· 5 years ago · May 07, 2020, 02:22 PM
1#!/usr/bin/python3
2
3from colorama import Fore, Back, Style
4from phonenumbers import geocoder
5import phonenumbers
6from shodan import Shodan
7from googlesearch import search
8from urllib.request import urlopen
9from fake_useragent import UserAgent
10from urllib.parse import urljoin
11from builtwith import builtwith
12from pygeocoder import Geocoder
13from os import path
14import time
15import os.path
16import socket, time, os, dns.resolver, sys, urllib, urllib.request, subprocess
17import shodan
18import requests, io, sys
19import ipaddress
20import whois
21import http.client
22import ftplib
23import ssl
24import re
25import json
26
27#####################################################################
28# #
29# IGF - Information Gathering Framework v1.6 by c0deninja #
30# #
31# pip3 install -r requirements.txt #
32# #
33#####################################################################
34
35banner = """
36
37
38 ██▓ ▄████ █████▒
39▓██▒ ██▒ ▀█▒ ▓██ ▒
40▒██▒ ▒██░▄▄▄░ ▒████ ░
41░██░ ░▓█ ██▓ ░▓█▒ ░
42░██░ ░▒▓███▀▒ ░▒█░
43░▓ ░▒ ▒ ▒ ░
44 ▒ ░ ░ ░ ░
45 ▒ ░ ░ ░ ░ ░ ░ v1.6
46 ░ ░
47
48"""
49class Infogath:
50
51 def commands(self, cmd):
52 try:
53 subprocess.check_call(cmd, shell=True)
54 except:
55 pass
56
57 def windowsexploitation(self):
58 print ("hello")
59
60 def ftpuserenum(self):
61 if path.exists("ftp_user_enum.pl"):
62 pass
63 if not path.exists("ftp_user_enum.pl"):
64 print (Fore.RED + "file ftp_user_enum.pl not found, exiting!")
65 self.enumeration()
66 ip = input("Enter FTP server: ")
67 user = input("User to enumerate: ")
68 print(Fore.GREEN + "\n")
69 print("==================== FTP User Enumeration ===================" + "\n")
70 self.commands("perl ftp_user_enum.pl -u {} -t {}".format(user, ip))
71
72 def dnsenum(self):
73 domain = input("Enter the domain name to enumerate: ")
74 if domain == "":
75 print (Fore.RED + "Please dont leave this blank!")
76 self.enumeration()
77 print ("\n")
78 print(Fore.GREEN)
79 print("================= DNS Enumeration ==================" + "\n")
80 self.commands("host -t ns " + domain + "\n")
81 self.commands("host -t mx " + domain + "\n")
82 self.commands("nslookup " + domain + "\n")
83 self.commands("dig " + domain + "\n")
84 self.commands("dig +nocmd " + domain + " ANY +noall +answer" + "\n")
85
86
87 def smbenum(self):
88 ip = input("Enter IP Address: ")
89 print ("\n")
90 print ("============ SMB Enumeration with enum4linux=============" + "\n")
91 self.commands("enum4linux " + ip + "\n")
92 print ("============ SMB Vulnerability Scan ===========")
93 self.commands("nmap -vv -sV -Pn -p139,445 --script smb-vuln-conficker.nse,smb-vuln-cve2009-3103.nse,smb-vuln-ms06-025.nse,smb-vuln-ms07-029.nse,smb-vuln-ms08-067.nse,smb-vuln-ms10-054.nse,smb-vuln-ms10-061.nse,smb-vuln-ms17-010.nse " + ip + "\n")
94
95
96 def phonenuminfo(self):
97 phonenumber = input("Enter Phone number: ")
98 countrycode = input("Enter Country (Ex: US): ")
99 try:
100 number = phonenumbers.parse(phonenumber, countrycode)
101 print("\n")
102 print("Checking to see if the number: {} is valid".format(phonenumber))
103 print("\n")
104 time.sleep(1)
105 valid = phonenumbers.is_valid_number(number)
106 if valid == True:
107 print (Fore.GREEN + "{} is a valid Phone number".format(phonenumber))
108 elif valid == False:
109 print ("{} is not a valid Phone number".format(phonenumber))
110 self.miscellaneous()
111 except phonenumbers.phonenumberutil.NumberParseException:
112 print(Fore.RED + "Error!")
