Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/maldevel/intelspy
Perform automated network reconnaissance scans
https://github.com/maldevel/intelspy
enumeration gathering hacking information information-gathering intelligence intelligence-gathering port-scanning ports reconnaissance rightclickhack services
Last synced: 4 days ago
JSON representation
Perform automated network reconnaissance scans
- Host: GitHub
- URL: https://github.com/maldevel/intelspy
- Owner: maldevel
- License: gpl-3.0
- Created: 2020-03-07T09:56:54.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-05-04T15:05:11.000Z (over 1 year ago)
- Last Synced: 2024-08-02T16:01:14.173Z (3 months ago)
- Topics: enumeration, gathering, hacking, information, information-gathering, intelligence, intelligence-gathering, port-scanning, ports, reconnaissance, rightclickhack, services
- Language: Python
- Homepage:
- Size: 265 KB
- Stars: 215
- Watchers: 10
- Forks: 48
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
Perform automated network reconnaissance scans to gather network intelligence.
IntelSpy is a multi-threaded network intelligence tool which performs automated network services enumeration. It performs live hosts detection scans, port scans, services enumeration scans, web content scans, brute-forcing, detailed off-line exploits searches and more.
The tool will also launch further enumeration scans for each detected service using a number of different tools.
---
### Features
* Scans multiple targets in the form of IP addresses, IP ranges (CIDR notation) and resolvable hostnames.
* Scans targets concurrently.
* Detects live hosts in an IP range (CIDR) network.
* Customizable port scanning profiles and service enumeration commands.
* Creates a directory structure for results gathering and reporting.
* Logs every command that was executed.
* Generates shell scripts containing commands to be run manually.
* Extracts important information in txt and markdown format for further inspection.
* Stores data to an SQLite database.
* Generates an HTML report.
---
### Requirements
* Python 3 (``` sudo apt install python3 ```)
* Linux (preferably Kali Linux or any other hacking distribution containing the tools below.)
* https://www.kali.org/downloads/
* toml (https://github.com/toml-lang/toml)
* seclists (https://github.com/danielmiessler/SecLists)
* curl (*prerequisite*) (``` sudo apt install curl ```)
* enum4linux (*prerequisite*) (``` sudo apt install enum4linux ```)
* gobuster (*prerequisite*) (``` sudo apt install gobuster ```)
* hydra (*optional*) (``` sudo apt install hydra ```)
* ldapsearch (*optional*) (``` sudo apt install ldap-utils ```)
* medusa (*optional*) (``` sudo apt install medusa ```)
* nbtscan (*prerequisite*) (``` sudo apt install nbtscan ```)
* nikto (*prerequisite*) (``` sudo apt install nikto ```)
* nmap (*prerequisite*) (``` sudo apt install nmap ```)
* onesixtyone (*prerequisite*) (``` sudo apt install onesixtyone ```)
* oscanner (*optional*) (``` sudo apt install oscanner ```)
* pandoc (*prerequisite*) (``` sudo apt install pandoc ```)
* patator (*optional*) (``` sudo apt install patator ```)
* showmount (*prerequisite*) (``` sudo apt install nfs-common ```)
* smbclient (*prerequisite*) (``` sudo apt install smbclient ```)
* smbmap (*prerequisite*) (``` sudo apt install smbmap ```)
* smtp-user-enum (*prerequisite*) (``` sudo apt install smtp-user-enum ```)
* snmpwalk (*prerequisite*) (``` sudo apt install snmp ```)
* sslscan (*prerequisite*) (``` sudo apt install sslscan ```)
* svwar (*prerequisite*) (``` sudo apt install sipvicious ```)
* tnscmd10g (*prerequisite*) (``` sudo apt install tnscmd10g ```)
* whatweb (*prerequisite*) (``` sudo apt install whatweb ```)
* wkhtmltoimage (*prerequisite*) (``` sudo apt install wkhtmltopdf ```)
* wpscan (*optional*) (``` sudo apt install wpscan ```)
```
pip3 install -r requirements.txt
```
---
### Usage
```
$ python3 intelspy.py -h
___ __
| ._ _|_ _ | (_ ._
_|_ | | |_ (/_ | __) |_) \/
| /
IntelSpy v2.0 - Perform automated network reconnaissance scans to gather network intelligence.
IntelSpy is an open source tool licensed under GPLv3.
Written by: @maldevel | Logisek ICT
Web: https://logisek.com | https://pentest-labs.com
Project: https://github.com/maldevel/intelspy
usage: intelspy.py [-h] [-ts TARGET_FILE] -p PROJECT_NAME -w WORKING_DIR
[--exclude ] [-s SPEED]
[-ct ] [-cs ] [--profile PROFILE_NAME]
[--livehost-profile LIVEHOST_PROFILE_NAME]
[--heartbeat HEARTBEAT] [-v]
[targets [targets ...]]
positional arguments:
targets IP addresses (e.g. 10.0.0.1), CIDR notation (e.g.
10.0.0.1/24), or resolvable hostnames (e.g.
example.com) to scan.
optional arguments:
-h, --help show this help message and exit
-ts TARGET_FILE, --targets TARGET_FILE
Read targets from file.
-p PROJECT_NAME, --project-name PROJECT_NAME
project name
-w WORKING_DIR, --working-dir WORKING_DIR
working directory
--exclude
exclude hosts/networks
-s SPEED, --speed SPEED
0-5, set timing template (higher is faster) (default:
4)
-ct , --concurrent-targets
The maximum number of target hosts to scan
concurrently. Default: 5
-cs , --concurrent-scans
The maximum number of scans to perform per target
host. Default: 10
--profile PROFILE_NAME
The port scanning profile to use (defined in port-
scan-profiles.toml). Default: default
--livehost-profile LIVEHOST_PROFILE_NAME
The live host scanning profile to use (defined in
live-host-scan-profiles.toml). Default: default
--heartbeat HEARTBEAT
Specifies the heartbeat interval (in seconds) for task
status messages. Default: 60
-v, --verbose Enable verbose output. Repeat for more verbosity (-v,
-vv, -vvv).
```
---
### Usage Examples
Scanning single target
```
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 -v
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 -vv
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 -vvv
```
Scanning a hostname
```
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ example.com
```
Scanning a network range(CIDR)
```
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.0/24
```
Scanning multiple targets (comma separated)
```
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 192.168.10.0/24 example.com
```
Scanning targets from file
```
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ -ts /home/user/targets.txt
```
Excluding one host
```
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ --exclude 192.168.10.9 192.168.10.0/24
```
Excluding many hosts
```
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ --exclude 192.168.10.9,192.168.10.24 192.168.10.0/24
```
---
### Credits
I started working on IntelSpy when I discovered [AutoRecon](https://github.com/Tib3rius/AutoRecon). Instead of reinventing the wheel, IntelSpy is the result of merging IntelSpy with the best features of the AutoRecon to create a network reconnaissance tool suitable for Penetration Testing engagements.
---