Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/j3ssie/metabigor
OSINT tools and more but without API key
https://github.com/j3ssie/metabigor
asn bug-bounty bugbounty bugbounty-tools bugbountytips infosec ip-osint ip-range osint pentesting recon reconnaissance security security-tools subdomain subdomains
Last synced: 4 days ago
JSON representation
OSINT tools and more but without API key
- Host: GitHub
- URL: https://github.com/j3ssie/metabigor
- Owner: j3ssie
- License: mit
- Created: 2019-05-24T06:47:00.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2024-04-19T13:12:11.000Z (9 months ago)
- Last Synced: 2025-01-11T06:04:52.701Z (11 days ago)
- Topics: asn, bug-bounty, bugbounty, bugbounty-tools, bugbountytips, infosec, ip-osint, ip-range, osint, pentesting, recon, reconnaissance, security, security-tools, subdomain, subdomains
- Language: Go
- Homepage:
- Size: 111 MB
- Stars: 1,282
- Watchers: 24
- Forks: 172
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
Metabigor - An Intelligence Tool but without API key
***
# What is Metabigor?
Metabigor is Intelligence tool, its goal is to do OSINT tasks and more but without any API key.
# Installation
### Pre-built Binaries
You can download pre-built binaries for your platform from the [releases page](https://github.com/j3ssie/metabigor/releases). Choose the appropriate binary for your operating system and architecture, download it, and place it in your `PATH`.
If the binary fails to execute, consider incorporating this into your environment: `export ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH=go1.20`.
### Building from Source
To install this project from source, you'll need Go installed on your system. If you haven't installed Go yet, you can follow the official installation instructions [here](https://golang.org/doc/install).
```shell
git clone https://github.com/j3ssie/metabigor.git
cd metabigor
go install
```# Main features
- Searching information about IP Address, ASN and Organization.
- Wrapper for running rustscan, masscan and nmap more efficient on IP/CIDR.
- Finding more related domains of the target by applying various techniques (certificate, whois, Google Analytics, etc).
- Get Summary about IP address (powered by [**@thebl4ckturtle**](https://github.com/theblackturtle))# Usage
## Discovery IP of a company/organization - `metabigor net`
The difference between net and **netd** command is that **netd** will get the dynamic result from the third-party source
while net command will get the static result from the database.```bash
# discovery IP of a company/organization
echo "company" | metabigor net --org -o /tmp/result.txt# discovery IP of an ASN
echo "ASN1111" | metabigor net --asn -o /tmp/result.txt
cat list_of_ASNs | metabigor net --asn -o /tmp/result.txtecho "ASN1111" | metabigor netd --asn -o /tmp/result.txt
```***
## Finding more related domains of the target by applying various techniques (certificate, whois, Google Analytics, etc) - `metabigor related`
> Note some of the results are not 100% accurate. Please do a manual check first before put it directly to other tools
> to scan.Some specific technique require different input so please see the usage of each technique.
## Using certificate to find related domains on crt.sh
```bash
# Getting more related domains by searching for certificate info
echo 'Target Inc' | metabigor cert --json | jq -r '.Domain' | unfurl format %r.%t | sort -u # this is old command# Getting more related domains by searching for certificate info
echo 'example Inc' | metabigor related -s 'cert'
```## Wrapper for running rustscan, masscan and nmap more efficient on IP/CIDR - `metabigor scan`
This command will require you to install `masscan`, `rustscan` and `nmap` first or at least the pre-scan result of them.
```bash
# Only run rustscan with full ports
echo '1.2.3.4/24' | metabigor scan -o result.txt# Only run nmap detail scan based on pre-scan data
echo '1.2.3.4:21' | metabigor scan -s
cat list_of_ip_with_port.txt | metabigor scan -c 10 --8 -s -o result.txt
cat list_of_ip_with_port.txt | metabigor scan -c 10 --tmp /tmp/raw-result/ -s -o result.txt
echo '1.2.3.4 -> [80,443,2222]' | metabigor scan -R# Run rustscan with full ports and nmap detail scan based on pre-scan data
echo '1.2.3.4/24' | metabigor scan --pipe | metabigor scan -R
```***
## Using Reverse Whois to find related domains
```bash
echo 'example.com' | metabigor related -s 'whois'
```## Getting more related by searching for Google Analytics ID
```bash
# Get it directly from the URL
echo 'https://example.com' | metabigor related -s 'google-analytic'# You can also search it directly from the UA ID too
metabigor related -s 'google-analytic' -i 'UA-9152XXX' --debug
```***
## Get Summary about IP address (powered by [**@thebl4ckturtle**](https://github.com/theblackturtle)) - `metabigor ipc`
This will show you the summary of the IP address provided like ASN, Organization, Country, etc.
```bash
cat list_of_ips.txt | metabigor ipc --json
```## Extract Shodan IPInfo from internetdb.shodan.io
```bash
echo '1.2.3.4' | metabigor ip -open
1.2.3.4:80
1.2.3.4:443# lookup CIDR range
echo '1.2.3.4/24' | metabigor ip -open -c 20
1.2.3.4:80
1.2.3.5:80# get raw JSON response
echo '1.2.3.4' | metabigor ip -json
```# Demo
[![asciicast](https://asciinema.org/a/301745.svg)](https://asciinema.org/a/301745)
***
## Painless integrate Metabigor into your recon workflow?
This project was part of Osmedeus Engine. Check out how it was integrated at @OsmedeusEngine
# Credits
Logo from [flaticon](https://image.flaticon.com/icons/svg/1789/1789851.svg)
by [freepik](https://www.flaticon.com/authors/freepik)# Disclaimer
This tool is for educational purposes only. You are responsible for your own actions. If you mess something up or break
any laws while using this software, it's your fault, and your fault only.# License
`Metabigor` is made with ♥ by [@j3ssiejjj](https://twitter.com/j3ssiejjj) and it is released under the MIT license.
# Donation
[![paypal](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://paypal.me/j3ssiejjj)
[!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/j3ssie)