A piece of software that shows a traceroute of a URL redirect path

Overview

Odyssey

Tracing URL redirects has never been easier!

UsageDownload

Python version Project version Codacy Grade

🚩 Use Cases

  • To see where an affiliate link ends up
  • To see what affiliate network is being used in this process
  • Ensure that your own redirects work correctly as intended to
  • To analyse suspicious URLs from various sources
  • To avoid being tracked by companies
  • To avoid being redirected to malicious websites
  • Discover how many times a site can redirect your request
  • Check if URL shortening services such as bitly and adfly redirect to legitimate websites

To learn more about the uses of redirects, and what redirects are, please read this article.

Requirements

  • A python installation above 3.0+, which you can download from the official python website here.

➡️ Installation

To have Odyssey work properly without any hiccups, please follow the instructions below.

  • Clone this repository or download it from here
  • Then execute the command pip install -r requirements.txt

📝 License

Odyssey - A piece of software that shows a traceroute of a URL redirect path Copyright (c) 2021 IlluminatiFish

This program is free software; you can redistribute it and/or modify the code base under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but without ANY warranty; without even the implied warranty of merchantability or fitness for a particular purpose. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/

Acknowledgements

  • The developers of the modules used in this project
  • The developers of the IP-API website
You might also like...
 automatically crawl every URL and find cross site scripting (XSS)
automatically crawl every URL and find cross site scripting (XSS)

scancss Fastest tool to find XSS. scancss is a fastest tool to detect Cross Site scripting (XSS) automatically and it's also an intelligent payload ge

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

mitmproxy mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. mitmdump is the

Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.
Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.

This program is an non-object oriented opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-platform server.

This tool ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes.

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, if currently supported, possible backdoors (malicious embedded code), typosquatting analysis, the history of versions and reported vulnerabilities (CVEs) of the package.

The Linux defender anti-virus software ported to work on CentOS Linux.

By: Seanpm2001, Et; Al. Top README.md Read this article in a different language Sorted by: A-Z Sorting options unavailable ( af Afrikaans Afrikaans |

wsvuls - website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.]
wsvuls - website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.]

WSVuls Website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.] What's WSVuls? WSVuls is a simple and powerf

Use Fast Redirect to easily redirect your domains.

Fast Redirect Use Fast Redirect to easily redirect your domains. Fast Redirects expects a JSON 'database'. This JSON 'database' contains the domains t

Simple app that redirect fixed URL to changing URL, configurable via POST requests

This is a basic URL redirection service. It stores associations between apps and redirection URLs, for apps with changing URLs. You can then use GET r

A small project where I identify notes and key harmonies in a piece of music and use them further to recreate and generate the same piece of music through Python
A small project where I identify notes and key harmonies in a piece of music and use them further to recreate and generate the same piece of music through Python

A small project where I identify notes and key harmonies in a piece of music and use them further to recreate and generate the same piece of music through Python

A python code for url redirect check

A python code for url redirect check

A url redirect status check module for python

A url redirect status check module for python

Automatic Video Library Manager for TV Shows. It watches for new episodes of your favorite shows, and when they are posted it does its magic.
Automatic Video Library Manager for TV Shows. It watches for new episodes of your favorite shows, and when they are posted it does its magic.

Automatic Video Library Manager for TV Shows. It watches for new episodes of your favorite shows, and when they are posted it does its magic. Exclusiv

A CLI for streaming, downloading anime shows. The shows data is indexed through GogoAnime.

Anime-cli A CLI for streaming, downloading anime shows. The shows data is indexed through GogoAnime. Please install mpv video-player for better experi

A traceroute tool that also displays IP information
A traceroute tool that also displays IP information

infotr A traceroute tool that also displays IP information. This tool has only been tested on Linux. Quick Start First, install this tool from PyPI. p

Build custom OSINT tools and APIs (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whois, Metadata & built-in database for more info) with this python package
Build custom OSINT tools and APIs (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whois, Metadata & built-in database for more info) with this python package

Build custom OSINT tools and APIs with this python package - It includes different OSINT modules (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whoi

Prime Path Generator is a prime path generator used to generate prime paths.

Prime Path Generator is a prime path generator used to generate prime paths.

