Intelspy – Perform Automated Network Reconnaissance Scans

superior_hosting_service

Intelspy – Perform Automated Network Reconnaissance Scans

Intelspy.png

Perform automated network reconnaissance scans to gather network intelligence.

IntelSpy

is a multi-threaded network intelligence tool that performs automated network services enumeration. It performs live hosts detection scans, port scans, services enumeration scans, web content scans, brute-forcing, detailed off-line exploits searches, and more.

The tool will also launch further enumeration scans for each detected service using a number of different tools.


Features

  • Scans multiple targets in the form of IP addresses, IP ranges (CIDR notation), and resolvable hostnames.
  • Scans targets concurrently.
  • Detects live hosts in an IP range (CIDR) network.
  • Customizable port scanning profiles and service enumeration commands.
  • Creates a directory structure for results gathering and reporting.
  • Logs every command that was executed.
  • Generates shell scripts containing commands to be run manually.
  • Extracts important information in txt and markdown format for further inspection.
  • Stores data to an SQLite database.
  • Generates an HTML report.

Requirements

  • Python 3 (sudo apt install python3)
  • Linux (preferably Kali Linux or any other hacking distribution containing the tools below.)
  • toml (https://github.com/toml-lang/toml)
  • seclists (https://github.com/danielmiessler/SecLists)
  • curl (prerequisite) (sudo apt install curl)
  • enum4linux (prerequisite) (sudo apt install enum4linux)
  • gobuster (prerequisite) (sudo apt install gobuster)
  • hydra (optional) (sudo apt install hydra)
  • ldapsearch (optional) (sudo apt install ldap-utils)
  • medusa (optional) (sudo apt install medusa)
  • nbtscan (prerequisite) (sudo apt install nbtscan)
  • nikto (prerequisite) (sudo apt install nikto)
  • nmap (prerequisite) (sudo apt install nmap)
  • onesixtyone (prerequisite) (sudo apt install onesixtyone)
  • oscanner (optional) (sudo apt install oscanner)
  • pandoc (prerequisite) (sudo apt install pandoc)
  • patator (optional) (sudo apt install patator)
  • showmount (prerequisite) (‘system tool ‘)
  • smbclient (prerequisite) (sudo apt install smbclient)
  • smbmap (prerequisite) (sudo apt install smbmap)
  • smtp-user-enum (prerequisite) (sudo apt install smtp-user-enum)
  • snmpwalk (prerequisite) (sudo apt install snmp)
  • sslscan (prerequisite) (sudo apt install sslscan)
  • svwar (prerequisite) (sudo apt install sipvicious)
  • tnscmd10g (prerequisite) (sudo apt install tnscmd10g)
  • whatweb (prerequisite) (sudo apt install whatweb)
  • wkhtmltoimage (prerequisite) (https://github.com/wkhtmltopdf/wkhtmltopdf/)
  • wpscan (optional) (sudo apt install wpscan)
pip3 install -r requirements.txt

Usage

$ python3 intelspy.py -h

 ___               __        
  |  ._ _|_  _  | (_  ._     
 _|_ | | |_ (/_ | __) |_) \/ 
                      |   /  
                                
IntelSpy v2.0 - Perform automated network reconnaissance scans to gather network intelligence.
IntelSpy is an open source tool licensed under GPLv3.
Written by: @maldevel | Logisek ICT
Web: https://logisek.com | https://pentest-labs.com
Project: https://github.com/maldevel/intelspy


usage: intelspy.py [-h] [-ts TARGET_FILE] -p PROJECT_NAME -w WORKING_DIR
                   [--exclude <host1[,host2][,host3],...>] [-s SPEED]
                   [-ct <number>] [-cs <number>] [--profile PROFILE_NAME]
                   [--livehost-profile LIVEHOST_PROFILE_NAME]
                   [--heartbeat HEARTBEAT] [-v]
                   [targets [targets ...]]

positional arguments:
  targets               IP addresses (e.g. 10.0.0.1), CIDR notation (e.g.
                        10.0.0.1/24), or resolvable hostnames (e.g.
                        example.com) to scan.

optional arguments:
  -h, --help            show this help message and exit
  -ts TARGET_FILE, --targets TARGET_FILE
                        Read targets from file.
  -p PROJECT_NAME, --project-name PROJECT_NAME
                        project name
  -w WORKING_DIR, --working-dir WORKING_DIR
                        working directory
  --exclude <host1[,host2][,host3],...>
                        exclude hosts/networks
  -s SPEED, --speed SPEED
                        0-5, set timing template (higher is faster) (default:
                        4)
  -ct <number>, --concurrent-targets <number>
                        The maximum number of target hosts to scan
                        concurrently. Default: 5
  -cs <number>, --concurrent-scans <number>
                        The maximum number of scans to perform per target
                        host. Default: 10
  --profile PROFILE_NAME
                        The port scanning profile to use (defined in port-
                        scan-profiles.toml). Default: default
  --livehost-profile LIVEHOST_PROFILE_NAME
                        The live host scanning profile to use (defined in
                        live-host-scan-profiles.toml). Default: default
  --heartbeat HEARTBEAT
                        Specifies the heartbeat interval (in seconds) for task
                        status messages. Default: 60
  -v, --verbose         Enable verbose output. Repeat for more verbosity (-v,
                        -vv, -vvv).

Usage Examples

Scanning single target

sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 -v
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 -vv
sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 -vvv

Scanning a hostname

sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ example.com

Scanning a network range(CIDR)

sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.0/24

Scanning multiple targets (comma separated)

sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ 192.168.10.15 192.168.10.0/24 example.com

Scanning targets from file

sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ -ts /home/user/targets.txt

Excluding one host

sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ --exclude 192.168.10.9 192.168.10.0/24

Excluding many hosts

sudo python3 intelspy.py -p MyProjectName -w /home/user/pt/projects/ --exclude 192.168.10.9,192.168.10.24 192.168.10.0/24

Credits

I started working on IntelSpy when I discovered AutoRecon. Instead of reinventing the wheel, IntelSpy is the result of merging IntelSpy with the best features of the AutoRecon to create a network reconnaissance tool suitable for Penetration Testing engagements.