ktzgraph / sarenka Goto Github PK

View Code? Open in Web Editor NEW

616.0 24.0 88.0 139.64 MB

OSINT tool - gets data from services like shodan, censys etc. in one app

Home Page: https://pawlaczyk.github.io/sarenka/

License: MIT License

Python 73.19% JavaScript 4.18% HTML 1.46% TypeScript 20.83% Shell 0.04% Makefile 0.13% Batchfile 0.16%

django react osint-python reconnaissance osint django-rest-framework shodan-api censys-api cwe scraping-websites

sarenka's Introduction

♥ Free Software, requires only free accounts to third part services ♥

Lack of knowledge ... that is the problem.

William Edwards Deming

SARENKA is an Open Source Intelligence (OSINT) tool that helps you in obtaining and understanding Attack Surface.

The main goal is gathering information from search engines for Internet-connected devices (https://censys.io/, https://www.shodan.io/, https://www.criminalip.io/ko). It scrapes data about Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and also has a database where CVEs are mapped to CWE.

It returns data about the local machine - local installed software (from Windows Registry), local network information (python libraries, popular cmd commads).

For now, the application also has simple tools like a hash calculator, shannon entropy calculator and very simple port scanner. More cryptography-math tools and reconnaissance scripts are planned.

The app is alive and has been rewritten from scratch on branch develop.

Contributors

SARENKA was mentioned here:

Features

get data from https://censys.io/ by ip
get data from https://www.shodan.io/ by ip
get data from https://www.criminalip.io/ by ip
get DNS data
get WHOIS data
banner grabbing
find CVEs by CWE
generate pdf report

You can also:

calculate hashes based on user string
calculate shannon entropy based on user string
check is port open|closed (instead always use nmap if you can - it is slow)

Installation

Our team tests the application on Windows 10 and Kali Linux with Python 3.8.

SARENKA requires:

Python

Clone repository

$ git clone https://github.com/pawlaczyk/sarenka.git

Go to application directory

$ cd ./sarenka

Create venv

$ python3 -m venv env

Activate venv

Powershell

$ ./env/Scripts/Activate.ps1

cmd

$ ./env/Scripts/activate.bat

Install requirements

$ pip3 install -r ./requirements.txt

Build application with sarenka.py script

$ python ./sarenka/sarenka.py

Getting started

####Please create accounts on services:

Application - default http://localhost:8000/

# go to sarenka/sarenka
$ python backend/manage.py runserver

#####Add user credentials at "Settings"

Screenshots

Suggestions are welcome

Want some feature, other tool, library functionality?
Have any idea or question?
Don't hesitate to contact .

Databases

Details in documentation.

Tech

And of course SARENKA itself is open source with a public repository on GitHub.

Planned features

Rewrite documentation in English (end of 2021)
trello/ github instead of Jira
Cover 100% code by tests
typing backend
document all functions and class
Docker
online demo
Jenkins
GraphQL
Selenium Scrapers
More pentesting tools
Google Dorks
Abstract Algebra calculator
Number Theory calculator
Server certificate validator
tests on Linux
NLP
d3js visualizations
alternative pure version for command line

CI/CD Tools

Tested manually

Kali Linux kali-rolling 2020.2; Python 3.8.2
Windows 10; Python 3.8.5

Documentation

Till end of March, 2021 documentation will be available only in Polish! The documentation is availabe here.

Authors

Contact

License

SARENKA is licensed under the MIT License.

Develop branch

sarenka's People

Stargazers

Watchers

Forkers

jack51706 neoteknon sodiptabadiabanurea chubbymaggie nusiloot isiaon rajivraj 5l1v3r1 sashka3076 kiku-jw michalpawlaczyk marmodsec hackinfinity saikrishnadm konwro sk3lk0 ramikan eshad c0axial tor-0 asdeegen mlynchcogent tommalvoriddle vinhduong macdaliot thelast-paladin markgillanders sc4rfurry alilouvic hmidani-abdelilah aimenriyadh jdelta1 proinsights an0n1m1z3 jawar1mx shlomin375 joker72655561 hugoahosta laozhudetui ayaz-z 4jinetes matrixsociety ceyhuncamli jamdart jonathanfierstein gptubpkcshkzjc8fkcrxudk6sbecpm49p5xu46u bellmit 3ur0c3nt5y sinsixx ddostest123 lowgun cyberbuck optionalg drfich4 scu-ceng marcianobarros20 349k 17ack312 peterza2019 ipc-security xyz27900 0xsojalsec magespawn rafalwojaczek sherlocklchen netindiapro ringoetanthony oakkaya qodx blackhatethicalhacking parkjunmin rpedrica wh014m gg-big-org githubmg21 jgoodacre93 akbarazimifar kiatomas218 karoskk myparsingdata m4rm0k mrevilliver cyberfury101 matosdiego naitsirhc41

