|
@@ -4,7 +4,7 @@
|
|
|
|
|
|
----------
|
|
|
|
|
|
-Orb: footprinting tool - by psy
|
|
|
+Orb: massive footprinting tool - 2016/2020 - by psy (https://03c8.net)
|
|
|
|
|
|
========================
|
|
|
|
|
@@ -38,15 +38,23 @@ Orb: footprinting tool - by psy
|
|
|
|
|
|
### Installing Orb:
|
|
|
|
|
|
- Orb runs on many platforms. It requires Python (2.x.y) and the following libraries:
|
|
|
+ Orb runs on many platforms. It requires Python (3.x.y) and the following libraries:
|
|
|
|
|
|
- python-whois - Python module for retrieving WHOIS information - Python 2
|
|
|
- python-dnspython - DNS toolkit for Python
|
|
|
- python-nmap - Python interface to the Nmap port scanner
|
|
|
+ python3-whois - Python module for retrieving WHOIS information - Python 3
|
|
|
+ whois (0.9.5) - Retrieve and parse whois data for IPv4 and IPv6 addresses.
|
|
|
+ python3-nmap - Python3 interface to the Nmap port scanner
|
|
|
+ nmap (0.0.1) - Map numbers from one range to another
|
|
|
+ python3-requests - elegant and simple HTTP library for Python3, built for human beings
|
|
|
+ requests (2.22.0) - Python HTTP for Humans.
|
|
|
+ wikipedia (1.4.0) - Wikipedia API for Python
|
|
|
|
|
|
On Debian-based systems (ex: Ubuntu), run:
|
|
|
|
|
|
- sudo apt-get install python-whois python-dnspython python-nmap
|
|
|
+ sudo apt-get install python3-whois python3-nmap python3-requests && sudo pip3 install whois nmap requests wikipedia
|
|
|
+
|
|
|
+ Or:
|
|
|
+
|
|
|
+ sudo apt-get install python3-whois pythons3-nmap python3-requests && pip3 install whois==0.9.5 nmap==0.0.1 requests==2.22.0 wikipedia==1.4.0 --user
|
|
|
|
|
|
Source libs:
|
|
|
|
|
@@ -54,23 +62,24 @@ Orb: footprinting tool - by psy
|
|
|
* Pypi-whois: https://pypi.python.org/pypi/whois
|
|
|
* Pydnspython: https://pypi.python.org/pypi/dnspython
|
|
|
* python-nmap: https://pypi.python.org/pypi/python-nmap
|
|
|
-
|
|
|
+ * python-requests: https://pypi.org/project/requests/
|
|
|
+ * python-wikipedia: https://pypi.org/project/wikipedia/
|
|
|
|
|
|
### Examples
|
|
|
|
|
|
You can use:
|
|
|
|
|
|
- ./orb --update
|
|
|
- ./orb --check-tor
|
|
|
- ./orb --gui (for Web interface)
|
|
|
+ python3 orb --update
|
|
|
+ python3 orb --check-tor
|
|
|
+ python3 orb --gui (for Web interface)
|
|
|
|
|
|
Or:
|
|
|
|
|
|
- ./orb --spell='target'
|
|
|
+ python3 orb --spell='target'
|
|
|
|
|
|
Ex (massive):
|
|
|
|
|
|
- ./orb --spell='target' --ext='.com,.net,.org' --sa
|
|
|
+ python3 orb --spell='target' --ext='.com,.net,.org' --sa
|
|
|
|
|
|
## Options and features:
|
|
|
|
|
@@ -109,7 +118,6 @@ Options:
|
|
|
|
|
|
--no-public disable search for public records
|
|
|
--no-deep disable deep web records
|
|
|
- --no-financial disable financial records
|
|
|
--no-social disable social records
|
|
|
--social-f=SOCIALF set a list of social sources from file
|
|
|
--no-news disable news records
|
|
@@ -176,7 +184,6 @@ Options:
|
|
|
|
|
|
+ Passive:
|
|
|
- Search for public records
|
|
|
- - Search for financial records
|
|
|
- Search for deep web records
|
|
|
- Search for social records
|
|
|
- Search for news records
|
|
@@ -188,41 +195,41 @@ Options:
|
|
|
- Not scan MX records
|
|
|
- Not banner grabbing
|
|
|
|
|
|
- *Ex: ./orb --spell 'target' --passive
|
|
|
+ *Ex: python3 orb --spell 'target' --passive
|
|
|
|
|
|
+ Active:
|
|
|
- Opposite to 'Passive' method.
