I am happy to announce the first published part of SecCheckProject which is a tool called BinaryEdgeSploit which uses the powerfull engine Binaryedge.io which scans the web and you can collect data that is very helpful for your researches!
This code helps you use this engine easier, quicker and with some extra features it has for you!
You can download it from github:
And you can watch this video for it’s installation and usage instructions:
What you can do with this script?
There are many many things!
These are the categories that Binaryedge’s scanners provide:
- Host - Details about an Host. List of recent events for the specified host, including details of exposed ports and services.
- Images - Details about Remote Desktops found on an Host. List of screenshots and details extracted from them for the specified host, including OCR and whether faces were found or not, with data up to 2 months (in BinaryEdge’s database).
- Torrents - Details about torrents transferred by an Host. List of recent torrent events for the specified host, including details of the peer and torrent.
4 .Dataleaks - Allows you to search across multiple data breaches to see if any of your email addresses has been compromised.
- Risk Score - Scoring is based on all information found on BE’s databases regarding an IP and refers to the level of exposure of a target, i.e, the higher the score, the greater the risk of exposure.Also it provides you what CVEs which the IP is vulnerable.
- Domains - What is exposed via DNS? What subdomains belong to a Domain? What domains are served by IP X?
- Sensors - Details about a Scanner. List of recent events form the specified host, including details of scanned ports, payloads and tags.
What are script’s extra features?
- hname2ip - (One of my favourite features). Some of BE’s scanners have as input only IP addresses,so if you want to scan hackersploit.org, then you have to find it’s IP,so hname2ip is here to help you with that! You just type the host’s name and it automatically find’s it’s IP!
- It saves the results you get (in .json format) in script’s folders without spending extra requests! This is important if you want to save as many requests as you can for more scans!
- If user puts something wrong in input in some cases it will prevent to scan to not spend requests for no reason because if you try for example scan in BE directly from their site an IP and type 111.a111.11.11 (which is false IP) it will accept it and spend requests.So there is another important role for this script.(In the near future will add more checks for valid inputs)
- It has a very friendly help instructions environment about the scanning queries and parameters
- I cannot remember something else for now…
- More features will be added soon!
BinaryEdge has paid subscriptions but if you want you can get the FREE one which gives you 250 requests per month but you will not have all the scaners.
If you have any other questions,I am glad to answer them