Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Dheerajmadhukar/karma_v1

KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports.
https://github.com/Dheerajmadhukar/karma_v1

Last synced: 21 days ago
JSON representation

KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports.

Host: GitHub
URL: https://github.com/Dheerajmadhukar/karma_v1
Owner: Dheerajmadhukar
Created: 2021-06-26T06:49:47.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2021-09-06T06:48:47.000Z (over 3 years ago)
Last Synced: 2024-11-19T14:32:48.193Z (23 days ago)
Language: Shell
Size: 146 KB
Stars: 58
Watchers: 1
Forks: 11
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - Dheerajmadhukar/karma_v1 - KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports. (Shell)

README

![Follow on Twitter](https://img.shields.io/twitter/follow/Dheerajmadhukar?style=social)

## `Do check the latest one: KARMA_V2 (https://github.com/Dheerajmadhukar/karma_v2)`

## What is this?
**KARMA_v1**
is a simple bash script automation that can talk to [Shodan](https://shodan.io) Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports, Products, Hostname, Server Details.

## What's special about this tool?

* Powerful and flexible results via Shodan Dorks
* SSL SHA1 checksum/fingerprint Search
* Only hit In-Scope IPs
* Verify each IP with SSL/TLS certificate issuer match RegEx
* Find out all ports including well known/uncommon
* Grab all targets vulnerabilities related to CVEs
* Banner grab for each IP & Product

***Its (karma_v1) a bit slow due to shodan API rate limit.***

#### **This VERSION (karma_v1) limit to 1000 IPs/Results only. NEW UPDATES WILL BE ADDED SOON ;)**

## Installation
### 1. Clone the repo
```bash
# git clone https://github.com/Dheerajmadhukar/karma_v1.git
```
### 2. Install shodan python module
```bash
# pip3 install shodan
```
### 3. Install JSON Parser [JQ]
```bash
# apt install jq -y
```
### 4. Install httpx [@pdiscoveryio](https://github.com/projectdiscovery/httpx) to probe the requests
```bash
# GO111MODULE=on go get -v github.com/projectdiscovery/httpx/cmd/httpx
```
### 5. Install Interlace [@codingo](https://github.com/codingo/Interlace.git) to multithread [Follow the codingo interlace repo instructions]
```bash
Clone https://github.com/codingo/Interlace.git & install accordingly.
```

## Ok, how do I use it?
```bash
# cat > .token
SHODAN_PREMIUM_API_HERE
```
```bash
# bash karma_v1 target.tld

Output will be saved in output/target.tld-YYY-MM-DD directory
```

Some example usage:

```bash
# bash karma_v1 target.tld
```
##### Requirements
- shodan python module [ pip3 install shodan ]
- anew [@tomnomnom](https://github.com/tomnomnom/anew)
- jq [ apt install jq -y ]
- httpx [@pdiscoveryio](https://github.com/projectdiscovery/httpx)
- Interlace [@codingo](https://github.com/codingo/Interlace.git)