113
114
115 def googledork(self):
116 ua = UserAgent()
117 header = {'User-Agent':str(ua.chrome)}
118 dork = input("Enter Dork: ")
119 numpage = input("Enter number of links to display: ")
120 print ("\n")
121 for url in search(dork, stop=int(numpage), user_agent=str(header)):
122 print (url)
123
124 print ("Found: {} links".format(numpage))
125 save = input("Save results to a file (y/n)?: ").lower()
126 if save == "y":
127 dorklist = input("Filename: ")
128 f = open(dorklist, 'w')
129 for url in search(dork, stop=int(numpage)):
130 f.writelines(url)
131 f.writelines("\n")
132 f.close()
133 if path.exists(dorklist):
134 print ("File saved successfully")
135 if not path.exists(dorklist):
136 print ("File was not saved")
137 elif save == "n":
138 pass
139
140 def sessionscookies(self):
141 try:
142 host = input("Enter site: ")
143 print ("\n")
144 session = requests.Session()
145 resp = session.get(host)
146 print (session.cookies)
147 except requests.exceptions.MissingSchema:
148 print (Fore.RED + "Please use: http://site.com")
149
150
151 def findbackup(self):
152 try:
153 site = input("Enter Site: ")
154 wordlist = input("Enter Wordlist: ")
155 print("\n")
156 ua = UserAgent()
157 header = {'User-Agent':str(ua.chrome)}
158 try:
159 f = open(wordlist, 'r')
160 backupfiles = f.readlines()
161 except IOError:
162 print (Fore.RED + "File not found")
163 self.webinfo()
164
165 for backuplist in backupfiles:
166 backuplist = backuplist.strip()
167 links = site + "/" + backuplist
168 response = requests.get(links, headers=header)
169 if response.status_code == 200:
170 print (Fore.GREEN + "Found: {}".format(links))
171 elif response.status_code == 429:
172 print (Fore.RED + "Too many requests")
173 self.webinfo()
174 elif response.status_code == 400:
175 print (Fore.RED + "Bad Request")
176 self.webinfo()
177 elif response.status_code == 403:
178 print (Fore.RED + "Forbidden")
179 self.webinfo()
180 elif response.status_code == 500:
181 print (Fore.RED + "Internal server error")
182 self.webinfo()
183 except requests.exceptions.MissingSchema:
184 print (Fore.RED + "Please use: http://site.com")
185
186
187 def techdiscovery(self):
188 try:
189 site = input("Enter Website: ")
190 print("\n")
191 print ("Scanning..." + "\n")
192 info = builtwith(site)
193 for framework, tech in info.items():
194 print (Fore.GREEN + framework, ":", tech)
195 except UnicodeDecodeError:
196 pass
197
198 def spider(self):
199 site = input("Enter site: ")
200 print("\n")
201 ua = UserAgent()
202 header = {'User-Agent':str(ua.chrome)}
203 try:
204 response = requests.get(site, headers=header)
205 if response.status_code == 200:
206 content = response.content
207 links = re.findall('(?:href=")(.*?)"', content.decode('utf-8'))
208 for link in links:
209 link = urljoin(site, link)
210 print (Fore.GREEN + link)
211 elif response.status_code == 429:
212 print (Fore.RED + "Too many requests")
213 elif response.status_code == 400:
214 print (Fore.RED + "Bad Request")
215 elif response.status_code == 403:
216 print (Fore.RED + "Forbidden")
217 elif response.status_code == 500:
218 print (Fore.RED + "Internal server error")
219 except requests.exceptions.ConnectionError:
220 print (Fore.RED + "Connection Error")
221 except requests.exceptions.MissingSchema:
222 print (Fore.RED + "Please use: http://site.com")
223
224
225 def checksite(self):
226 try:
227 site = input("Enter Website: ")
228 print ("\n")
229 ua = UserAgent()
230 header = {'User-Agent':str(ua.chrome)}
231 response = requests.get(site, headers=header)
232 if response.status_code == 200:
233 print (Fore.GREEN + "Site: {} is up!".format(site))
234 self.webinfo()
235 elif response.status_code == 400:
236 print (Fore.RED + "Bad Request")
237 elif response.status_code == 404:
238 print (Fore.RED + "Not Found")
239 elif response.status_code == 403:
240 print (Fore.RED + "Forbidden")
241 elif response.status_code == 405:
242 print (Fore.RED + "Method not allowed")
243 elif response.status_code == 404:
244 print (Fore.RED + "Not Found")
245 elif response.status_code == 423:
246 print (Fore.RED + "LOCKED")
247 elif response.status_code == 429:
248 print (Fore.RED + "Too many requests")
249 elif response.status_code == 499:
250 print (Fore.RED + "Client closed request")
251 elif response.status_code == 500:
252 print (Fore.RED + "Server error")
253 elif response.status_code == 501:
254 print (Fore.RED + "Not implemented")
255 elif response.status_code == 502:
256 print (Fore.RED + "Bad Gateway")
257 elif response.status_code == 503:
258 print (Fore.RED + "Service Unavailable")
259 elif response.status_code == 511:
260 print (Fore.RED + "Network Authentication Required")
261 elif response.status_code == 599:
262 print (Fore.RED + "Network Connect Timeout Error")
263 except requests.exceptions.MissingSchema:
264 print (Fore.GREEN + "Please use: http://site.com")
265 except requests.exceptions.ConnectionError:
266 print (Fore.RED + "name or service not known")
267
268
269
270 def shodansearch(self):
271 # shodan script by Sir809
272 ask = input("Do you have a Shodan API key?: ").lower()
273
274 if ask == "yes":
275 pass
276 else:
277 self.start()
278
279 apikey = input("Enter API key: ")
280 try:
281 api = Shodan(apikey)
282 url = input("Ip:> ")
283 print("\n")
284 h = api.host(url)
285 except shodan.exception.APIError:
286 print (Fore.RED + "Invalid API key!")
