forked from NullArray/IntRec-Pack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
intrec.sh
780 lines (681 loc) · 20.6 KB
/
intrec.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
#!/bin/bash
# Coloring scheme for notfications and logo
ESC="\x1b["
RESET=$ESC"39;49;00m"
CYAN=$ESC"33;36m"
RED=$ESC"31;01m"
GREEN=$ESC"32;01m"
# Warning
function warning()
{ echo -e "\n$RED [!] $1 $RESET\n"
}
# Green notification
function notification()
{ echo -e "\n$GREEN [+] $1 $RESET\n"
}
# Cyan notification
function notification_b()
{ echo -e "\n$CYAN [-] $1 $RESET\n"
}
# Print logo and general info
function logo()
{ echo -e "$CYAN"
echo -e "\
_____ _____ _____ _____ _____ _____ _____ _____ _____ _____
| | | |_ _| __ | __| |___| _ | _ | | | |
|- -| | | | | | | -| __| --|___| __| | --| -|
|_____|_|___| |_| |__|__|_____|_____| |__| |__|__|_____|__|__|
#################################################################
#---Author: NullArray/Vector--# IntRec-Pack, #
#---Twitter: @Real__Vector-----# Intelligence #
#---Type: Bundle Installer--# and Reconnaissance #
#---Version: 1.2.1-------------# Package Installer #
#################################################################" && echo -e "$RESET\n"
main_menu
}
# print tool list
function tools()
{ notification_b "Available tools, select a number to install"
printf "\
+-----------------------+-------------------------------------------+
| Tool | Utility type and feature summary |
+-----------------------+-------------------------------------------+
|1. QuickScan | Port Scanner/WHOIS/Domain Resolver |
|2. DNSRecon | Advanced DNS Enumeration & Domain Utility |
|3. Sublist3r | OSINT Based Subdomain Enumeration |
|4. TekDefense-Automator| OSINT Based IP, URL and Hash Analyzer |
|5. TheHarvester | eMail, vHost, Domain and PII Enumeration |
|6. IOC-Parser | Threat Intel, parses IOC data from reports|
|7. PyParser-CVE | Multi Source Exploit Parser/CVE Lookup |
|8. Mimir | HoneyDB CLI/Threat Intelligence Utility |
|9. Harbinger | Cymon.io, Virus Total, Threat Feed Parser |
|10.Inquisitor | OSINT Recon/data visualization utility |
|11.BirdWatch | SOCMINT Utility with a focus on Twitter |
|12.Spiderfoot | Advanced OSINT/Reconnaissance Framework |
+-----------------------+-------------------------------------------+\n"
list
}
function opt_list()
{ notification_b "Welcome to IntRec-Pack"
printf "
1) Help 4) Specify Install Location
2) List and Install 5) Online Resources
3) Install All 6) Quit\n"
main_menu
}
# Display usage information and details
function usage()
{ notification_b "Welcome to IntRec-Pack"
printf "This script fetches and installs a selection
of tools used in open source intelligence gathering, and
reconnaissance. Functionality to install any dependencies needed
by the tools in question is included in this script in order to
facilitate quick and easy deployment.
Below is an overview of the options available to you.
The 'help' option displays this informational message. The 'List and Install'
option shows you a list of tools available to download and install with
IntRec-Pack. The 'Install All' options automatically downloads and installs
every utility that is featured in this script including their individual
dependencies respectively. 'Specify Install Location' allows you to input
a path to a directory to which you'd like the utilities saved to. The default
location is the current working directory.
Lastly the 'Online Resources' option will employ the Geckodriver in order
to open osintframework.com in browser. Which is a web application that
serves as a curated list of open source intelligence tools, websites and related
materials for use as a comprehensive reference guide. The second item in the
'Online Resources' option is HoneyDB which is a threat intelligence aggregator.
