OSINT tool - gets data from services like shodan, censys etc. in one app
♥ Free Software, requires only free accounts to third part services ♥
Lack of knowledge ... that is the problem.
SARENKA is an Open Source Intelligence (OSINT) tool that helps you in obtaining and understanding Attack Surface.
The main goal is gathering information from search engines for Internet-connected devices (https://censys.io/, https://www.shodan.io/, **https://www.criminalip.io/ko**). It scrapes data about Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and also has a database where CVEs are mapped to CWE.
It returns data about the local machine - local installed software (from Windows Registry), local network information (python libraries, popular cmd commads).
For now, the application also has simple tools like a hash calculator, shannon entropy calculator and very simple port scanner. More cryptography-math tools and reconnaissance scripts are planned.
The app is alive and has been rewritten from scratch on branch develop.
You can also:
Our team tests the application on Windows 10 and Kali Linux with Python 3.8.
SARENKA requires:
$ git clone https://github.com/pawlaczyk/sarenka.git
$ cd ./sarenka
$ python3 -m venv env
Powershell
$ ./env/Scripts/Activate.ps1
cmd
$ ./env/Scripts/activate.bat
$ pip3 install -r ./requirements.txt
$ python ./sarenka/sarenka.py
####Please create accounts on services:
# go to sarenka/sarenka
$ python backend/manage.py runserver
#####Add user credentials at "Settings"
Details in documentation.
And of course SARENKA itself is open source with a public repository on GitHub.
Till end of March, 2021 documentation will be available only in Polish! The documentation is availabe here.
SARENKA is licensed under the MIT License.