聚合空间测绘搜索(Fofa,Zoomeye,Quake,Shodan,Censys,BinaryEdge)

Related tags

Third-party APIs Wrappers Search-Tools
Overview

#Search-Tools License

Search-Tools集合比较常见的网络空间探测引擎

Fofa,Zoomeye,Quake,Shodan,Censys,BinaryEdge

简单说明

  • ICO搜索目前只有Fofa,Shodan,Quake支持
  • 代理设置是防止在API请求过于频繁,或者在实战中,好多红队打开某一个搜索引擎,导致出口IP被封禁
  • 代理自动采集,或者从搜索引擎搜索相关的代理池
  • **存活代理IP日志保存一天,非存活代理IP保存2天 **
  • 从搜索引擎调取过来的数据保存5天
  • 第一是节省积分,第二可以观察拉取的数据结构
  • 最后有个信息比对结果
  • 想要开启代理需要先验证代理
  • Fofa,Quake的永久会员都很便宜
  • Shodan黑五1美元一个,淘宝也有很多卖的
  • censys,binaryedge都可以免费注册,但每个月只能查询250次
  • 大佬勿喷

使用指南

Python 3.9


1.IP ip=10.20.30.1 
2.Cidr ips=10.20.30.1/24 
3.Port port=443 
4.domain domain=XXX.com 
5.title title=xxxx 
6.header header=200 
7.body body=xxx
8.status_code status_code=200 
9.cert cert=huawei
10.protocol protocol=https

img

img

文件结构

│  README.md  # 说明文档
│  config.ini  # 配置文件
│  rule.json  # 集合搜索语句
│
├─temp
│  ├─binaryedge_search.log #存储binaryedge日志
│  ├─censys_search.log #存储censys日志
│  ├─fofa_search.log #存储fofa日志
│  ├─quake_search.log #存储quake日志
│  ├─shodan_search.log #存储shodan储日志
│  ├─zoomeye_search.log #存储zoomeye日志
│  ├─proxylist #存储存活代理IP
│  └─proxylist_unalive #存储非存活代理IP
│
└─icon
    └─xxx.ico # 存储Quake下载的ICO图标
You might also like...
External Network Pentest Automation using Shodan API and other tools.

Chopin External Network Pentest Automation using Shodan API and other tools. Workflow Input a file containing CIDR ranges. Converts CIDR ranges to ind

Aditya Dixit 9 Aug 4, 2022
Search Shodan for Minecraft server IPs to grief

GriefBuddy This script searches Shodan for Minecraft server IPs to grief. This will return all servers connected to the public internet which Shodan h

null 26 Dec 29, 2022
A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in

Black Hat Ethical Hacking 5 Aug 9, 2022
Python script who crawl first shodan page and check DBLTEK vulnerability
Python script who crawl first shodan page and check DBLTEK vulnerability

🐛 MASS DBLTEK EXPLOIT CHECKER USING SHODAN 🕸 Python script who crawl first shodan page and check DBLTEK vulnerability

Divin 4 Jan 9, 2022
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

Eslam Akl 45 Dec 28, 2022
Comments
  • Modules suggestion

    Modules suggestion

    https://www.criminalip.io/ - Criminal IP is a specialized Cyber Threat Intelligence (CTI) search engine that allows users to search for various security-related information such as malicious IP addresses, domains, banners, etc. It can be widely integrated

    opened by parkjunmin 0
  • win10平台运行search_main报错QSpinBox' object has no attribute 'setStepType'

    win10平台运行search_main报错QSpinBox' object has no attribute 'setStepType'

    如题,在win10平台运行报错 AttributeError: 'QSpinBox' object has no attribute 'setStepType'; 定位到Ui_search中 self.start_time_spinBox.setStepType(QtWidgets.QAbstractSpinBox.AdaptiveDecimalStepType) 是是啥原因呢?

    将这句话注释掉后,能够出现界面,但是输入IP,点击搜索就闪退 Process finished with exit code -1073740791 (0xC0000409)

    opened by WillianWang2025 1
  • 一些小建议

    一些小建议

    目前试用了大佬您写的工具,有几个小建议 1、导出为表格,目前如果只搜索单IP来看,这个工具非常强大了,但涉及到网段或者大量结果的话,看起来就不太友好了 2、支持批量功能,搜索多个IP的时候,操作就不那么方便 3、为各种api添加自定义配置或者开关,像shodan api 有一定限制,不想用的时候需要每次临时关闭api之类的

    opened by 20142995 1
Releases(1.5.4.1)
Owner
null
GitHub
Use Fofa、shodan、zoomeye、360quake to collect information(e.g:domain,IP,CMS,OS)同时调用Fofa、shodan、zoomeye、360quake四个网络空间测绘API完成红队信息收集

Cyberspace Map API English/中文 Development fofaAPI Completed zoomeyeAPI shodanAPI regular 360 quakeAPI Completed Difficulty APIs uses different inputs

Xc1Ym 61 Oct 8, 2022
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口

Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。

s7ck Team 764 Jan 5, 2023
Photostudio是一款能进行自动化检测网页存活并实时给网页拍照的工具,通过调用Fofa/Zoomeye/360qua/shodan等 Api快速准确查询资产并进行网页截图,从而实施进一步的信息筛查。

Photostudio-红队快速爬取网页快照工具 一、简介: 正如其名:这是一款能进行自动化检测,实时给网页拍照的工具 信息收集要求所收集到的信息要真实可靠。 当然,这个原则是信息收集工作的最基本的要求。为达到这样的要求,信息收集者就必须对收集到的信息反复核实,不断检验,力求把误差减少到最低限度。我

s7ck Team 41 Dec 11, 2022
Use FOFA automatic vulnerability scanning tool

AutoSRC Use FOFA automatic vulnerability scanning tool Usage python3 autosrc.py -e <FOFA EMAIL> -k <TOKEN> Screenshots License MIT Dev 6613GitHub6613

PwnWiki 48 Oct 25, 2022
Blender 2.93 addon for loading Quake II MD2 files

io_mesh_md2 is a Blender 2.93 addon for importing Quake II MD2 files.

Joshua Skelton 11 Aug 31, 2022
Fofa asset consolidation script

资产收集+C段整理二合一 基于fofa资产搜索引擎进行资产收集,快速检索目标条件下的IP,URL以及标题,适用于资产较多时对模糊资产的快速检索,新增C段整理功能,整理出

白泽Sec安全实验室 36 Dec 1, 2022
A collection of custom scripts for working with Quake assets.

Custom Quake Tools A collection of custom scripts for working with Quake assets. Features Script to list all BSP files in a Quake mod

Jason Brownlee 3 Jul 5, 2022
The official Python library for Shodan

shodan: The official Python library and CLI for Shodan Shodan is a search engine for Internet-connected devices. Google lets you search for websites,

John Matherly 2.1k Dec 31, 2022
Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries

TriOp Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries For furt

Jan Kopriva 27 Nov 3, 2022
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

MurMurHash This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. What is MurMurHash? Murm

Viral Maniar 87 Dec 31, 2022