\n"
}
# Function to check for the existence of common Linux utilities needed to perform
# some of the install operations. Distros like Debian might not have some of these
# available by default.
function nix_util()
{ notification_b "Checking Linux utilities required by the installer."
sleep 2
# Check for sudo
su_do=$(which sudo)
case $su_do in
*/usr/bin/sudo*)
sd=1
;;
esac
if [[ $sd != 1 ]]; then
warning "Hueristics indicate sudo is not installed on this system."
read -p 'Automatically resolve? Y/n : ' choice
if [[ $choice == 'y' ]]; then
notification "Please enter root password."
su -
apt-get install sudo && notification "Sudo was succesfully installed" || warning "An error was encountered while trying to install sudo. Quitting..." && exit 1
printf "Please add your regular user account to sudoers and restart the script."
printf "Quitting..."
sleep 2 && exit 1
else
warning "Not resolving."
sleep 2 && exit 1
fi
fi
# Check to see if we have wget
wgt=$(which wget)
case $wgt in
*/usr/bin/wget*)
wg=1
;;
esac
if [[ $wg != 1 ]]; then
warning "Heuristics indicate wget is not installed on this system."
notification "Attempting to resolve."
sleep 2
sudo apt-get install wget
notification "Wget has been succesfully installed."
sleep 2
fi
# Check to see if we have git
get_git=$(which git)
case $get_git in
*/usr/bin/git*)
ggit=1
;;
esac
if [[ $ggit != 1 ]]; then
warning "Heuristics indicate git is not installed on this system."
notification "Attempting to resolve."
sleep 2
sudo apt-get install git
notification "Git has been succesfully installed."
sleep 2
fi
# Check to see if we have pip, if not get setuptools and install pip
pypip=$(which pip)
case $pypip in
*/usr/bin/pip*)
pp=1
;;
esac
if [[ $pp != 1 ]]; then
warning "Heuristics indicate pip is not installed on this system."
notification "Attempting to resolve."
sleep 2
sudo apt-get install python-setuptools
notification "Python setuptools has been installed, installing pip..."
sleep 2
cwd=$(pwd)
git clone https://github.com/pypa/pip.git && cd pip
python setup.py install && cd $cwd
rm -rf pip
notification "Pip has been succesfully installed."
sleep 2
fi
notification "All Linux utilities required by the installer appear to be present. Proceeding to main menu."
sleep 2 && clear
logo
}
# Function to check CPU architecture and install the proper version of Geckodriver
function get_gdriver()
{ printf "\n\n"
MACHINE_TYPE=`uname -m`
if [[ ${MACHINE_TYPE} == 'x86_64' ]]; then
notification "x86_64 architecture detected..."
sleep 1
wget https://github.com/mozilla/geckodriver/releases/download/v0.18.0/geckodriver-v0.18.0-linux64.tar.gz
tar -xvf geckodriver-v0.18.0-linux64.tar.gz
rm geckodriver-v0.18.0-linux64.tar.gz
chmod +x geckodriver
mv geckodriver /usr/sbin
sudo ln -s /usr/sbin/geckodriver /usr/bin/geckodriver
notification "Geckodriver has been succesfully installed"
else
notification "x32 architecture detected..."
sleep 1
wget https://github.com/mozilla/geckodriver/releases/download/v0.18.0/geckodriver-v0.18.0-linux32.tar.gz
tar -xvf geckodriver-v0.18.0-linux32.tar.gz
rm geckodriver-v0.18.0-linux32.tar.gz
chmod +x geckodriver
mv geckodriver /usr/sbin
sudo ln -s /usr/sbin/geckodriver /usr/bin/geckodriver
notification "Geckodriver has been succesfully installed."
fi
}
# The Mimir install operation will be a little more involved since we will need
# to check and make sure we have OpenSSL support in the PycURL module
# Mimir depends on. This is important in order for Mimir
# to be compatible with HoneyDB and retrieve the data we want via the API.
function mimir_install()
{ printf "\n\n"
if [[ -d "Mimir" ]]; then
warning "Mimir is already installed."
else
notification "Installing Mimir. Please do not interrupt this process until all dependencies and supporting features have been installed as well." && sleep 1
git clone https://github.com/NullArray/Mimir.git
notification "Installing dependencies."
sleep 1.5
sudo pip install selenium blessings ipwhois
sudo apt-get install python-pycurl
notification "Checking PyCurl for OpenSSL support..."
