kchanakya27-dev/Red_Team_Recon-Automation-toolkit
GitHub: kchanakya27-dev/Red_Team_Recon-Automation-toolkit
自动化红队侦察工具包,通过整合多个 OSINT 与子域名枚举工具来简化渗透测试前期信息收集流程。
Stars: 0 | Forks: 0
## 安装说明
### 1️⃣ 克隆工具仓库
```
git clone https://github.com/Tharun-script/cts_recon.git
```
### 2️⃣ 创建 Python 虚拟环境
```
python3 -m venv venv
source venv/bin/activate
```
### 3️⃣ 安装依赖
```
pip install -r requirement.txt
```
### 4️⃣ 安装 Golang
```
sudo apt install golang -y
```
### 5️⃣ 安装 HTTPX
```
go install github.com/projectdiscovery/httpx/cmd/httpx@latest
```
### 6️⃣ 安装 gau
```
go install github.com/lc/gau/v2/cmd/gau@latest
```
### 7️⃣ 安装 GF
```
go install github.com/tomnomnom/gf@latest
```
### 8️⃣ 下载并配置 Gf-Patterns
```
git clone https://github.com/1ndianl33t/Gf-Patterns
mkdir -p ~/.gf
cp ~Gf-Patterns/*.json ~/.gf
ls ~/.gf
```
### 9️⃣ 安装 SpiderFoot
```
sudo apt install spiderfoot
```
### 🔟 添加自定义 JSON Importer 模块
1. 导航至 SpiderFoot 模块目录:
cd /usr/share/spiderfoot/modules
2. 创建并编辑自定义模块文件:
sudo nano sfp_jsonimport.py
3. 将以下代码粘贴到 `sfp_jsonimport.py` 中:
```
import os
import json
from spiderfoot import SpiderFootEvent, SpiderFootPlugin
class sfp_jsonimport(SpiderFootPlugin):
meta = {
'name': "JSON Importer (Custom)",
'summary': "Imports recon findings from a dynamically chosen JSON file into SpiderFoot and correlates them.",
'flags': [],
'useCases': ["Investigate"],
'categories': ["Custom"]
}
opts = {}
optdescs = {}
def setup(self, sfc, userOpts=dict()):
self.sf = sfc
for opt in userOpts:
self.opts[opt] = userOpts[opt]
def watchedEvents(self):
return []
def producedEvents(self):
return [
"IP_ADDRESS",
"DOMAIN_NAME",
"INTERNET_NAME",
"S3_BUCKET",
"PASSWORD",
"TCP_PORT_OPEN",
"PHONE_NUMBER",
"SOFTWARE_USED",
"VULNERABILITY_CVE",
"EMAILADDR"
]
def start(self):
target = os.environ.get("SPF_TARGET")
if not target:
self.sf.error("SPF_TARGET environment variable not set.")
return
# ✅ fixed path (no backslashes)
json_path = f"/home//cts_recon/{target}_spf.json" #customize the path according to cloned directory in linux
if not os.path.isfile(json_path):
self.sf.error(f"JSON file not found: {json_path}")
return
try:
with open(json_path, "r") as f:
data = json.load(f)
except Exception as e:
self.sf.error(f"Error loading JSON file: {e}")
return
root_evt = SpiderFootEvent("ROOT", f"JSON Import Root: {target}", self.__class__.__name__, None)
self.notifyListeners(root_evt)
root_domain = data.get("domain", target)
domain_evt = SpiderFootEvent("DOMAIN_NAME", root_domain, self.__class__.__name__, root_evt)
self.notifyListeners(domain_evt)
self.sf.info(f"Imported root domain: {root_domain}")
# Subdomains
for dom in data.get("subdomains", []):
evt = SpiderFootEvent("DOMAIN_NAME", dom, self.__class__.__name__, domain_evt)
self.notifyListeners(evt)
self.sf.info(f"Imported subdomain: {dom}")
# IPs
for ip, ipdata in data.get("ips", {}).items():
ip_evt = SpiderFootEvent("IP_ADDRESS", ip, self.__class__.__name__, domain_evt)
self.notifyListeners(ip_evt)
self.sf.info(f"Imported IP: {ip}")
for port in ipdata.get("open_ports", []):
port_evt = SpiderFootEvent("TCP_PORT_OPEN", str(port), self.__class__.__name__, ip_evt)
self.notifyListeners(port_evt)
self.sf.info(f"Imported open port {port} on {ip}")
for cve in ipdata.get("cves", []):
cve_evt = SpiderFootEvent("VULNERABILITY_GENERAL", cve, self.__class__.__name__, ip_evt)
self.notifyListeners(cve_evt)
self.sf.info(f"Imported CVE {cve} for {ip}")
# Emails
for email in data.get("emails", []):
email_evt = SpiderFootEvent("EMAILADDR", email, self.__class__.__name__, domain_evt)
self.notifyListeners(email_evt)
self.sf.info(f"Imported email: {email}")
# Technologies
for tech in data.get("technologies", []):
tech_evt = SpiderFootEvent("SOFTWARE_USED", tech, self.__class__.__name__, domain_evt)
self.notifyListeners(tech_evt)
self.sf.info(f"Imported technology: {tech}")
self.sf.info("✅ JSON Import completed successfully.")
```
### 1️⃣1️⃣ 运行 Pipeline:
执行 pipeline.py
```
python3 pipeline.py
```
标签:GitHub, Python, 实时处理, 无后门, 日志审计, 运行时操纵, 逆向工具