Python implementation of an automatic parallel parking system in a virtual environment, including path planning, path tracking, and parallel parking
Python implementation of an automatic parallel parking system in a virtual environment, including path planning, path tracking, and parallel parking

Automatic Parallel Parking: Path Planning, Path Tracking & Control This repository contains a python implementation of an automatic parallel parking s

Multi-path load balancing is a method used by most of the real-time network to split the packets into different paths rather than transferring it through a single path
Multi-path load balancing is a method used by most of the real-time network to split the packets into different paths rather than transferring it through a single path

Multipath-Load-Balancing Method of managing incoming traffic by distributing and sharing load fairly among multiple routes from source to destination

Comments
  • Usage documentation?

    Usage documentation?

    Is it possible to provide a basic guide for usage?

    When I use python run.py it prompts:

    [+] URL:
    

    When I enter an IP address (or domain name) there, I get this error trace:

    Traceback (most recent call last):
      File "/home/gamesbook/dev/scratch/Odyssey/run.py", line 144, in <module>
        main()
      File "/home/gamesbook/dev/scratch/Odyssey/run.py", line 14, in main
        traceroute = Odyssey().check(url)
      File "/home/gamesbook/dev/scratch/Odyssey/odyssey/__init__.py", line 44, in check
        redirect_uri, uri_server, uri_cookies = self._find_redirect(url, timeout)
      File "/home/gamesbook/dev/scratch/Odyssey/odyssey/__init__.py", line 118, in _find_redirect
        raw_response = request.execute()
      File "/home/gamesbook/dev/scratch/Odyssey/odyssey/request.py", line 44, in execute
        port = int(parsed_url.port)
    TypeError: int() argument must be a string, a bytes-like object or a number, not 'NoneType'
    
    opened by gamesbook 2
Releases(v1.3)
  • v1.3(Nov 4, 2021)

    Overall: - Added ip logger detection for 3 services namely Grabify.link, Linkify.me, IPLogger.org

    Config: - Added config option to rename traceroute map html file - Added configurable ip logger detection with 3 possible values to flag on, which are (DOMAIN, DOMAIN_IP, SSL_CERT_SUBJECT_DOMAIN)

    Requester & Utils: - Fixed a bug where Odyssey would not get the correct part of the url where the port is

    ResponseParser: - Fixed a bug where Odyssey would try to resolve an ip & port combo after using urlparse.netloc as the domain to be resolve - Made the regex for meta tag redirects more lenient - Fixed some grammar errors with variable names - Added slightly more descriptive errors - Fixed a bug where meta tag redirects were handled incorrectly without any extra thought on how they actually work within browsers - Added a few more javascript redirect detections - Odyssey will now exit properly if domain from location header does not resolve

    Source code(tar.gz)
    Source code(zip)
  • v1.2(Oct 8, 2021)

    Overall:

    • Updated error message format so its more clear what happened

      • Format: [ERROR] (<MODULE>) <TYPE> MESSAGE
    • Reorganised imports

    • Removed the following modules and included them in left over modules:

      • get_server
      • get_certs
      • get_cookies
      • get_ip_data

    Bootstrap:

    • Added default values if the ip metadata doesn't supply a value

    Config:

    • Added hardcoded default configuration values if none are set in the configuration file

      • User Agent: "Mozilla/5.0"
      • Segment Buffer: 4096
      • Tracking Cookies: []
      • Clear Cookies: []
    • Changed configuration name from config.json to odyssey.json

    • Fixed a weird bug where the config.json would not be detected properly

    • Added a new configuration setting DISPLAY_TRACKERS which should be used if you want to display the tracking cookies in the results Odyssey outputs, defaults to displaying tracking cookies, if set to False it will display all cookies set by the websites visited in the route

    Requester:

    • Renamed the raw socket requests module from requestor.py => requester.py

    Parser:

    • Made the parser a class called ResponseParser instead a huge function
    • Reject parsing anything other than text/html content type
    • Renamed content_parser.py => response_parser.py
    • Cleaned up code that handles Refresh header redirects
    • Cleaned up code that handles Location header redirects
    • Future proofed the location header host ip check to use the ipaddress module, and used ipaddress' is_global field to check if an IP is routeable