287 self.start()
288 print(Fore.GREEN + '''
289 IP: {}
290 Country: {}
291 City: {}
292 ISP: {}
293 Org: {}
294 Ports: {}
295 OS: {}
296
297 '''.format(h['ip_str'],h['country_name'],h['city'],h['isp'],h['org'],h['ports'],h['os']))
298
299
300 def shellfinder(self):
301 site = input("Enter Website: ")
302 wordlist = input("Enter Wordlist: ")
303 print("\n")
304 try:
305 f = open(wordlist, 'r')
306 shells = f.readlines()
307 except IOError:
308 print (Fore.RED + "FIle not found!")
309 self.webinfo()
310
311 try:
312 for shelllist in shells:
313 shelllist = shelllist.strip()
314 links = site + "/" + shelllist
315 response = requests.get(links)
316 if response.status_code == 200:
317 print(Fore.GREEN + "Found: {}".format(links))
318 elif response.status_code == 429:
319 print (Fore.RED + "Too many requests")
320 self.webinfo()
321 elif response.status_code == 400:
322 print (Fore.RED + "Bad Request")
323 self.webinfo()
324 elif response.status_code == 403:
325 print (Fore.RED + "Forbidden")
326 self.webinfo()
327 elif response.status_code == 500:
328 print (Fore.RED + "Internal server error")
329 self.webinfo()
330 except requests.exceptions.MissingSchema:
331 print (Fore.GREEN + "Please use: http://site.com")
332
333
334 def finduploads(self):
335 upload = ["upload", "uploads", "upload.php", "up", "uploads.php",
336 "blog/uploads", "blog/upload.php", "blog/uploads.php"]
337 try:
338 site = input("Enter site: ")
339 print ("\n")
340 for fileupload in upload:
341 fileupload = fileupload.strip()
342 uploadlinks = site + "/" + fileupload
343 response = requests.get(uploadlinks)
344 if response.status_code == 200:
345 print (Fore.GREEN + "Found: {}".format(uploadlinks))
346 elif response.status_code == 429:
347 print (Fore.RED + "Too many requests")
348 self.webinfo()
349 elif response.status_code == 400:
350 print (Fore.RED + "Bad Request")
351 self.webinfo()
352 elif response.status_code == 403:
353 print (Fore.RED + "Forbidden")
354 self.webinfo()
355 elif response.status_code == 500:
356 print (Fore.RED + "Internal server error")
357 self.webinfo()
358 except requests.exceptions.MissingSchema:
359 print ("Please use: http://wwww.site.com")
360
361 def geolocation(self):
362 # IP Geolocation by Sir809
363 try:
364 ip = input("IP:> ")
365 print('\n')
366 url = ("https://ipinfo.io/{}/json".format(ip))
367 v = urllib.request.urlopen(url)
368 j = json.loads(v.read())
369 for dato in j:
370 print(dato + ": " +j[dato])
371 except urllib.error.HTTPError:
372 print (Fore.RED + "NOT FOUND!")
373
374 def reversednslookup(self):
375 ip = input("Enter IP: ")
376 print("\n")
377 try:
378 reversedns = socket.gethostbyaddr(str(ip))
379 print(reversedns[0])
380 except socket.error:
381 print (Fore.RED + "Error")
382
383 def wordpresscheck(self):
384 wp = ['wordpress', 'wp-content', 'wp-login', 'wp-login.php', 'wp-admin', 'wp', 'wp-config',
385 'wp-config.php', 'wp-mail.php', 'wp-load.php', 'wp-settings.php', 'wp-includes', 'wp-activate.php',
386 'wp-cron.php', 'wp-signup.php', 'wp-config-sample.php']
387
388 site = input("Enter website: ")
389 print ("\n")
390
391 for wpress in wp:
392 wpress = wpress.strip()
393 wplinks = site + "/" + wpress
394 response = requests.get(wplinks)
395 if response.status_code == 200:
396 print (Fore.GREEN + "Wordpress directory has been found! {}".format(wplinks))
397 elif response.status_code == 429:
398 print (Fore.RED + "Too many requests")
399 self.webinfo()
400 elif response.status_code == 400:
401 print (Fore.RED + "Bad Request")
402 self.webinfo()
403 elif response.status_code == 403:
404 print (Fore.RED + "Forbidden")
405 self.webinfo()
406 elif response.status_code == 500:
407 print (Fore.RED + "Internal server error")
408 self.webinfo()
409
410 def cloudflarebypass(self):
411 domains = ['mail', 'ftp', 'cpanel']
412 try:
413 site = input("Enter Website: ")
414 print ("\n")
415 try:
416 ip = socket.gethostbyname(str(site))
417 except socket.error:
418 pass
419 for subdomain in domains:
420 subdomains = subdomain.strip()
421 subsite = subdomains + site
422 try:
423 subip = socket.gethostbyname(subsite)
424 if subip is not ip:
425 print (Fore.GREEN + "Cloudflare has been bypassed!")
