{"id":13579560,"url":"https://github.com/ARPSyndicate/puncia","last_synced_at":"2025-04-05T21:32:03.853Z","repository":{"id":193861628,"uuid":"689642135","full_name":"ARPSyndicate/puncia","owner":"ARPSyndicate","description":"Panthera(P.)uncia - Official CLI utility for Osprey Vision, Subdomain Center \u0026 Exploit Observer. ","archived":false,"fork":false,"pushed_at":"2025-03-28T10:11:43.000Z","size":155,"stargazers_count":644,"open_issues_count":0,"forks_count":31,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-04-03T03:18:06.738Z","etag":null,"topics":["arpsyndicate","cyclonedx","cyclonedx-sbom","exploit","sbom","sbom-tool","subdomain","vulnerability"],"latest_commit_sha":null,"homepage":"https://pypi.org/project/puncia/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ARPSyndicate.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"arpsyndicate"}},"created_at":"2023-09-10T13:10:16.000Z","updated_at":"2025-03-25T06:43:16.000Z","dependencies_parsed_at":"2023-12-25T18:04:26.706Z","dependency_job_id":"2c8b8663-e00a-4abc-830a-da07ff69da95","html_url":"https://github.com/ARPSyndicate/puncia","commit_stats":{"total_commits":10,"total_committers":2,"mean_commits":5.0,"dds":0.09999999999999998,"last_synced_commit":"dd49a81b9239968c8af9b05bb674d9bc878e3216"},"previous_names":["arpsyndicate/puncia"],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ARPSyndicate","download_url":"https://codeload.github.com/ARPSyndicate/puncia/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247406024,"owners_count":20933803,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["arpsyndicate","cyclonedx","cyclonedx-sbom","exploit","sbom","sbom-tool","subdomain","vulnerability"],"created_at":"2024-08-01T15:01:40.573Z","updated_at":"2025-04-05T21:32:03.839Z","avatar_url":"https://github.com/ARPSyndicate.png","language":"Python","funding_links":["https://github.com/sponsors/arpsyndicate"],"categories":["Python"],"sub_categories":[],"readme":"# Panthera(P.)uncia\n\n### Official CLI utility for Osprey Vision, Subdomain Center \u0026 Exploit Observer\n\n[![Downloads](https://pepy.tech/badge/puncia)](https://pepy.tech/project/puncia)\n\u003cimg src=\"https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat\"\u003e\n\u003cimg alt=\"GitHub stars\" src=\"https://img.shields.io/github/stars/ARPSyndicate/puncia\"\u003e\n\u003cbr\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/ARPSyndicate/puncia/master/puncia.png\" width=25%\u003e\n\u003cbr\u003e\nPuncia utilizes three of our intelligent APIs to gather the results - \u003cbr\u003e\n\n- [Subdomain Center - The World's Largest Subdomain \u0026 Shadow IT Intelligence Database](https://subdomain.center)\u003cbr\u003e\n- [Exploit Observer - The World's Largest Exploit \u0026 Vulnerability Intelligence Database](https://exploit.observer)\u003cbr\u003e\n- [Osprey Vision - The World's Most Bleeding Edge AI for Information Discovery](https://osprey.vision)\n\n**Please note that although these results can sometimes be pretty inaccurate \u0026 unreliable, they can greatly differ from time to time due to their self-improvement capabilities.**\n\n**Aggressive rate-limits can be avoided with an API key: https://www.arpsyndicate.io/pricing.html**\n\n## Installation\n\n1. From PyPi - `pip3 install puncia`\n2. From Source - `pip3 install .`\u003cbr\u003e\n\n## Usage\n\n1.  (PAID) Store an API key (storekey) - `puncia storekey \u003capi-key\u003e`\n2.  (FREEMIUM) Interact with the LLM (chat) - `puncia chat \"\u003cprompt\u003e\" \u003coutput-file\u003e`\n3.  (PAID) Summarize Webpages with the LLM (summarize) - `puncia summarize \"\u003clinks\u003e\" \u003coutput-file\u003e`\n4.  (FREEMIUM) Query Domains (subdomain) - `puncia subdomain \u003cdomain\u003e \u003coutput-file\u003e`\n5.  (FREEMIUM) Query Replica Domains (replica) - `puncia replica \u003cdomain\u003e \u003coutput-file\u003e`\n6.  