    Utils:

    • Renamed dictionarize function => _parse_headers
    • Moved _parse_headers function and get_value function into a class called HeaderUtils
    • Changed regular expression to be more inclusive for the find_urls function
    • Moved the get_cookies function into utils module
    • Moved schemes dictionary from various files into one file for easier use
    Source code(tar.gz)
    Source code(zip)
    Odyssey.v1.2-SRC.rar(16.75 KB)
  • v1.1(Jun 20, 2021)

    • Moved most the code that was in the trace_path module to the requestor module
    • Merged http_request & https_request modules into one combined module called requestor which now handles both http & https urls and does all the parsing that trace_path did prior to sending requests to the next url
    • Added a double check for the content mimetype, since we cannot trust any server on the internet (Ref: https://stackoverflow.com/a/43049834)
    • Made it so only content-types that are deemed to be "text/html" can be passed to BeautifulSoup parser to be parsed to find HTML-based redirects
    • Set default encoding cp437 to be used when decoding arbitrary html content, otherwise it will try to locate and use the encoding specified in the content-type header
    • Refractored the get_certs module to allow any port to be used in the SSL communication to get the certificate of the web server just like the code in the requestor module which was previously located in the trace_path module
    Source code(tar.gz)
    Source code(zip)
    Odyssey.v1.1-SRC.rar(10.33 KB)
  • v1.0(Jun 12, 2021)

    • Updated ip data util func docustring
    • Updated content type check so we dont run it weird unicode errors
    • Updated cookie retrieval to retain cookie case sensitivity
    • Added a fix for urls with ports in them not working, from now it will take the port from the url to be the requesting port in the request unless the url has no port then it will default to the port of the url scheme
    • Fixed a typo on one of the tracking cookies
    • Fixed a bug where meta redirect urls would lose their case sensitivity after being extracted from the meta tags, same for the refresh header extracted URL
    Source code(tar.gz)
    Source code(zip)
    Odyssey.v1.0-SRC.rar(10.21 KB)
  • v0.9(May 29, 2021)

    • Added tracker boolean to each point's tooltip on the map
    • Added odyssey configuration file, to allow people to change certain settings the software uses (ex. useragent & tracking cookies presets)
    • Added configuration value loader
    • Made the method to get cookie prefixes and data not case sensitive as it used to be
    • General code fixes to follow PEPs & Codacy scan results
    Source code(tar.gz)
    Source code(zip)
    Odyssey.v0.9.-SRC.rar(9.86 KB)
  • v0.8(May 28, 2021)

    • Project renamed to Odyssey
    • New repository logo
    • Added requirements.txt for ease of installation
    • Changed from using format() string function to f-strings, in order to clean up the code a bit, because it was a bit bulky
    • Completely reorganized the codebase files, and correctly segregated them into their respective folders
    • Changed the get_data() method a lot, renamed it to get_ip_data() so that the name is meaningful and also made it just get the JSON response from IP-API instead of sending a new request to the API every time a data point was used in the map and CLI response
    • Added a check for 'Refresh' http header seen being used by Instagram to redirect out of their website
    • Added docustrings for each function the project
    • Fixed the bug where decoding the raw content received from the web server threw a UnicodeDecode error
    • Added a pre-decode content type check to see if the raw content is actually text which also fixes some issues when decoding the raw response using 'unicode-escape' (the UnicodeDecode error)
    • Made the new method to get the headers of the raw response independent of the raw response content
    Source code(tar.gz)
    Source code(zip)
    Odyssey.v0.8.-SRC.rar(19.37 KB)
  • v0.7(Jan 26, 2021)

    • Fixed a case where the next URL was seen to be a local ip / resolved to a local ip in the location header of the previous URL
    • Added an offset setting in the code for URLs that are at the same geo coordinates, so that they can be distinct
    • Changed font family for tool-tip on map
    • Added distinctions color-wise for the markers, green being the start, orange being the bounces and red being the end
    • Changed icon of markers
    Source code(tar.gz)
    Source code(zip)
    RedirectExplorer.v0.7.-SRC.rar(6.61 KB)
  • v0.6(Jan 19, 2021)