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --active
|
|
|
+ *Ex: python3 orb --spell='target' --active
|
|
|
|
|
|
|
|
|
#### Search Engines
|
|
|
|
|
|
- You can set different search engines to gather public records from the Internet.
|
|
|
|
|
|
- For this release (by default: Yahoo):
|
|
|
+ For this release (by default: DuckDuckGo):
|
|
|
|
|
|
+ Supported:
|
|
|
- - Yahoo (yahoo.com) [28/03/2018]
|
|
|
- - Bing (bing.com) [28/03/2018]
|
|
|
- - Torch! (deep web) [28/03/2018]
|
|
|
+ - Duck (duckduckgo.com) [11/01/2020]
|
|
|
+ - Bing (bing.com) [11/01/2020]
|
|
|
+ - Torch! (deep web) [11/01/2020]
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --se='yahoo'
|
|
|
+ *Ex: python3 orb --spell='target' --se='bing'
|
|
|
|
|
|
- Also you can set the location for search engine to retrieve more accurate information
|
|
|
about your target.
|
|
|
|
|
|
For example, if is located in Spain you can try to use 'yahoo.es' servers:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --se='yahoo' --se-ext='es' (france=fr, italy=it, etc...)
|
|
|
+ *Ex: python3 orb --spell='target' --se='bing' --se-ext='es' (france=fr, italy=it, etc...)
|
|
|
|
|
|
- You can search massively using all search engines with:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --sa
|
|
|
+ *Ex: python3 orb --spell='target' --sa
|
|
|
|
|
|
These options can be combined:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --sa --se-ext='nl'
|
|
|
+ *Ex: python3 orb --spell='target' --sa --se-ext='nl'
|
|
|
|
|
|
|
|
|
#### Public Records
|
|
@@ -234,7 +241,7 @@ Options:
|
|
|
|
|
|
It is added to the tool an example folder for Spain to see how works:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --social-f='core/sources/spain/social.txt' --news-f='core/sources/spain/news.txt'
|
|
|
+ *Ex: python3 orb --spell='target' --social-f='core/sources/spain/social.txt' --news-f='core/sources/spain/news.txt'
|
|
|
|
|
|
You should try to build your own sources.
|
|
|
|
|
@@ -248,11 +255,11 @@ Options:
|
|
|
|
|
|
By default, Orb will use IANA supported domains. But you can set your own manually:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --ext='.com,.net,.org'
|
|
|
+ *Ex: python3 orb --spell='target' --ext='.com,.net,.org'
|
|
|
|
|
|
Or directly set a list from a file (examples provided):
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --ext-f='core/sources/user-exts.txt'
|
|
|
+ *Ex: python3 orb --spell='target' --ext-f='core/sources/user-exts.txt'
|
|
|
|
|
|
|
|
|
#### Whois
|
|
@@ -283,7 +290,7 @@ Options:
|
|
|
|
|
|
You can set which DNS resolvers (Google used by default) do you want to use for that tasks:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --resolver='8.8.8.8,8.8.8.4'
|
|
|
+ *Ex: python3 orb --spell='target' --resolver='8.8.8.8,8.8.8.4'
|
|
|
|
|
|
|
|
|
#### Port Scanning
|
|
@@ -292,17 +299,17 @@ Options:
|
|
|
|
|
|
You can set protocol type to only TCP (UDP+TCP by default) with:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --scan-tcp
|
|
|
+ *Ex: python3 orb --spell='target' --scan-tcp
|
|
|
|
|
|
Or select which ports do you want to try with:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --scan-ports='21-443'
|
|
|
+ *Ex: python3 orb --spell='target' --scan-ports='21-443'
|
|
|
|
|
|
** Port scanner will show you only 'Open' ports on machines.
|
|
|
|
|
|
You can see also 'Filtered' ports with:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --scan-ports='21-443' --show-filtered
|
|
|
+ *Ex: python3 orb --spell='target' --scan-ports='21-443' --show-filtered
|
|
|
|
|
|
|
|
|
#### Banner Grabbing
|
|
@@ -331,30 +338,22 @@ Options:
|
|
|
|
|
|
You can launch the tool without any log adding:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --no-log
|
|
|
+ *Ex: python3 orb --spell='target' --no-log
|
|
|
|
|
|
- For verbose output you can use:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' -v
|
|
|
+ *Ex: python3 orb --spell='target' -v
|
|
|
|
|
|
- Also you can generate a JSON report only with valid data gathered with:
|
|
|
|
|
|
- *Ex: ./orb --spell='target' --json='target.json'
|
|
|
+ *Ex: python3 orb --spell='target' --json='target.json'
|
|
|
|
|
|
|
|
|
### Contribute:
|
|
|
|
|
|
- If you want to contribute to Orb development, reporting a bug, providing a patch, commenting
|
|
|
- on the code base or simply need to find help to run it, please go to:
|
|
|
-
|
|
|
- irc.freenode.net / channel: #Orb
|
|
|
-
|
|
|
- If nobody gets back to you, then drop an e-mail.
|
|
|
-
|
|
|
- To make donations use the following hashes:
|
|
|
+ To make donations use the following hash:
|
|
|
|
|
|
- - Bitcoin: 1Q63KtiLGzXiYA8XkWFPnWo7nKPWFr3nrc
|
|
|
- - Ecoin: ETtSteMWxjY7RKWZGMNSkX7eC3BJ21VYXE
|
|
|
+ - Bitcoin: 19aXfJtoYJUoXEZtjNwsah2JKN9CK5Pcjw
|
|
|
|
|
|
|
|
|
### Contact
|
|
@@ -362,3 +361,4 @@ Options:
|
|
|
Please report any problems you encounter using/installing Orb to:
|
|
|
|
|
|
- psy (epsylon@riseup.net)
|
|
|
+
|