426 print (Fore.GREEN + "The real IP is {}".format(subip))
427 time.sleep(1)
428 self.webinfo()
429 else:
430 print ("Could not retrieve the real IP.")
431 except socket.error:
432 pass
433 except requests.exceptions.MissingSchema:
434 print ("Please use: caca.com")
435
436 def adminpanelfind(self):
437 adminlist = ['admin', 'cpanel', 'phpmyadmin', 'login', 'login.php', 'wp-admin', 'cp', 'master', 'adm', 'member', 'control', 'webmaster',
438 'myadmin', 'admin_cp', 'admin_site', 'administratorlogin/', 'adm/', 'admin/account.php', 'admin/index.php', 'admin/login.php', 'admin/admin.php',
439 'admin/account.php', 'admin_area/admin.php', 'admin_area/login.php', 'siteadmin/login.php', 'siteadmin/index.php', 'siteadmin/login.html',
440 'admin/account.html', 'admin/index.html', 'admin/login.html', 'admin/admin.html']
441 try:
442 site = input("Enter Website: ")
443 print ("\n")
444 ua = UserAgent()
445 header = {'User-Agent':str(ua.chrome)}
446 for admin in adminlist:
447 admin = admin.strip()
448 link = site + "/" + admin
449 response = requests.get(link, headers=header)
450 if response.status_code == 200:
451 print ("Found {}".format(link))
452 elif response.status_code == 400:
453 print("{} Not Found".format(link))
454 elif response.status_code == 429:
455 print ("Too many requests")
456 elif response.status_code == 400:
457 print ("Bad Request")
458 elif response.status_code == 403:
459 print ("Forbidden")
460 elif response.status_code == 500:
461 print ("Internal server error")
462 except requests.exceptions.MissingSchema:
463 print (Fore.RED + "Please use http:// or https://")
464
465 def smtpenum(self):
466 wordlist = input("Wordlist: ")
467 host = input("Host: ")
468 port = input("Port: ")
469
470 try:
471 f = open(wordlist, 'rb')
472 smtplist = f.readlines()
473 except IOError:
474 print(Fore.RED + "Could not find the file!")
475
476 print ("********************")
477 print ("Host: " + host)
478 print ("Port: " + port)
479 print ("Wordlist: " + wordlist)
480 print ("Size: " + str(len(smtplist)))
481 print ("********************")
482 print ("\n")
483
484 print ("Verifying Users, Please wait..." + "\n")
485
486 try:
487 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
488 s.connect((host, int(port)))
489 except socket.error:
490 print (Fore.RED + "Could not connect to host")
491 except TimeoutError:
492 print (Fore.RED + "Connection timed out")
493 except ValueError:
494 print (Fore.RED + "Value Error")
495
496 try:
497 for users in smtplist:
498 userlist = users.strip()
499 s.sendall(b"VRFY " + userlist + b"\r\n")
500 response = s.recv(1024)
501
502 if re.match(b"250", response):
503 print ("Found User: " + str(userlist))
504 elif re.match(b"550", response):
505 print ("{} NOT found".format(str(userlist)))
506 except ConnectionResetError:
507 print ("Connection reset by peer")
508 f.close()
509 s.close()
510
511 def filedownload(self):
512 try:
513 site = input("URL of the file: ")
514 filename = input("Save file as: ")
515
516 headers={'User-Agent': 'Mozilla/5.0'}
517 req = requests.get(site, headers)
518
519 with open(filename, 'wb') as download:
520 download.write(req.content)
521 print ("File {} has been downloaded".format(filename))
522 except requests.exceptions.MissingSchema:
523 print ("Please use: http://site.com")
524
525 def serviceban(self):
526 host = input("IP: ")
527 port = input("Port: ")
528 try:
529 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
530 s.connect((host, int(port)))
531 data = s.recv(1024)
532 print (data.strip())
533 s.close()
534 except socket.error:
535 print ("Could not connect to host")
536
537 def anonftp(self):
538 host = input("FTP server: ")
539 print ("\n")
540 try:
541 ftp = ftplib.FTP(host)
542 ftp.login('anonymous', 'anonymous')
543 print (str(host) + "\033[0;0m Anonymous FTP logon successful")
544 time.sleep(2)
545 ftp.quit()
546 except Exception as e:
547 print (str(host) + Fore.RED + " Anonymous FTP logon failed.")