sleep 1.5
# Save version to var
pcurl=$(python -c "import pycurl; print pycurl.version")
case $pcurl in
*OpenSSL*)
openssl=1
;;
esac
if [[ $openssl == 1 ]]; then
notification "Hueristics indicate your PyCurl version Supports OpenSSL"
else
warning "Heuristics indicate your version of PyCurl does not support OpenSSL"
notification "Attempting to resolve..."
cwd=$(pwd)
cd Mimir
chmod +x rebuild.sh
# Invoke 'rebuild.sh' to rebuild PyCurl with OpenSSL support
sudo ./rebuild.sh && cd $cwd && sleep 1
notification "PyCurl has been rebuilt with OpenSSL support." && sleep 1
fi
notification "Checking to see if the Mozilla Geckodriver is installed on this system."
sleep 1.5
gdrive=$(which geckodriver)
case $gdrive in
*/usr/bin/geckodriver*)
gd=1
;;
esac
if [[ $gd == 1 ]]; then
notification "Hueristics indicate Geckodriver is currently installed."
else
notification "Installing Mozilla Geckodriver..."
get_gdriver && sleep 1.5
notification "Operation completed."
fi
notification "Finally Intrec-Pack will now check to see if Nmap is installed on this system."
sleep 1
net_mapper=$(which nmap)
case $net_mapper in
*/usr/bin/nmap*)
nm=1
;;
esac
if [[ $nm == 1 ]]; then
notification "Hueristics indicate Nmap is currently installed."
else
notification "Installing nmap..."
sudo apt-get install nmap
fi
fi
notification "Mimir installation and configuration has been completed succesfully."
notification "Returning to menu."
sleep 2
tools
}
# This function will be called in the event Ruby gets installed without RubyGems
# See birdwatcher install below for details
function gems_install()
{ notification "Attempting to resolve..."
sleep 1
git clone https://github.com/rubygems/rubygems.git
cd rubygems && git submodule update --init
sudo ruby setup.rb install
gem pristine rake
sudo gem update --system
notification "Operation complete."
sleep 1
}
function BirdWatcher()
{ if [[ -d "birdwatcher" ]]; then
warning "BirdWatcher is already installed."
clear
else
notification "Installing BirdWatcher"
sleep 1
git clone https://github.com/michenriksen/birdwatcher.git
notification "Installing dependencies."
sleep 1
sudo apt-get install graphviz
sudo apt-get install libmagickwand-dev imagemagick
rby=$(which ruby)
case $rby in
*/usr/bin/ruby*)
rb=1
;;
esac
if [[ $rb == 1 ]]; then
notification "Hueristics indicate Ruby is already installed."
else
notification "Installing Ruby..."
sleep 1
sudo apt-get install ruby
fi
notification "Updating gems..."
sleep 1
sudo gem update --system || warning "Heuristics indicate RubyGems are not installed on this system." && gems_install
notification "Checking to see if PostgreSQL is installed."
sleep 1
sudo service postgresql status > /dev/null || $check='failed'
if [[ $check == 'failed' ]]; then
notification "Installing PostgreSQL..."
sleep 1
sudo apt-get install postgresql
sudo apt-get install libpq-dev
notification "Operation completed."
else
notification "Hueristics indicate PostgreSQL is already installed."
fi
fi
notification "BirdWatcher was succesfully installed."
echo "Please reference the BirdWatcher README.md for instructions on"
echo "how to set up a PostgreSQL database and configure it for use"
echo "with Birdwatcher"
}
function QuickScan()
{ if [[ -d "QuickScan" ]]; then
warning "QuickScan is already installed."
clear
else
notification "Installing QuickScan."
sleep 1
git clone https://github.com/NullArray/QuickScan.git
notification "Installing dependencies."
sleep 1
sudo pip install blessings whois
notification "QuickScan was successfully installed."
fi
}
function DNSRecon()
{ if [[ -d "dnsrecon" ]]; then
warning "DNSRecon is already installed."
clear
else
notification "Installing DNSRecon"
sleep 1
git clone https://github.com/darkoperator/dnsrecon.git
notification "Installing dependencies"
sleep 1
sudo pip install dnspython netaddr
notification "DNSRecon was successfully installed."
fi
}
function Sublist3r()
{ if [[ -d "Sublist3r" ]]; then
warning "Sublist3r is already installed."