Query Exploit \u0026 Vulnerability Identifiers (exploit)\n    - (FREE) Russian VIDs with no associated CVEs (^RU_NON_CVE) - `puncia exploit ^RU_NON_CVE  \u003coutput-file\u003e` \n    - (FREE) Chinese VIDs with no associated CVEs (^CN_NON_CVE) - `puncia exploit ^CN_NON_CVE  \u003coutput-file\u003e`\n    - (FREE) Vulnerability \u0026 Exploit Identifers Watchlist (^WATCHLIST_IDES) - `puncia exploit ^WATCHLIST_IDES  \u003coutput-file\u003e`\n    - (FREE) Vulnerability \u0026 Exploit Identifers Watchlist with Descriptions (^WATCHLIST_INFO) - `puncia exploit ^WATCHLIST_INFO  \u003coutput-file\u003e`\n    - (FREE) Vulnerable Technologies Watchlist (^WATCHLIST_TECH) - `puncia exploit ^WATCHLIST_TECH  \u003coutput-file\u003e`\n    - (FREEMIUM) [Supported Vulnerability Identifiers](https://github.com/ARPSyndicate/docs?tab=readme-ov-file#supported-vulnerability-identifiers) - `puncia exploit \u003ceoidentifier\u003e \u003coutput-file\u003e`\n7.  (FREEMIUM) Enrich CVE/GHSA Identifiers (enrich) - `puncia enrich \u003ccve-id/ghsa-id\u003e \u003coutput-file\u003e`\n8.  Multiple Queries (bulk/sbom)\n\n    - (FREEMIUM) Bulk Input JSON File Format - `puncia bulk \u003cjson-file\u003e \u003coutput-directory\u003e`\n      ```\n      {\n          \"subdomain\": [\n              \"domainA.com\",\n              \"domainB.com\"\n          ],\n          \"replica\": [\n              \"domainA.com\",\n              \"domainB.com\"\n          ],\n          \"exploit\": [\n              \"eoidentifierA\",\n              \"eoidentifierB\"\n          ],\n          \"enrich\": [\n              \"eoidentifierA\",\n              \"eoidentifierB\"\n          ]\n      }\n      ```\n    - (FREEMIUM) [SBOM Input JSON File Format](https://github.com/CycloneDX/bom-examples/blob/master/SBOM/protonmail-webclient-v4-0912dff/bom.json) - `puncia sbom \u003cjson-file\u003e \u003coutput-directory\u003e`\n\n9.  (FREEMIUM) External Import\n\n    ```\n        import puncia\n\n        # Without API Key\n        print(puncia.query_api(\"exploit\",\"CVE-2021-3450\"))\n        print(puncia.query_api(\"subdomain\",\"arpsyndicate.io\"))\n        print(puncia.query_api(\"chat\",\"write a xss fuzzer in python\"))\n\n        # With API Key\n        puncia.store_key(\"ARPS-xxxxxxxxxx\")\n        print(puncia.query_api(\"subdomain\",\"arpsyndicate.io\", apikey=puncia.read_key()))\n        print(puncia.query_api(\"exploit\",\"CVE-2021-3450\", apikey=puncia.read_key()))\n        print(puncia.query_api(\"chat\",\"write a xss fuzzer in python\", apikey=puncia.read_key()))\n        print(puncia.query_api(\"summarize\",\"https://www.osintteam.com/combating-the-darkest-depths-of-cyber-intelligence-the-pall-mall-process/\", apikey=puncia.read_key()))\n\n    ```\n\n\u003cbr\u003e\n\n## Noteworthy Mentions\n\n- [Passive Subdomain Enumeration: Uncovering More Subdomains than Subfinder \u0026 Amass](https://osintteam.com/passive-subdomain-enumeration-uncovering-more-subdomains-than-subfinder-amass/)\n- [Around 1000 exploitable cybersecurity vulnerabilities that MITRE \u0026 NIST ‘might’ have missed but China or Russia didn’t.](https://blog.arpsyndicate.io/over-a-1000-vulnerabilities-that-mitre-nist-might-have-missed-but-china-or-russia-did-not-871b2364a526)\n- [Utilizing GitHub Actions for gathering Subdomain \u0026 Exploit Intelligence](https://blog.arpsyndicate.io/utilizing-github-actions-for-gathering-subdomain-exploit-intelligence-bbc79c19bb85)\n- [Introducing Exploit Observer — More than Shodan Exploits, Less than Vulners](https://blog.arpsyndicate.io/introducing-exploit-observer-more-than-shodan-exploits-less-than-vulners-23eaea466e4a)\n- [PUNCIA — The Panthera(P.)uncia of Cybersecurity](https://blog.arpsyndicate.io/puncia-the-panthera-p-uncia-of-cybersecurity-ft-puncia-subdomain-center-exploit-observer-9a9d8cca9576)\n- [Subdomain Enumeration Tool Face-off - 2023 Edition](https://blog.blacklanternsecurity.com/p/subdomain-enumeration-tool-face-off-4e5)\n\n## More from [A.R.P. Syndicate](https://www.arpsyndicate.io)\n\n- [VEDAS Advisories](https://vedas.arpsyndicate.io)\n- [Open Source Intelligence](https://asm.arpsyndicate.io/intelligence.html)\n- [Attack Surface Management](https://asm.arpsyndicate.io)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FARPSyndicate%2Fpuncia","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FARPSyndicate%2Fpuncia","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FARPSyndicate%2Fpuncia/lists"}