548
549
550 def subrute(self):
551 host = input("Enter Website: ")
552 wordlist = input("Enter Sub Domain list: ")
553 ua = UserAgent()
554 header = {'User-Agent':str(ua.chrome)}
555 try:
556 with open(wordlist, 'r') as f:
557 sublist = f.readlines()
558 sublist = list(map(lambda s: s.rstrip("\n"),sublist))
559 except IOError:
560 print (Fore.RED + "File not found")
561 try:
562 for lines in sublist:
563 time.sleep(1.5)
564 check = requests.get("https://" + lines + "." + host, headers=header).status_code
565 if check == 200:
566 print (Fore.GREEN + "Found: " + lines + "." + host)
567 except requests.exceptions.ConnectionError:
568 print (Fore.RED + "Connection Refused by Host")
569 except UnboundLocalError:
570 pass
571
572
573 def getoptions(self):
574 try:
575 host = input("Enter website: ")
576 print ("\n")
577 conn = http.client.HTTPConnection(host)
578 conn.connect()
579 conn.request('OPTIONS', '/')
580 response = conn.getresponse()
581 check = response.getheader('allow')
582 print (Fore.GREEN + "[OPTIONS]")
583 print (response.getheader('allow'))
584 if check is None:
585 print ("OPTIONS is not available for listing.")
586 conn.close()
587 except socket.gaierror:
588 print (Fore.RED + "Name or service not known")
589 time.sleep(2)
590 except http.client.InvalidURL:
591 print (Fore.RED + "Please use: site.com or www.site.com")
592
593 def gethead(self):
594 try:
595 host = input("Enter Website: ")
596 print ("\n")
597 resp = requests.head(host)
598 print (resp.headers)
599 time.sleep(2)
600 except socket.gaierror:
601 print (Fore.RED + "Name or service not known")
602 except requests.exceptions.MissingSchema:
603 print (Fore.RED + "Please use http or https://site.com")
604
605 def whoistool(self):
606 try:
607 host = input("Enter website: ")
608 w = whois.whois(host)
609 print (w)
610 time.sleep(2)
611 except socket.gaierror:
612 print (Fore.RED + "Name or service not known")
613
614 def getrobot(self):
615 try:
616 site = input("Enter Website: ")
617 print ("\n")
618 getreq = urlopen(site + "/" + "robots.txt", data=None)
619 data = io.TextIOWrapper(getreq, encoding='utf-8')
620 print (Fore.GREEN + data.read())
621 time.sleep(2)
622 except socket.gaierror:
623 print (Fore.RED + "Name or service not known")
624 except urllib.error.URLError:
625 print (Fore.RED + "Name or service not known")
626 except ValueError:
627 print(Fore.RED + "Unknown URL type, please use: http://site.com")
628
629
630 def ipaddressresolv(self):
631 try:
632 print ("EX: site.com")
633 host = input("Website: ") #Ex: use site.com format
634 print ("\n")
635 print (Fore.GREEN + "IPv4 Address: " + socket.gethostbyname(host))
636 except socket.gaierror:
637 print (Fore.RED + "Name or service not known")
638 time.sleep(2)
639
640 def ipv4tov6(self):
641 try:
642 ip = input("Enter IP Address: ")
643 print ("\n")
644 print (Fore.GREEN + ipaddress.IPv6Address('2002::' + ip).compressed)
645 time.sleep(2)
646 except ipaddress.AddressValueError:
647 print (Fore.RED + "IP address not permitted sorry")
648
649
650 def grabthebanner(self):
651 try:
652 host = input("Enter Host: ")
653 port = int(input("Enter Port: "))
654 sck = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
655 sck.connect((host, port))
656 print ("STATUS: " + "host is up!" + "\n")
657 print ("Grabbing the banner please wait!" + "\n")
658 time.sleep(3)
659 sck.send(b"HEAD / HTTP/1.0\r\n\r\n")
660 data = sck.recv(1024)
661 sck.close()
662 print (data.strip())
663 time.sleep(2)
664 except socket.error:
665 print (Fore.RED + "Host is not reachable")
666 except ValueError:
667 pass
668
669 def grabthebannerssl(self):
