Skip to content

Commit

Permalink
Merge pull request #20 from 6abd/dev
Browse files Browse the repository at this point in the history
Horus v1.2.6
  • Loading branch information
6abd authored Jun 30, 2024
2 parents 01c8f0d + 44facc9 commit 4d4a7b3
Show file tree
Hide file tree
Showing 3 changed files with 144 additions and 7 deletions.
11 changes: 11 additions & 0 deletions horus.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import src.modules.bankindex as bankindex
import src.modules.exif as exif
import src.modules.ytd as ytd
import src.modules.falcon as falcon
# CASE-GEN.
# SDB.
# Loki.
Expand Down Expand Up @@ -63,6 +64,7 @@
ap.add_argument('-cryptotrace', help='Transaction information, & crypto-wallet tracing.', action="store_true")
#ap.add_argument('-Dischook', help='\n', action="store_true")
ap.add_argument('-ytd', help='\n', action="store_true")
ap.add_argument('-falcon', help='\n', action="store_true")
#ap.add_argument('-Leverage', help='\n', action="store_true")
# CASE-GEN.
#ap.add_argument('-Casegenerate', help='\n', action="store_true")
Expand Down Expand Up @@ -206,6 +208,15 @@ def __exit__(self, *args):
print(f">_ {Fore.RED}FAILURE{Fore.WHITE}: {error}\n")
os._exit(0)

if args['falcon']: # Runs the mactrace program.
while True:
try:
falcon.falcon()
os._exit(0)
except Exception as error:
print(f">_ {Fore.RED}FAILURE{Fore.WHITE}: {error}\n")
os._exit(0)

if __name__ == '__main__':
try:
banner.banner()
Expand Down
19 changes: 12 additions & 7 deletions src/main.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
import src.modules.bankindex as bankindex
import src.modules.exif as exif
import src.modules.ytd as ytd
import src.modules.falcon as falcon
# FORENSICS.


Expand Down Expand Up @@ -132,7 +133,7 @@ def section(text):
command(Fore.GREEN,
"Vt | Connect to the virus-total API to scan, or screen files, links, etc.")
command(Fore.RED,
"Netjack | Crack a capture file using Netjack!")
"Falcon | Packet analysis; sniff for your own in the terminal or use a capture file!")
print(f"\n{notice} Remember; run `apicon` command to configure the API database.")

option = input(f"{prompt}")
Expand Down Expand Up @@ -188,31 +189,35 @@ def section(text):
# FORENSICS.

# Loki.
if option == "lokigen".lower():
if option.lower() == "lokigen":
loki_keygen.loki_keygen()
os._exit(0)

if option == "lokidiscovery".lower():
if option.lower() == "lokidiscovery":
loki_discovery.loki_discovery()
os._exit(0)

if option == "lokiencrypt".lower():
if option.lower() == "lokiencrypt":
loki_encrypt.loki_encrypt()
os._exit(0)

if option == "lokidecrypt".lower():
if option.lower() == "lokidecrypt":
loki_decrypt.loki_decrypt()
os._exit(0)
# FORENSICS.
# API config.
if option == "apicon".lower():
if option.lower() == "apicon":
apicon.apicon()
os._exit(0)

if option == "exif".lower():
if option.lower() == "exif":
exif.exif()
os._exit(0)

if option.lower() == "falcon":
falcon.falcon()
os._exit(0)


except KeyboardInterrupt:
print(f'\n{Fore.YELLOW}You interrupted the program.{Fore.WHITE}')
Expand Down
121 changes: 121 additions & 0 deletions src/modules/falcon.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
# Imports.
import os
import sys
import json
import requests
from colorama import Fore # For text colour.
import pyshark

# Config (Prints).
text = (f"{Fore.WHITE}") # Change the colour of text output in the client side
dividers = (f"{Fore.LIGHTRED_EX}") # Changes the [], | and : in the client side
success = (f"\n{Fore.WHITE}[{Fore.GREEN}SUCCESS{Fore.WHITE}] Program executed sucessfully.") # Success output.
response = (f"{Fore.WHITE}[{Fore.GREEN}+{Fore.WHITE}]")
successfully = (f"{Fore.WHITE}[{Fore.GREEN}SUCCESSFULLY{Fore.WHITE}]") # Successfully output.
failed = (f"{Fore.WHITE}[{Fore.LIGHTRED_EX}FAILED{Fore.WHITE}]") # Failed output.
prompt = (f"{Fore.WHITE}[{Fore.YELLOW}»{Fore.WHITE}]") # Prompt output.
notice = (f"{Fore.WHITE}[{Fore.YELLOW}!{Fore.WHITE}]") # Notice output.
question = (f"{Fore.WHITE}[{Fore.YELLOW}?{Fore.WHITE}]") # Alert output.
alert = (f"{Fore.WHITE}[{Fore.LIGHTRED_EX}!{Fore.WHITE}]") # Alert output.
exited = (f"{Fore.WHITE}[{Fore.LIGHTRED_EX}EXITED{Fore.WHITE}]") # Execited output.
disconnected = (f"{Fore.WHITE}[{Fore.LIGHTRED_EX}DISCONNECTED{Fore.WHITE}]") # Disconnected output.
command = (f"\n[{Fore.YELLOW}>_{Fore.WHITE}]: ") # Always asks for a command on a new line.