clear
else
notification "Installing Sublist3r."
sleep 1
git clone https://github.com/aboul3la/Sublist3r.git
notification "Installing dependencies."
sleep 1
sudo pip install argparse dnspython requests
notification "Sublist3r was successfully installed."
fi
}
function TekDefense()
{ if [[ -d "TekDefense-Automater" ]]; then
warning "TekDefense-Automater is already installed."
clear
else
notification "Installing TekDefense-Automater."
sleep 1
git clone https://github.com/1aN0rmus/TekDefense-Automater.git
notification "Installing dependencies."
sleep 1
sudo pip install argparse requests
notification "TekDefense-Automater was successfully installed."
fi
}
function theHarvester()
{ if [[ -d "theHarvester" ]]; then
warning "TheHarvester is already installed."
clear
else
notification "Installing TheHarvester."
sleep 1
git clone https://github.com/laramies/theHarvester.git
notification "Installing dependencies."
sleep 1
sudo pip install requests
notification "TheHarvester was successfully installed."
fi
}
function ioc_parser()
{ if [[ -d "ioc_parser" ]]; then
warning "IOC-Parser is already installed."
clear
else
notification "Installing IOC-Parser."
sleep 1
git clone https://github.com/armbues/ioc_parser.git
sleep 1
notification "Installing dependencies."
sudo pip install ioc_parser
sudo pip install beautifulsoup4 requests
notification "IOC-Parer was successfully installed."
fi
}
function pyparser()
{ if [[ -d " PyParser-CVE" ]]; then
warning "PyParser-CVE is already installed."
clear
else
notification "Installing PyParser-CVE."
sleep 1
git clone https://github.com/NullArray/PyParser-CVE.git
notification "Installing dependencies."
sleep 1
sudo pip install blessings shodan
sudo apt-get install python-pycurl
notification "PyParser-CVE was successfully installed."
fi
}
function harbinger()
{ if [[ -d "harbinger" ]]; then
warning "Harbinger is already installed."
clear
else
notification "Installing Harbinger."
sleep 1
git clone https://github.com/exp0se/harbinger.git
notification "Installing dependencies"
sleep 1
sudo pip install requests cymon beautifulsoup4
notification "Harbinger was successfully installed."
fi
}
function inquisitor()
{ if [[ -d "inquisitor" ]]; then
warning "Inquisitor is already installed"
clear
else
notification "Installing Inquisitor..."
sleep 1
git clone https://github.com/penafieljlm/inquisitor.git
notification "Installing dependencies"
sleep 1
sudo pip install cython
notification "Building..."
sleep 1
cwd=$(pwd)
cd inquisitor
sudo python setup.py install
cd $cwd
notification "Inquisitor was succesfully installed."
fi
}
function Spiderfoot()
{ if [[ -d "spiderfoot" ]]; then
warning "Spiderfoot is already installed."
clear
else
notification "Installing Spiderfoot."
sleep 1
git clone https://github.com/smicallef/spiderfoot.git
notification "Installing dependencies."
sleep 1
sudo pip install lxml netaddr M2Crypto cherrypy mako requests bs4
notification "Spiderfoot was successfully installed."
fi
}
# List and download function
function list()
{ printf "\n\n"
options=("QuickScan" "DNSRecon" "Sublist3r" "TekDefense" "TheHarvester" "IOC-Parser" "PyParser-CVE" "Mimir" "Harbinger" "Inquisitor" "BirdWatcher" "Spiderfoot" "Main Menu")
PS3='Please enter your choice: '
select opt in "${options[@]}"
do
case $opt in
"QuickScan")
QuickScan
tools
printf "%b \n"
;;
"DNSRecon")
DNSRecon
tools
printf "%b \n"
;;
"Sublist3r")
Sublist3r
tools
printf "%b \n"
;;
"TekDefense")
TekDefense
tools
printf "%b \n"
;;
"TheHarvester")
theHarvester
tools
printf "%b \n"
;;
"IOC-Parser")
ioc_parser
tools
printf "%b \n"
;;
"PyParser-CVE")
pyparser
tools
printf "%b \n"
;;
"Mimir")
mimir_install
printf "%b \n"
;;
"Harbinger")
harbinger
tools
printf "%b \n"
;;
"Inquisitor")
inquisitor
tools
printf "%b \n"
;;
"BirdWatcher")
BirdWatcher
tools
printf "%b \n"
;;
"Spiderfoot")
Spiderfoot
tools
printf "%b \n"
;;
"Main Menu")
printf "\nReturning to main menu."
sleep 2 && logo
;;
*) echo invalid option;;
esac
done
}
# Download and install all
function install_all()
{ printf "\n\n"
notification_b "Installing all available tools plus dependencies."