670 host = input("Enter Host: ")
671 port = int(input("Enter Port: "))
672 try:
673 sck = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
674 ssock = ssl.wrap_socket(sck)
675 ssock.connect((host, port))
676 print ("STATUS: " + "host is up!" + "\n")
677 print ("Grabbing the banner please wait!" + "\n")
678 time.sleep(3)
679 ssock.send(b"HEAD / HTTP/1.0\r\n\r\n")
680 data = ssock.recv(1024)
681 ssock.close()
682 print (data.strip())
683 time.sleep(2)
684 except socket.error:
685 print (Fore.RED + "Host is not reachable")
686
687 def dirbrute(self):
688 host = input("Enter Website: ")
689 wordlist = input("Enter Wordlist: ")
690 try:
691 file = open(wordlist, 'r')
692 print (Fore.GREEN + "Found: " + wordlist)
693 file.close()
694 except IOError:
695 print (Fore.RED + "Couldn't find " + wordlist)
696 pass
697
698 ua = UserAgent()
699 header = {'User-Agent':str(ua.chrome)}
700
701 with open(wordlist, 'r') as f:
702 dirblist = f.readlines()
703 try:
704 for lines in dirblist:
705 dirlines = lines.strip()
706 links = host + dirlines
707 response = requests.get(links, headers=header)
708 if response.status_code == 200:
709 print ("Found: {}".format(links))
710 elif response.status_code == 429:
711 print (Fore.RED + "Too many requests")
712 self.webinfo()
713 elif response.status_code == 400:
714 print (Fore.RED + "Bad Request")
715 self.webinfo()
716 elif response.status_code == 403:
717 print (Fore.RED + "Forbidden")
718 self.webinfo()
719 elif response.status_code == 500:
720 print (Fore.RED + "Internal server error")
721 self.webinfo()
722 else:
723 print ("Not Found: {}".format(links))
724
725 except requests.exceptions.MissingSchema:
726 print (Fore.RED + "Please use: http or https://www.site.com/")
727 except socket.gaierror:
728 print (Fore.RED + "Name or service not known")
729
730 def dnslookup(self):
731 try:
732 host = input("Enter Host: ")
733 print ("\n")
734 info = dns.resolver.query(host, 'MX')
735 for rdata in info:
736 print (Fore.GREEN + "Host ", rdata.exchange, 'has preference', rdata.preference)
737 time.sleep(2)
738 except dns.resolver.NoAnswer:
739 print (Fore.RED + "Please use: site.com")
740 except dns.resolver.NXDOMAIN:
741 print (Fore.RED + "Please use: site.com")
742
743 def portscanner(self):
744 ip = input("Enter IP to scan: ")
745 print ("\n")
746 print ("Scanning IP: " + ip + " please wait..." + "\n")
747 try:
748 for port in range(1, 65535):
749 sck = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
750 data = sck.connect_ex((ip, port))
751 if data == 0:
752 print (Fore.GREEN + "Port: " + str(port) + " " + "open")
753 sck.close()
754 except socket.error:
755 print (Fore.RED + "Could not connect to host")
756 except KeyboardInterrupt:
757 print ("You pressed CTRL+C")
758 except ipaddress.AddressValueError:
759 print ("IP address not allowed")
760
761 def enumeration(self):
762 while True:
763 print (Fore.RED + banner)
764
765 print (Fore.RED + "[" + Fore.CYAN + "1" + Fore.RED + "]" + Fore.WHITE + " SMTP Enumeration")
766 print (Fore.RED + "[" + Fore.CYAN + "2" + Fore.RED + "]" + Fore.WHITE + " SMB Enumeration")
767 print (Fore.RED + "[" + Fore.CYAN + "3" + Fore.RED + "]" + Fore.WHITE + " DNS Enumeration")
768 print (Fore.RED + "[" + Fore.CYAN + "4" + Fore.RED + "]" + Fore.WHITE + " FTP Anonymous Check")
769 print (Fore.RED + "[" + Fore.CYAN + "5" + Fore.RED + "]" + Fore.WHITE + " FTP User Enumeration")
770 print (Fore.RED + "<" + Fore.CYAN +"--" + Fore.WHITE + " Back")
771 print ("\n")
772
773 enumcolor = Fore.RED + "(" + Fore.CYAN + "Enumeration tools" + Fore.RED + ")"
774 prompt = input(Fore.WHITE + "IGF~" + enumcolor + Fore.WHITE + "# ")
775
