Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Dheerajmadhukar/karma_v1
KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports.
https://github.com/Dheerajmadhukar/karma_v1
Last synced: 21 days ago
JSON representation
KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports.
- Host: GitHub
- URL: https://github.com/Dheerajmadhukar/karma_v1
- Owner: Dheerajmadhukar
- Created: 2021-06-26T06:49:47.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2021-09-06T06:48:47.000Z (over 3 years ago)
- Last Synced: 2024-11-19T14:32:48.193Z (23 days ago)
- Language: Shell
- Size: 146 KB
- Stars: 58
- Watchers: 1
- Forks: 11
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - Dheerajmadhukar/karma_v1 - KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports. (Shell)
README
![Follow on Twitter](https://img.shields.io/twitter/follow/Dheerajmadhukar?style=social)
## `Do check the latest one: KARMA_V2 (https://github.com/Dheerajmadhukar/karma_v2)`
## What is this?
**KARMA_v1**
is a simple bash script automation that can talk to [Shodan](https://shodan.io) Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports, Products, Hostname, Server Details.## What's special about this tool?
* Powerful and flexible results via Shodan Dorks
* SSL SHA1 checksum/fingerprint Search
* Only hit In-Scope IPs
* Verify each IP with SSL/TLS certificate issuer match RegEx
* Find out all ports including well known/uncommon
* Grab all targets vulnerabilities related to CVEs
* Banner grab for each IP & Product***Its (karma_v1) a bit slow due to shodan API rate limit.***
#### **This VERSION (karma_v1) limit to 1000 IPs/Results only. NEW UPDATES WILL BE ADDED SOON ;)**
## Installation
### 1. Clone the repo
```bash
# git clone https://github.com/Dheerajmadhukar/karma_v1.git
```
### 2. Install shodan python module
```bash
# pip3 install shodan
```
### 3. Install JSON Parser [JQ]
```bash
# apt install jq -y
```
### 4. Install httpx [@pdiscoveryio](https://github.com/projectdiscovery/httpx) to probe the requests
```bash
# GO111MODULE=on go get -v github.com/projectdiscovery/httpx/cmd/httpx
```
### 5. Install Interlace [@codingo](https://github.com/codingo/Interlace.git) to multithread [Follow the codingo interlace repo instructions]
```bash
Clone https://github.com/codingo/Interlace.git & install accordingly.
```## Ok, how do I use it?
```bash
# cat > .token
SHODAN_PREMIUM_API_HERE
```
```bash
# bash karma_v1 target.tldOutput will be saved in output/target.tld-YYY-MM-DD directory
```
Some example usage:
```bash
# bash karma_v1 target.tld
```
##### Requirements
- shodan python module [ pip3 install shodan ]
- anew [@tomnomnom](https://github.com/tomnomnom/anew)
- jq [ apt install jq -y ]
- httpx [@pdiscoveryio](https://github.com/projectdiscovery/httpx)
- Interlace [@codingo](https://github.com/codingo/Interlace.git)