sarenka's Issues

Trouble in process build !!

C:\Users\PC_NAME\sarenka>python3 sarenka\sarenka.py
!!! It is in develop mode !!!
Do you really want to build application?
Proceed (y/n): y
❤ Creating databases for Common Weakness Enumeration
❤ Removes folder with old databases for CWE ids
❤ Folder cwe database files in C:\Users\PC_NAME\sarenka\sarenka\backend\backend\cwe_databases for 'api_vulnerabilities' application created.
command: python C:\Users\PC_NAME\sarenka\sarenka\backend\manage.py migrate api_vulnerabilities --database=cwe_none
python: can't open file 'C:\Users\PC_NAME': [Errno 2] No such file or directory
Traceback (most recent call last):
File "sarenka\sarenka.py", line 293, in
sarenka_command.build()
File "sarenka\sarenka.py", line 285, in build
self.builder.run()
File "sarenka\sarenka.py", line 266, in run
self.__create_cwes_databases_files()
File "sarenka\sarenka.py", line 219, in __create_cwes_databases_files
self.helper.run_command(command)
File "sarenka\sarenka.py", line 77, in run_command
raise SarenkaBuildError(f"Error while executing command {command}")
main.SarenkaBuildError: Error while executing command python C:\Users\PC_NAME\sarenka\sarenka\backend\manage.py migrate api_vulnerabilities --database=cwe_none

C:\Users\PC_NAME\sarenka>

Can you help me ?

nmap is not nmap

Hi,

I noticed that this project has a dependency on nmap in requirements.txt. It was brought to my attention that people mistakenly install this in belief it's the well-known port scanning tool, which it's not. I've since removed the single release of my nmap library from PyPI, and so wanted to inform you that installation is likely to break until you remove this dependency (which I assume was incorrectly added to begin with).

Sorry for any inconvenience caused by this.

Can't build wheels for panda

Hi, I try several things to resolve this issue but I can't find any tricks that work.
Every time I try to install the requirements I returne me "ERROR: Could not build wheels for pandas which use PEP 517 and cannot be installed directly "
I try to not use pep but nothing work.
Thanks in advance.

Nom executing

Trouble in process build

How to start

How can I start this project, can you give me a document or a brief description

Can you answer my question ,please?

I cannot scan although i had account shodan and censys. can you explain for me???

rzodkiewka library - bug on Linux

[develop branch]
Problem in parsing Json - need to be fixed in the library.
Causes problem in the backend.

JWT

jwt authentication on server and client

I have problems installing Websockets

Django issue | Network Error

Description

Hello Team

Thank you for making this tool
while following the instruction in WSL Ubuntu 18.04 Machine
I managed to install all the requirements
but when I run the backend server I get this error

Performing system checks...