QuickScan
DNSRecon
Sublist3r
TekDefense
theHarvester
ioc_parser
pyparser
harbinger
inquisitor
BirdWatcher
Spiderfoot
mimir_install
}
# Function to interact with online OSINT/Threat Intel resources.
function online()
{ notification_b "Online Resources"
printf "
+-----------------------+---------------------------------------+
| 1. osintframework.com | Comprehensive OSINT Resource Pool |
| 2. toddington.com | Additional OSINT Resource References |
| 3. riskdiscovery.com | Hosts HoneyDB/Aggregates Honeypot Data|
+-----------------------+---------------------------------------+
\n"
PS3='Please enter your choice: '
options=("osintframework.com" "toddignton.com" "riskdiscovery.com" "Main Menu")
select opt in "${options[@]}"
do
case $opt in
"osintframework.com")
notification "Opening osintframework.com with Geckodriver..."
sleep 1.5
# Python one liner in order to open online resource/web application
python -c "from selenium import webdriver; driver = webdriver.Firefox(); driver.get('http://osintframework.com/')"
printf "%b \n"
;;
"toddignton.com")
notification "Opening toddington.com/resources with Geckodriver..."
sleep 1.5
# Python one liner in order to open online resource/web application
python -c "from selenium import webdriver; driver = webdriver.Firefox(); driver.get('https://www.toddington.com/resources/')"
printf "%b \n"
;;
"riskdiscovery.com")
notification "Opening riskdiscovery.com/honeydb with Geckodriver..."
sleep 1.5
# Python one liner in order to open online resource/web application
python -c "from selenium import webdriver; driver = webdriver.Firefox(); driver.get('http://riskdiscovery.com/honeydb')"
printf "%b \n"
;;
"Main Menu")
printf "\nReturning to Main Menu"
sleep 1.5 && logo
esac
done
}
function main_menu()
{ options=("Help" "List and Install" "Install All" "Specify Install Location" "Online Resources" "Quit")
PS3='Please enter your choice: '
select opt in "${options[@]}"
do
case $opt in
"Help")
usage
printf "%b \n"
;;
"List and Install")
tools
printf "%b \n"
;;
"Install All")
install_all
printf "%b \n"
;;
"Specify Install Location")
printf "\nBy default utilities will be installed in the current working directory."
read -p 'Would you like to change install location? Y/n : ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
read -p 'Enter target location : ' cwd
cd $cwd > /dev/null || mkdir $cwd && notification "Directory created." && cd $cwd || warning "Invalid format."
else
notification "Using default setting."
fi
;;
"Online Resources")
gecko=$(which geckodriver)
case $gecko in
*/usr/bin/geckodriver*)
gdriver=1
;;
esac
if [[ $gdriver == 1 ]]; then
online
else
warning "Heuristics indicate Geckodriver is not installed on this system."
printf "The Online Resource option invokes Python and Selenium to open "
printf "these resources in browser. Without the Mozilla Geckodriver this is not"
printf "possible within the scope of this script.\n"
read -p 'Would you like to automatically resolve this issue? Y/n : ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
get_gdriver
else
warning "Not Resolving"
fi
fi
printf "%b \n"
;;
"Quit")
exit 1
;;
*) echo invalid option;;
esac
done
}
if [[ "$EUID" -ne 0 ]]; then
warning "It is recommended that this script is run as root"
printf "Running it without super user privilege may result "
printf "in the utility failing to install critical components correctly \n"
read -p 'Continue without root? Y/n : ' choice
if [[ $choice == 'y' ]]; then
nix_util
else
warning "Aborted"
exit 1
fi
else
nix_util
fi