776 if prompt == "1":
777 self.smtpenum()
778 if prompt == "2":
779 self.smbenum()
780 if prompt == "3":
781 self.dnsenum()
782 if prompt == "4":
783 self.anonftp()
784 if prompt == "5":
785 self.ftpuserenum()
786 if prompt == "back":
787 self.start()
788
789
790 def miscellaneous(self):
791 while True:
792 print (Fore.RED + banner)
793
794 print (Fore.RED + "[" + Fore.CYAN + "1" + Fore.RED + "]" + Fore.WHITE + " Port Scanner")
795 print (Fore.RED + "[" + Fore.CYAN + "2" + Fore.RED + "]" + Fore.WHITE + " Service Banner")
796 print (Fore.RED + "[" + Fore.CYAN + "3" + Fore.RED + "]" + Fore.WHITE + " Download File")
797 print (Fore.RED + "[" + Fore.CYAN + "4" + Fore.RED + "]" + Fore.WHITE + " Google Dork Search")
798 print (Fore.RED + "[" + Fore.CYAN + "5" + Fore.RED + "]" + Fore.WHITE + " Phone Number Validation")
799 print (Fore.RED + "<" + Fore.CYAN +"--" + Fore.WHITE + " Back")
800 print ("\n")
801
802 misccolor = Fore.RED + "(" + Fore.CYAN + "Miscellaneous" + Fore.RED + ")"
803 prompt = input(Fore.WHITE + "IGF~" + misccolor + Fore.WHITE + "# ")
804 if prompt == "1":
805 self.portscanner()
806 if prompt == "2":
807 self.serviceban()
808 if prompt == "3":
809 self.filedownload()
810 if prompt == "4":
811 self.googledork()
812 if prompt == "5":
813 self.phonenuminfo()
814 if prompt == "back":
815 self.start()
816
817
818 def ipinformation(self):
819 while True:
820 print (Fore.RED + banner)
821
822 print (Fore.RED + "[" + Fore.CYAN + "1" + Fore.RED + "]" + Fore.WHITE + " IPv4 to IPv6")
823 print (Fore.RED + "[" + Fore.CYAN + "2" + Fore.RED + "]" + Fore.WHITE + " IP Geolocation")
824 print (Fore.RED + "[" + Fore.CYAN + "3" + Fore.RED + "]" + Fore.WHITE + " Shodan IP info")
825 print (Fore.RED + "<" + Fore.CYAN +"--" + Fore.WHITE + " Back")
826 print ("\n")
827
828 ipinfocolor = Fore.RED + "(" + Fore.CYAN + "IP Information" + Fore.RED + ")"
829 prompt = input(Fore.WHITE + "IGF~" + ipinfocolor + Fore.WHITE + "# ")
830 if prompt == "1":
831 self.ipv4tov6()
832 if prompt == "2":
833 self.geolocation()
834 if prompt == "3":
835 self.shodansearch()
836 if prompt == "back":
837 self.start()
838
839
840 def webinfo(self):
841 while True:
842 print (Fore.RED + banner)
843
844 print (Fore.RED + "[" + Fore.CYAN + "1" + Fore.RED + "]" + Fore.WHITE + " Banner Grabber")
845 print (Fore.RED + "[" + Fore.CYAN + "2" + Fore.RED + "]" + Fore.WHITE + " Directory brute")
846 print (Fore.RED + "[" + Fore.CYAN + "3" + Fore.RED + "]" + Fore.WHITE + " Sub domain brute")
847 print (Fore.RED + "[" + Fore.CYAN + "4" + Fore.RED + "]" + Fore.WHITE + " Convert domain to IP")
848 print (Fore.RED + "[" + Fore.CYAN + "5" + Fore.RED + "]" + Fore.WHITE + " Get robots.txt")
849 print (Fore.RED + "[" + Fore.CYAN + "6" + Fore.RED + "]" + Fore.WHITE + " Whois lookup tool")
850 print (Fore.RED + "[" + Fore.CYAN + "7" + Fore.RED + "]" + Fore.WHITE + " HTTP HEAD request")
851 print (Fore.RED + "[" + Fore.CYAN + "8" + Fore.RED + "]" + Fore.WHITE + " HTTP OPTIONS")
852 print (Fore.RED + "[" + Fore.CYAN + "9" + Fore.RED + "]" + Fore.WHITE + " DNS lookup")
853 print (Fore.RED + "[" + Fore.CYAN + "10" + Fore.RED + "]" + Fore.WHITE + " Find Admin Panel")
854 print (Fore.RED + "[" + Fore.CYAN + "11" + Fore.RED + "]" + Fore.WHITE + " Cloudflare Bypass")
855 print (Fore.RED + "[" + Fore.CYAN + "12" + Fore.RED + "]" + Fore.WHITE + " Wordpress Dir Finder")
856 print (Fore.RED + "[" + Fore.CYAN + "13" + Fore.RED + "]" + Fore.WHITE + " Reverse DNS Lookup")
857 print (Fore.RED + "[" + Fore.CYAN + "14" + Fore.RED + "]" + Fore.WHITE + " Find upload path")
858 print (Fore.RED + "[" + Fore.CYAN + "15" + Fore.RED + "]" + Fore.WHITE + " Find Shells")