Exception in thread django-main-thread:
Traceback (most recent call last):
  File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
    self.run()
  File "/usr/lib/python3.6/threading.py", line 864, in run
    self._target(*self._args, **self._kwargs)
  File "/usr/local/lib/python3.6/dist-packages/django/utils/autoreload.py", line 53, in wrapper
    fn(*args, **kwargs)
  File "/usr/local/lib/python3.6/dist-packages/django/core/management/commands/runserver.py", line 118, in inner_run
    self.check(display_num_errors=True)
  File "/usr/local/lib/python3.6/dist-packages/django/core/management/base.py", line 396, in check
    databases=databases,
  File "/usr/local/lib/python3.6/dist-packages/django/core/checks/registry.py", line 70, in run_checks
    new_errors = check(app_configs=app_configs, databases=databases)
  File "/usr/local/lib/python3.6/dist-packages/django/core/checks/urls.py", line 13, in check_url_config
    return check_resolver(resolver)
  File "/usr/local/lib/python3.6/dist-packages/django/core/checks/urls.py", line 23, in check_resolver
    return check_method()
  File "/usr/local/lib/python3.6/dist-packages/django/urls/resolvers.py", line 408, in check
    for pattern in self.url_patterns:
  File "/usr/local/lib/python3.6/dist-packages/django/utils/functional.py", line 48, in __get__
    res = instance.__dict__[self.name] = self.func(instance)
  File "/usr/local/lib/python3.6/dist-packages/django/urls/resolvers.py", line 589, in url_patterns
    patterns = getattr(self.urlconf_module, "urlpatterns", self.urlconf_module)
  File "/usr/local/lib/python3.6/dist-packages/django/utils/functional.py", line 48, in __get__
    res = instance.__dict__[self.name] = self.func(instance)
  File "/usr/local/lib/python3.6/dist-packages/django/urls/resolvers.py", line 582, in urlconf_module
    return import_module(self.urlconf_name)
  File "/usr/lib/python3.6/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 994, in _gcd_import
  File "<frozen importlib._bootstrap>", line 971, in _find_and_load
  File "<frozen importlib._bootstrap>", line 955, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 665, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 678, in exec_module
  File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
  File "/opt/sarenka/sarenka/backend/backend/urls.py", line 28, in <module>
    path('vulns/', include("api_vulnerabilities.urls")),
  File "/usr/local/lib/python3.6/dist-packages/django/urls/conf.py", line 34, in include
    urlconf_module = import_module(urlconf_module)
  File "/usr/lib/python3.6/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 994, in _gcd_import
  File "<frozen importlib._bootstrap>", line 971, in _find_and_load
  File "<frozen importlib._bootstrap>", line 955, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 665, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 678, in exec_module
  File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
  File "/opt/sarenka/sarenka/backend/api_vulnerabilities/urls.py", line 2, in <module>
    from .views import CVESearchView, CWETop25, CWEData, CWEAllView, CVEDetailsAllView, CWEDetailsAllView, \
  File "/opt/sarenka/sarenka/backend/api_vulnerabilities/views.py", line 5, in <module>
    from .cve_and_cwe.cve_details_all import CVEDetailsAll
  File "/opt/sarenka/sarenka/backend/api_vulnerabilities/cve_and_cwe/cve_details_all.py", line 8, in <module>
    class CVEDetailsAll:
  File "/opt/sarenka/sarenka/backend/api_vulnerabilities/cve_and_cwe/cve_details_all.py", line 23, in CVEDetailsAll
    @lru_cache
  File "/usr/lib/python3.6/functools.py", line 477, in lru_cache
    raise TypeError('Expected maxsize to be an integer or None')
TypeError: Expected maxsize to be an integer or None

and the front end works fine

Giving a live IP Address results in Network Error

Best regards

[Critical] Request failed with status code 400

Hi there, @KTZgraph Hope you're doing well.

I'mma keep it short, this problem still exists (After a few seconds of loading):

After doing some digging and putting almost all of my little techie knowledge into work, figured that this might be problem on the frontend side, not the backend, because such Request failed with status code 400 error has never been defined in any of your source/code files. so giving it a best shot, it's an Auto generated response. speaking of Frontend, by more digging I figured that this type of http error message is generated as a response by the Axios Routing JS package, So it could be related to it, Maybe ?

Also it could be an API problem, but I somehow managed to figure out that the request never actually leaves the system:

And also to mention, My Shodan and Censys keys are all working fine and in good health.

Any ideas?
I'd be glad to share more ideas.
Thanks in advance for such brilliant piece of software.
Best Regards, SoloGeek.

Please!!!

Hello, my teacher let me reactor your sarenka subject. and i download the github‘s code and open it with the pycharm, but i don't know how to run it . Can you update the description of installing it, Please~~

Typo in the setup file

https://github.com/pawlaczyk/sarenka/blob/dd08782eb60aa200c4a22c1d47e37b35d14ea454/setup.py#L35

It should be

- autor_email="[email protected]"
+ author_email="[email protected]"