From c4a3acdc7ce52a2d8e1a16a19a1a87b09f1429ca Mon Sep 17 00:00:00 2001 From: meriauxt Date: Sat, 13 Jul 2024 13:45:26 +0100 Subject: [PATCH 1/2] adding updated gitignore from changes --- .gitignore | 163 ----------------------------------------------------- 1 file changed, 163 deletions(-) diff --git a/.gitignore b/.gitignore index dd4f2f5..8abaa36 100644 --- a/.gitignore +++ b/.gitignore @@ -1,166 +1,3 @@ creds.py .vscode/* __pycache__/* - -# Byte-compiled / optimized / DLL files -__pycache__/ -*.py[cod] -*$py.class - -# C extensions -*.so - -# Distribution / packaging -.Python -build/ -develop-eggs/ -dist/ -downloads/ -eggs/ -.eggs/ -lib/ -lib64/ -parts/ -sdist/ -var/ -wheels/ -share/python-wheels/ -*.egg-info/ -.installed.cfg -*.egg -MANIFEST - -# PyInstaller -# Usually these files are written by a python script from a template -# before PyInstaller builds the exe, so as to inject date/other infos into it. -*.manifest -*.spec - -# Installer logs -pip-log.txt -pip-delete-this-directory.txt - -# Unit test / coverage reports -htmlcov/ -.tox/ -.nox/ -.coverage -.coverage.* -.cache -nosetests.xml -coverage.xml -*.cover -*.py,cover -.hypothesis/ -.pytest_cache/ -cover/ - -# Translations -*.mo -*.pot - -# Django stuff: -*.log -local_settings.py -db.sqlite3 -db.sqlite3-journal - -# Flask stuff: -instance/ -.webassets-cache - -# Scrapy stuff: -.scrapy - -# Sphinx documentation -docs/_build/ - -# PyBuilder -.pybuilder/ -target/ - -# Jupyter Notebook -.ipynb_checkpoints - -# IPython -profile_default/ -ipython_config.py - -# pyenv -# For a library or package, you might want to ignore these files since the code is -# intended to run in multiple environments; otherwise, check them in: -# .python-version - -# pipenv -# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. -# However, in case of collaboration, if having platform-specific dependencies or dependencies -# having no cross-platform support, pipenv may install dependencies that don't work, or not -# install all needed dependencies. -#Pipfile.lock - -# poetry -# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control. -# This is especially recommended for binary packages to ensure reproducibility, and is more -# commonly ignored for libraries. -# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control -#poetry.lock - -# pdm -# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control. -#pdm.lock -# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it -# in version control. -# https://pdm.fming.dev/latest/usage/project/#working-with-version-control -.pdm.toml -.pdm-python -.pdm-build/ - -# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm -__pypackages__/ - -# Celery stuff -celerybeat-schedule -celerybeat.pid - -# SageMath parsed files -*.sage.py - -# Environments -.env -.venv -env/ -venv/ -ENV/ -env.bak/ -venv.bak/ - -# Spyder project settings -.spyderproject -.spyproject - -# Rope project settings -.ropeproject - -# mkdocs documentation -/site - -# mypy -.mypy_cache/ -.dmypy.json -dmypy.json - -# Pyre type checker -.pyre/ - -# pytype static type analyzer -.pytype/ - -# Cython debug symbols -cython_debug/ - -# PyCharm -# JetBrains specific template is maintained in a separate JetBrains.gitignore that can -# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore -# and can be added to the global gitignore or merged into this file. For a more nuclear -# option (not recommended) you can uncomment the following to ignore the entire idea folder. -#.idea/ \ No newline at end of file From d21f4a4ed0afdda6d3b760c4092feff1049240aa Mon Sep 17 00:00:00 2001 From: meriauxt Date: Sat, 13 Jul 2024 13:46:19 +0100 Subject: [PATCH 2/2] added main README.md sections for further updating --- README.md | 83 +++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 59 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 0c0a625..fa1268b 100644 --- a/README.md +++ b/README.md @@ -2,36 +2,63 @@ ## Goals -This script is for fingerprinting servers to determine what vunerabilities should lead to responsible disclosure. - - -## TO DO -0. security.txt = done (shodan) -1. Find a domain -- ssl subject or issuer domain (exclude common CAs) -- check other ports on same IP (shodan) - - EHLO banner - - web content - - ssh banner - - SNMP -- passive dns domain (dumpsterDNS, circl.lu etc) -- reverse dns domain (exclude answers that contain the ip address in reverse as prob just the ISP?) -- check BGP and repeat for other IPs in the subnet, find a pattern? +This script is for fingerprinting servers to find potential vunerabilities for responsible disclosure. + +## Requirements + +Requirements are in the requirements.txt + +```python + +requests>2 +pypdns>2 +pypssl>2 + +``` + +## Quick Start + +ADD HOW TO USE HERE + +## Feature list + +[x] security.txt (shodan) +[ ] Find a domain +[ ] ssl subject or issuer domain (exclude common CAs) +[ ] check other ports on same IP (shodan) + - [ ] EHLO banner + - [ ] web content + - [ ] ssh banner + - [ ] SNMP +[ ] Passive dns domain (dumpsterDNS, circl.lu etc) +[ ] Reverse dns domain (exclude answers that contain the ip address in reverse as prob just the ISP?) +[ ] Check BGP and repeat for other IPs in the subnet, find a pattern? 2. Look for security contact on the domain (or IP if 1 unsuccessful) -- security.txt -- scrape 80/443 links for security -- scrape for contact -- whois -- geoIP and pass to relevant CSIRT.Global chapter -- pass to local NCSC +[ ] security.txt +[ ] scrape 80/443 links for security +[ ] scrape for contact +[ ] whois +[ ] geoIP and pass to relevant CSIRT.Global chapter +[ ] pass to local NCSC -3. Add setting.py +3. Add setting.py +The goal here would be to decouple variables from the code logic as much as possible and improve configuration flexibility. +It would be the one place to store all project relevant variables ## Shodan Input +### Shodan - Set up and configuration. + +You need credentials, information here: https://account.shodan.io/billing + +username: the email + When you query shodan.io, it returns a banner. -The minimum parameters you can find it seems based on their documentation should always be something like this: +See here about banners : https://help.shodan.io/the-basics/what-is-shodan + +Banners vary greatly depending on the type of systems you are looking into. +The simplest banner you could get as a result would look like this ```json { @@ -47,4 +74,12 @@ The minimum parameters you can find it seems based on their documentation should } } ``` -See link to documentation here: https://help.shodan.io/the-basics/search-query-fundamentals \ No newline at end of file +See link to documentation here: https://help.shodan.io/the-basics/search-query-fundamentals + +## Expected Output + +ADD EXPECTED OUTPUT HERE + +## How to contribute + +ADD HOW TO CONTRIBUTE HERE \ No newline at end of file