859 print (Fore.RED + "[" + Fore.CYAN + "16" + Fore.RED + "]" + Fore.WHITE + " Website Status")
860 print (Fore.RED + "[" + Fore.CYAN + "17" + Fore.RED + "]" + Fore.WHITE + " Spider: Extract Links")
861 print (Fore.RED + "[" + Fore.CYAN + "18" + Fore.RED + "]" + Fore.WHITE + " Technology Discovery")
862 print (Fore.RED + "[" + Fore.CYAN + "19" + Fore.RED + "]" + Fore.WHITE + " Find Backup files")
863 print (Fore.RED + "[" + Fore.CYAN + "20" + Fore.RED + "]" + Fore.WHITE + " Session Cookies")
864 print (Fore.RED + "<" + Fore.CYAN +"--" + Fore.WHITE + " Back")
865
866
867 print ("\n")
868
869 webinfocolor = Fore.RED + "(" + Fore.CYAN + "Web Information" + Fore.RED + ")"
870 prompt = input(Fore.WHITE + "IGF~" + webinfocolor + Fore.WHITE + "# ")
871 if prompt == "1":
872 ask = input("HTTP or HTTPS? ")
873 if ask == "HTTPS":
874 self.grabthebannerssl()
875 else:
876 self.grabthebanner()
877 if prompt == "2":
878 self.dirbrute()
879 if prompt == "3":
880 self.subrute()
881 if prompt == "4":
882 self.ipaddressresolv()
883 if prompt == "5":
884 self.getrobot()
885 if prompt == "6":
886 self.whoistool()
887 if prompt == "7":
888 self.gethead()
889 if prompt == "8":
890 self.getoptions()
891 if prompt == "9":
892 self.dnslookup()
893 if prompt == "10":
894 self.adminpanelfind()
895 if prompt == "11":
896 self.cloudflarebypass()
897 if prompt == "12":
898 self.wordpresscheck()
899 if prompt == "13":
900 self.reversednslookup()
901 if prompt == "14":
902 self.finduploads()
903 if prompt == "15":
904 self.shellfinder()
905 if prompt == "16":
906 self.checksite()
907 if prompt == "17":
908 self.spider()
909 if prompt == "18":
910 self.techdiscovery()
911 if prompt == "19":
912 self.findbackup()
913 if prompt == "20":
914 self.sessionscookies()
915 if prompt == "back":
916 self.start()
917 if prompt == "exit":
918 exit()
919
920 def WindowsHax(self):
921 while True:
922 print (Fore.RED + banner)
923
924 print (Fore.RED + "[" + Fore.CYAN + "1" + Fore.RED + "]" + Fore.WHITE + " Exploit Suggester")
925 print (Fore.RED + "<" + Fore.CYAN +"--" + Fore.WHITE + " Back")
926
927 print ("\n")
928
929 windowshaxcolor = Fore.RED + "(" + Fore.CYAN + "Web Information" + Fore.RED + ")"
930 prompt = input(Fore.WHITE + "IGF~" + windowshaxcolor + Fore.WHITE + "# ")
931 if prompt == "1":
932 self.windowsexploitation()
933 if prompt == "back":
934 self.start()
935
936
937 def start(self):
938 while True:
939 print (Fore.RED + banner)
940 print (Fore.RED + "\033[0;0mAuthor : c0deninja".rjust(30, "="))
941 print (Fore.RED + "\033[0;0mDiscord : gotr00t?".rjust(29, "=")+ "\n\n")
942
943 print (Fore.RED + "[ " + Fore.CYAN + "IGF Menu" + Fore.RED + " ]" + "\n")
944
945 print (Fore.RED + "[" + Fore.CYAN + "01" + Fore.RED + "] " + Fore.WHITE + "Website Information")
946 print (Fore.RED + "[" + Fore.CYAN + "02" + Fore.RED + "] " + Fore.WHITE + "IP Information")
947 print (Fore.RED + "[" + Fore.CYAN + "03" + Fore.RED + "] " + Fore.WHITE + "Enumeration")
948 print (Fore.RED + "[" + Fore.CYAN + "04" + Fore.RED + "] " + Fore.WHITE + "Windows Exploitation")
949 print (Fore.RED + "[" + Fore.CYAN + "05" + Fore.RED + "] " + Fore.WHITE + "Miscellaneous")
950 print (Fore.RED + "[" + Fore.CYAN + "X" + Fore.RED + "] " + Fore.WHITE + " EXIT")
951
952 print ("\n")
953 prompt = input(Fore.WHITE + "IGF~#: ").lower()
954 if prompt == "01":
955 self.webinfo()
956 if prompt == "02":
957 self.ipinformation()
958 if prompt == "03":
959 self.enumeration()
960 if prompt == "04":
961 self.WindowsHax()
962 if prompt == "05":
963 self.miscellaneous()
964 if "exit" or "x" in prompt.lower():
965 sys.exit(0)