wgpsec / tig Goto Github PK
View Code? Open in Web Editor NEWThreat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。
License: Apache License 2.0
Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。
License: Apache License 2.0
建议加入360威胁情报查询,根据个人以及同事的使用反馈,360威胁情报库比较强大,建议集成进去
Traceback (most recent call last):
File ".\tig.py", line 655, in <module>
main(i, config_path, proxies)
File ".\tig.py", line 413, in main
IP_reverse2_result = IP_reverse2(ip, proxies)
File ".\tig.py", line 238, in IP_reverse2
for ip in r.json():
File "D:\python37\lib\site-packages\requests\models.py", line 898, in json
return complexjson.loads(self.text, **kwargs)
File "D:\python37\lib\json\__init__.py", line 348, in loads
return _default_decoder.decode(s)
File "D:\python37\lib\json\decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "D:\python37\lib\json\decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
360的cookie好像已经没法用了
[EROR] 访问 https://fofa.so/api/v1/search/all?email=(我的email)&key=20fa8e7bc14fee2487b42f368a70a8e2&qbase64
=NDcuMjQwLjczLjc3&size=100 发生错误,错误信息: ReadTimeo
ut(ReadTimeoutError("HTTPSConnectionPool(host='fofa.so',
port=443): Read timed out. (read timeout=5)",),)
[EROR] 查询 47.240.73.77 的 Fofa
信息发生错误,错误信息:AttributeError("'str' object has
no attribute 'json'",)
您好,配置完微步在线api后,发现无法查询,微步在线的api接口地址变了
Traceback (most recent call last):
File "tig.py", line 509, in
main(ip, config_path, proxies)
File "tig.py", line 288, in main
ThreatBook_result = ThreatBook(ip, config_path)
File "tig.py", line 149, in ThreatBook
confidence_level = r_json['data']['%s' % ip]['confidence_level'] # 情报可信度
KeyError: 'data'
python3 tig.py -i X.X.X.X
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
|T|h|r|e|a|t| |I|n|t|e|l|l|i|g|e|n|c|e| |G|a|t|h|e|r|i|n|g|
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
团队:狼组安全团队 作者:TeamsSix 版本:0.5
[18:18:48] 检测到您可能是第一次运行本程序,请根据程序提示输入您的API地 tig.py:71
址,如果没有直接回车即可,但在查询时将不会调用相关模块
请输入您的微步 Api:[填写的是正常的]
请输入您的Fofa邮箱:[填写的是正常的]
请输入您的Fofa Api:[填写的是正常的]
Traceback (most recent call last):
File "/Users/win/Downloads/tig-0.5/tig.py", line 508, in
console.rule("[yellow]正在查询 %s 的情报信息" % ip, align='left', style="yellow")
TypeError: rule() got an unexpected keyword argument 'align'
PS D:\测试工具\蓝队溯源\tig-0.4.2> python3 .\tig.py -i 45.79.1.146
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
|T|h|r|e|a|t| |I|n|t|e|l|l|i|g|e|n|c|e| |G|a|t|h|e|r|i|n|g|
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
团队:狼组安全团队 作者:TeamsSix 版本:0.5.2
────────────────────────────────────────────────────────────────────── 正在查询 45.79.1.146 的情报信息 ───────────────────────────────────────────────────────────────────────
Traceback (most recent call last):
File "C:\Program Files\path\Python\Python3.8\lib\configparser.py", line 789, in get
value = d[option]
File "C:\Program Files\path\Python\Python3.8\lib\collections_init_.py", line 891, in getitem
return self.missing(key) # support subclasses that define missing
File "C:\Program Files\path\Python\Python3.8\lib\collections_init_.py", line 883, in missing
raise KeyError(key)
KeyError: 'ti360_cookie'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File ".\tig.py", line 579, in
main(ip, config_path, proxies)
File ".\tig.py", line 341, in main
init_360ti(config_path)
File ".\tig.py", line 308, in init_360ti
ti_portal = cfg.get('Api Config', 'ti360_cookie').strip("'").strip()
File "C:\Program Files\path\Python\Python3.8\lib\configparser.py", line 792, in get
raise NoOptionError(option, section)
configparser.NoOptionError: No option 'ti360_cookie' in section: 'Api Config'
跑一半的时候停住= = 也没有啥提示 我用的linux跑的 。。。想问一下可能哪里有坑么 ,我已经跑出了部分信息,但是我的列表有一串, 到了5个左右就GG了
$ python tig.py -i 8.8.8.8
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
|T|h|r|e|a|t| |I|n|t|e|l|l|i|g|e|n|c|e| |G|a|t|h|e|r|i|n|g|
+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+
团队:狼组安全团队 作者:TeamsSix 版本:0.5
正在查询 8.8.8.8 的情报信息 ───────────────────────────────────────────────────────────────────────────────────────────
Traceback (most recent call last):
File "tig.py", line 509, in <module>
main(ip, config_path, proxies)
File "tig.py", line 288, in main
ThreatBook_result = ThreatBook(ip, config_path)
File "tig.py", line 149, in ThreatBook
confidence_level = r_json['data']['%s' % ip]['confidence_level'] # 情报可信度
KeyError: 'data'
Exception in thread Thread-5:
Traceback (most recent call last):
File "/usr/local/Cellar/[email protected]/3.9.2_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/configparser.py", line 789, in get
value = d[option]
File "/usr/local/Cellar/[email protected]/3.9.2_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/collections/init.py", line 941, in getitem
return self.missing(key) # support subclasses that define missing
File "/usr/local/Cellar/[email protected]/3.9.2_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/collections/init.py", line 933, in missing
raise KeyError(key)
KeyError: 'whois_enable'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/[email protected]/3.9.2_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/threading.py", line 954, in _bootstrap_inner
self.run()
File "/usr/local/Cellar/[email protected]/3.9.2_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/threading.py", line 892, in run
self._target(*self._args, **self._kwargs)
File "/Users/sodme/tools/1.information/tig/tig.py", line 524, in IP_reverse_print
IP_reverse_print(ip, config_path, proxies)
File "/Users/sodme/tools/1.information/tig/tig.py", line 302, in IP_reverse_print
Whois_enable = cfg.get('IP Passive Information', 'Whois_enable')
File "/usr/local/Cellar/[email protected]/3.9.2_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/configparser.py", line 792, in get
raise NoOptionError(option, section)
configparser.NoOptionError: No option 'whois_enable' in section: 'IP Passive Information'
➜ tig
fofa,so 已经被封了,大佬修改一下fofa 的接口啊
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.