Karma_V2: Automated OSINT Framework


IN 𝚟𝟸 is an open source OSINT Framework, used primarily by pentesters and security system analysts. It has a wide range of options and returns you the best search results. The Shodan Premium API key is required to use the program.

karma v2 logo

Characteristics

  • Flexible results through Shodan Dorks
  • SSL SHA1 checksum / fingerprint Search
  • Verify each IP by assigning an SSL / TLS RegEx certificate version
  • Learn all the ports of a target
  • Find all the vulnerabilities of your CVE-related goals
  • Get banners for every IP, operating system, service, organization, etc.
  • Create Favicon Hash using python3 mmh3
  • Favicon Technology Detection using a custom kernel template
  • ASN Scan
  • BGP Neighbor
  • IPv4 & IPv6 programs for ASN

Installation

# git clone https://github.com/Dheerajmadhukar/karma_v2.git
# python3 -m pip install shodan mmh3 # apt install jq -y # GO111MODULE = on go get -v github.com/tomnomnom/httprobe
# git clone https://github.com/codingo/Interlace.git & install accordingly.
# GO111MODULE = on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei
# apt install lolcat -y
# GO111MODULE = on go get -u github.com/tomnomnom/anew
# cat> .token SHODAN_PREMIUM_API_HERE

Use

$ bash karma_v2 -h

karma v2 help

Video guide

https://asciinema.org/a/4Ri9FW97qnVV37v3Mb2mNTKz8?t=25&speed=5&theme=tango

output

output / bugcrowd.com-YYYY-MM-DD / ├── ASNs_Detailed_bugcrowd.com.txt ├── Collect ├── ├── host_domain_domain.tld.json.gz ├── ├── ssl_SHA1_12289a814 ... 83029f8944b6088d60204ate.e │ ├── ssl_SHA92_1bf17537 ... 84cb73d1a684db495ea7aa5b_domain.tld.json.gz │ ├── ssl_SHA611_1d198d6ec ... 4b681b77585190078b07c37e5_domain.tld.json.gz │ ├── ssl_SHA1_1a26c9 ... d5618eae60b2947e42263d154f_domain.tld.json.gz │ ├── ssl_SHA203_1da3a3825 ... 2b3a852adc42470410183b3ee_domain.tld.json.gz │ ├── ssl_SHA9_1d4eab0 ... 730cf68d11db2cc94c2454_domain.tld.json.gz │ ├── ssl_SHA906532_1dab8907c ... 4fdbdd12c6a445a4f8152b6b7_domain.tld.json.gz │ ├── ssl_SHA7_1a9b9eba ... 99dc5cea5106a745bf591b96_domain. tld.json.gz ├── ├── ssl_SHA044_a1c7d14 ... b201fd6bc4e4ab95e2897a6bsfd_domain.tld.json.gz │ ├── ssl_SHA0_a1f90ddb4 ... 0bdb85780de06fefddom83z.d ssl_subjectCN_domain.tld.json.gz └── └── ssl_subject_domain.tld.json.gz | └── . . . ├── IP_VULNS │ ├── 104.xxxjson.gz │ ├── 107.xxxjson.gz │ ├── 107.xxxjson.gz │ └── 99.xxxjson.gz | └── . . . ├── favicons_domain.tld.txt ├── host_enum_domain.tld.txt ips ips_inscope_domain.tld.txt ├── main_domain.tld.data ├──. . .

 

𝚟𝟸 𝚟𝟸 Supported Shodan Dorks

DORKs DORKs DORKs
ssl.cert.fingerprint http.status:"302" oauth "Server: Jetty"
ssl http.status:"302" sso X-Amz-Bucket-Region
org title:"401 Authorization Required" "development" org:"Amazon.com"
hostname http.html:"403 Forbidden" "X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Jenkins [Jenkins]"
ssl.cert.issuer.cn http.html:"500 Internal Server Error" http.favicon.hash:81586312 200
ssl.cert.subject.cn ssl.cert.subject.cn:*vpn* product:"Kubernetes" port:"10250, 2379"
ssl.cert.expired:true title:"citrix gateway" port:"9100" http.title:"Node Exporter"
ssl.cert.subject.commonName http.html:"JFrog" http.title:"Grafana"
http.title:"Index of /" "X-Jfrog" http.title:"RabbitMQ"
ftp port:"10000" http.title:"dashboard" HTTP/1.1 307 Temporary Redirect "Location: /containers"
"Authentication: disabled" port:445 product:"Samba" http.title:"Openfire Admin Console" http.favicon.hash:1278323681
title:"Login - Adminer" http.title:"control panel" "MongoDB Server Information" port:27017 -authentication
http.title:"sign up" http.html:"* The wp-config.php creation script uses this file" port:"9200" all:"elastic indices"
http.title:"LogIn" clockwork "220" "230 Login successful." port:21
port:"11211" product:"Memcached" "port: 53" Recursion: Enabled title:"kibana"
port:9090 http.title:"Prometheus Time Series Collection and Processing Server" "default password" title:protected
http.component:Moodle http.favicon.hash:116323821 html:"/login/?next=" title:"Django"
html:"/admin/login/?next=" title:"Django" title:"system dashboard" html:jira http.component:ruby port:3000
html:"secret_key_base" I will add more soon . . .

𝚟𝟸 𝚟𝟸 Newly Added Shodan Dorks

DORKs DORKs DORKs
"netweaver" port:"2379" product:"etcd" http.title:"DisallowedHost"
ssl:"${target}" "-AkamaiGHost" "-GHost" ssl:"${target}" "-Cloudflare" ssl:"${target}" "-Cloudfront"
"X-Debug-Token-Link" port:443 http.title:"shipyard" HTTP/1.1 200 OK Accept-Ranges: bytes Content-Length: 5664 http.title:"TIBCO Jaspersoft:" port:"443" "1970"
"Confluence" http.title:"SonarQube" html:"jmx?qry=Hadoop:*"
http.title:"Directory Listing" http.title:"H-SPHERE" http.title:"Swagger UI - "
Server: Apache-Coyote/1.1 Tomcat-5.5" port:2375 product:"Docker" http.title:"phpinfo()"
http.title:"ID_VC_Welcome" "x-powered-by" "jboss" jboss http.favicon.hash:-656811182
http.title:"Welcome to JBoss" port:"8089, 8000" "splunkd" http.favicon.hash:-316785925
title:"splunkd" org:"Amazon.com" http.title:"oracle business intelligence sign in" http.title:"Oracle WebLogic Server Administration Console"
http.title:"Apache Status" I will add more soon . . .

You can download the program from here.

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news