# Pre-run.
os.system("clear")

# Hide tracebacks - change to 1 for dev mode.
sys.tracebacklimit = 0

# API.
# Example, uncomment lines 30-32 if API required.
#with open('var/pipes/api_config.json') as f:
# data = json.load(f)
# #{api_name} = data["{api_name}"]

def get_packet_info(packet):
info = ""
if 'HTTP' in packet:
if hasattr(packet.http, 'request_method'):
info = f"HTTP {packet.http.request_method} {packet.http.host}{packet.http.request_uri}"
if hasattr(packet.http, 'user_agent'):
info += f"\nUser-Agent: {packet.http.user_agent}"
if hasattr(packet.http, 'content_type'):
info += f"\nContent-Type: {packet.http.content_type}"
elif hasattr(packet.http, 'response_code'):
info = f"HTTP {packet.http.response_code} {packet.http.response_phrase}"
if hasattr(packet.http, 'content_type'):
info += f"\nContent-Type: {packet.http.content_type}"
elif 'DNS' in packet:
if hasattr(packet.dns, 'qry_name'):
info = f"DNS Query: {packet.dns.qry_name}"
elif hasattr(packet.dns, 'a'):
info = f"DNS Response: {packet.dns.a}"
elif 'TCP' in packet:
info = f"TCP {packet.tcp.srcport} -> {packet.tcp.dstport}"
elif 'UDP' in packet:
info = f"UDP {packet.udp.srcport} -> {packet.udp.dstport}"
else:
info = f"{packet.highest_layer} packet"
return info

def analysis(cap):
for pkt in cap:
print(f"\nPacket #{pkt.number}")
print(f"{response} Protocol: {pkt.highest_layer}")
print(f"{response} Length: {pkt.length} bytes")
print(f"{response} Time: {pkt.sniff_time}")

if hasattr(pkt, 'ip'):
print(f"{response} Source IP: {pkt.ip.src}")
print(f"{response} Destination IP: {pkt.ip.dst}")
else:
print(f"{notice} Source IP: N/A")
print(f"{notice} Destination IP: N/A")

if hasattr(pkt, 'tcp'):
print(f"{response} Source Port: {pkt.tcp.srcport}")
print(f"{response} Destination Port: {pkt.tcp.dstport}")
print(f"{response} TCP Flags: {pkt.tcp.flags}")
elif hasattr(pkt, 'udp'):
print(f"{response} Source Port: {pkt.udp.srcport}")
print(f"{response} Destination Port: {pkt.udp.dstport}")
else:
print(f"{notice} Source Port: N/A")
print(f"{notice} Destination Port: N/A")

# Display additional protocol-specific information
if hasattr(pkt, 'http'):
if hasattr(pkt.http, 'host'):
print(f"{response} HTTP Host: {pkt.http.host}")
elif hasattr(pkt, 'dns'):
if hasattr(pkt.dns, 'qry_name'):
print(f"{response} DNS Query Name: {pkt.dns.qry_name}")

print(f"{response} Info: {get_packet_info(pkt)}")

# Program.
def falcon():
option = input(f"{question} (1) Sniff for packets or (2) use saved capture file: ")
if option == "1":
inter = input(f"{question} Enter an interface: ")
filter = input(f"{question} Enter a BPF filter if you would like (Press enter if not): ")
sniff_secs = int(input(f"{question} How long (secs) to sniff for packets? "))

cap = pyshark.LiveCapture(interface=inter, bpf_filter=filter)
cap.sniff(sniff_secs)

analysis(cap)

if option == "2":
print()
path = input(f"{question} Enter a capture file path: ")
filter = input(f"{question} Enter a display filter if you would like (Press enter if not): ")
cap = pyshark.FileCapture(path, display_filter=filter)

analysis(cap)


# Run module_name module.
if __name__ == '__main__':
falcon()

0 comments on commit 4d4a7b3

Please sign in to comment.