批量解析收集的子域名并扫描 http 或 https 服务;
3、使用 asn 和 geoip 信息丰富 ip 地址;
4、从 pgp 密钥服务器和 whois 中获取电子邮件;
5、发现违规行为中的受损登录信息;
6、在互联网上查找某人的个人资料;
7、使用被动 arp 等独特技术枚举本地网络;
8、收集有关电话号码的信息;
9、从社交媒体资料中收集活动和图像;
10、基本图像处理;
Archlinux
pacman -S sn0intMac OSX
brew install sn0intDebian >= bookwork, Ubuntu >= 22.10, Kali
$ sudo apt install curl sq$ curl -sSf https://apt.vulns.sexy/kpcyrd.pgp | sq keyring filter -B --handle 64B13F7117D6E07D661BBCE0FE763A64F5E54FD6 | sudo tee /etc/apt/trusted.gpg.d/apt-vulns-sexy.gpg > /dev/null$ echo deb http://apt.vulns.sexy stable main | sudo tee /etc/apt/sources.list.d/apt-vulns-sexy.list$ apt update$ apt install sn0int
Docker
docker run --rm --init -it -v "$PWD/.cache:/cache" -v "$PWD/.data:/data" kpcyrd/sn0intAlpine
apk add sn0intOpenBSD
pkg_add sn0intGentoo
layman -a pentoo$ emerge --ask net-analyzer/sn0int
NixOS
nix-env -i sn0intWindows
git clone https://github.com/kpcyrd/sn0int.git$ cd sn0int$ cargo install -f --path .
安装默认模块:
$ sn0int___/ .____ , __ .' / ` , __ _/_( |' `. | / | | |' `. |`--. | | |,' | | | | |___.' / | /`---' / / | __/osint | recon | securityirc.hackint.org:6697/#sn0int[+] Connecting to database[+] Downloading public suffix list[+] Downloading "GeoLite2-City.mmdb"[+] Downloading "GeoLite2-ASN.mmdb"[+] Loaded 0 modules[*] No modules found, run pkg quickstart to install default modules[sn0int][default] >
获取功能模块:
[sn0int][default] > pkg quickstart[+] Installing kpcyrd/asn[+] Installing kpcyrd/ctlogs[+] Installing kpcyrd/dns-resolve[+] Installing kpcyrd/geoip[+] Installing kpcyrd/hackertarget-subdomains[+] Installing kpcyrd/otx-subdomains[+] Installing kpcyrd/passive-spider[+] Installing kpcyrd/pgp-keyserver[+] Installing kpcyrd/threatminer-ipaddr[+] Installing kpcyrd/threatminer-subdomains[+] Installing kpcyrd/url-scan[+] Installing kpcyrd/waybackurls[+] Loaded 12 modules[sn0int][default] >
运行模块并获取结果:
[sn0int][demo][kpcyrd/ctlogs] > use dns-resolve[sn0int][demo][kpcyrd/dns-resolve] > run[*] "www.example.com" : Updating "www.example.com" (resolvable => true)[*] "www.example.com" : IpAddr: 93.184.216.34[*] "www.example.com" : "www.example.com" -> 93.184.216.34[*] "m.example.com" : Updating "m.example.com" (resolvable => false)[*] "dev.example.com" : Updating "dev.example.com" (resolvable => false)[*] "products.example.com" : Updating "products.example.com" (resolvable => false)[*] "support.example.com" : Updating "support.example.com" (resolvable => false)[+] Finished kpcyrd/dns-resolve[sn0int][demo][kpcyrd/dns-resolve] >[sn0int][demo][kpcyrd/dns-resolve] > use url-scan[sn0int][demo][kpcyrd/url-scan] > target#1, "www.example.com"93.184.216.34#2, "m.example.com"#3, "dev.example.com"#4, "products.example.com"#5, "support.example.com"[sn0int][demo][kpcyrd/url-scan] > target where resolvable[+] 1 entities selected[sn0int][demo][kpcyrd/url-scan] > target#1, "www.example.com"93.184.216.34[sn0int][demo][kpcyrd/url-scan] >
本项目的开发与发布遵循GPL-3.0开源许可协议。
sn0int:
https://github.com/kpcyrd/sn0int
原文始发于微信公众号(FreeBuf):sn0int:一款半自动化OSINT框架和包管理工具
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论