    • Added map generation to the URL redirect traceroute, so it can be visualized where the request goes around the world.
    • With this update, I had to add the time module to sleep the code, as the IP-API has a rate-limit and sometimes with many requests, the script can through an error from IP-API. I will be working on finding a similar IP information API to use in the future, to avoid this problem.
    • Added the folium module, to help with the map generation seen in this update
    Source code(tar.gz)
    Source code(zip)
    RedirectExplorer.v0.6.-SRC.rar(6.01 KB)
  • v0.5(Dec 29, 2020)

    ContentParser:

    • Added continuation statement to skip over javascript that does not help us find new redirects
    • Added new method to clear HTML tags from strings in order to get more accurate redirects from the javascript code of a website
    • Updated raw content decoding method from utf-8 to unciode-escape to handle python unicode characters (ex. \u0003), this still does not handle other languages yet

    Start:

    • Added SSL certificate retrieval for results

    Utils:

    • Added new get_ssl_cert() method in the utils.py module to get the ssl certificate from the url passed as the parameter
    • Added some more tracking cookie prefixes
    • Updated raw content decoding method from utf-8 to unciode-escape to handle python unicode characters (ex. \u0003), this still does not handle other languages yet
    Source code(tar.gz)
    Source code(zip)
    RedirectExplorer.v0.5.-SRC.rar(5.45 KB)
  • v0.4(Dec 27, 2020)

    • Acknowledgement of .decode() method not being appropriate for the purpose
    • Adjusted result message format
    • Added tracking cookies to the result message
    • Added cookie detection method = Added tracking cookie detection function to the cookie detection method (will be adding more tracking cookies to the code as it goes along)
    Source code(tar.gz)
    Source code(zip)
    RedirectExploer.v0.4.-.SRC.rar(4.88 KB)
  • v0.3(Dec 26, 2020)

    • Added more code to detect different types of javascript-based redirects [contentparser module]
    • Added the type of server running on the URL in the result traceroute, defaults to None if nothing is detected [start module]
    • Added code to detect local redirects as they weren't being picked up [start module]
    • Fixed an issue with links that included fragments but no queries, which would lead the request path being the wrong one, leading to inaccurate traceroutes [start module]
    • Added code to detect singular line javascript code that redirects users [contentparser module]
    • Quick code patch to certain cases of meta tags not being picked up by the contentparser module [contentparser module]
    • Added check to see if next_url variable is set if last redirect was local-based (for some reason it has issues) [start module]
    • Added new get_server() function to the utils module to get the type of server running on the URL [utils module]
    Source code(tar.gz)
    Source code(zip)
    RedirectExplorer.v0.3.-.SRC.rar(3.95 KB)
  • v0.2(Dec 25, 2020)

  • v0.1(Dec 25, 2020)

Owner
I am a developer that has a passion for programming, mathematics and cyber security. Currently Developer @South-Hollow
null
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3

Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR

Pushpender Singh 9 Dec 12, 2022
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url

CVE-2021-41773 Fast python tool to test apache path traversal CVE-2021-41773 in a List of url Usage :- create a live urls file and use the flag "-l" p

Zahir Tariq 12 Nov 9, 2022
CVE-2021-41773 Path Traversal for Apache 2.4.49

CVE-2021-41773 Path Traversal for Apache 2.4.49

ac1d 3 Oct 20, 2021
It's a simple tool for test vulnerability Apache Path Traversal

SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021

Mr. Cl0wn - H4ck1ng C0d3r 56 Dec 27, 2022
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

Krypt0mux 162 Nov 25, 2022
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W

stryngs 43 Dec 23, 2022
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Víctor García 187 Jan 3, 2023
Python script that sends CVE-2021-44228 log4j payload requests to url list

scan4log4j Python script that sends CVE-2021-44228 log4j payload requests to url list [VERY BETA] using Supply your url list to urls.txt Put your payl

elyesa 5 Nov 9, 2022
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Wade 1 Dec 15, 2021
Python directory buster, multiple threads, gobuster-like CLI, web server brute-forcer, URL replace pattern feature.

pybuster v1.1 pybuster is a tool that is used to brute-force URLs of web servers. Features Directory busting (URI) URL replace patterns (put PYBUSTER

Glaukio 1 Jan 5, 2022