EPH
is a tool which allows you to perform scans to find exposed administration panels that can lead to security vulnerabilities.
It can be used offensively (Pentest
, Bug Bounty
...) or defensively (Threat Hunting
).
The search is realized by Shodan, so you will need an API key (free API keys are not working). Queries can be done with a custom favicon or by using the available database containing a list of dangerous and frequently used panels.
Hash in database:
- Gitlab
- FS Switch
- Spring Boot
- Tomcat
- PhpMyAdmin
- Jenkis
- OpenVPN
- Portainer
- GraphQL
- Adminer
- Roundcube Webmail
- pfSense
- cPanel Login
- Magento
- SeaFile [...]
git clone https://github.com/Nishacid/EPH.git
cd EPH/
pip3 install -r requirements.txt
usage: main.py [-h] -a API [-o ORG] (-u URL | -i IMG | -H HASH | -c)
optional arguments:
-h, --help show this help message and exit
-a API, --api API Shodan API Key
-o ORG, --org ORG Targeted organization
-u URL, --url URL URL of the favicon
-i IMG, --img IMG Image source of the favicon
-H HASH, --hash HASH Hash of the favicon
-c, --common Common Favicon Scan
╰─➤ python3 main.py --api YourAPIKey --img ./samples/adminer.ico --org MyOrg
[+] The hash of the favicon is : 572074752
[+] Perfoming a shodan scan...
[+] Total results found : 2
IP : 10.10.10.01
Port : 80
Organization : MyOrg
IP : 10.10.10.02
Port : 8080
Organization : MyOrg
╰─➤ python3 main.py --api YourAPIKey --url https://www.phpmyadmin.net/static/favicon.ico
[+] The hash of the favicon is : -476231906
[+] Perfoming a shodan scan...
[+] Total results found : 35602
IP : 10.10.10.01
Port : 80
Organization : YourOrg
IP : 127.0.0.1
Port : 443
Organization : MyOrg
[...]
╰─➤ python3 main.py --api YourAPIKey --org l33t --hash -297069493
[+] The hash of the favicon is : -297069493
[+] Perfoming a shodan scan...
[+] Total results found : 18
IP : 10.10.10.01
Port : 8080
Organization : l33t
IP : 10.10.13.37
Port : 443
Organization : l33t
[...]
╰─➤ python3 main.py --api YourAPIKey --org My0rG --common
[+] Perfoming a common scan...
[+] Scanning for Gitlab
[+] Total results found : 2
IP : 10.10.10.01
Port : 80
Organization : My0rG
IP : 10.10.13.37
Port : 443
Organization : My0rG
[+] Scanning for FS Switch
[+] Total results found : 0
[+] Scanning for Tomcat
[+] Total results found : 1
IP : 172.0.4.20
Port : 8080
Organization : My0rG
Pull requests are welcome. Feel free to contribute to complete this database or to make improvements.
You can contact me on Twitter @Nishacid or nishacid@protonmail.com