kchanakya27-dev/Red_Team_Recon-Automation-toolkit

GitHub: kchanakya27-dev/Red_Team_Recon-Automation-toolkit

自动化红队侦察工具包,通过整合多个 OSINT 与子域名枚举工具来简化渗透测试前期信息收集流程。

Stars: 0 | Forks: 0

## 安装说明 ### 1️⃣ 克隆工具仓库 ``` git clone https://github.com/Tharun-script/cts_recon.git ``` ### 2️⃣ 创建 Python 虚拟环境 ``` python3 -m venv venv source venv/bin/activate ``` ### 3️⃣ 安装依赖 ``` pip install -r requirement.txt ``` ### 4️⃣ 安装 Golang ``` sudo apt install golang -y ``` ### 5️⃣ 安装 HTTPX ``` go install github.com/projectdiscovery/httpx/cmd/httpx@latest ``` ### 6️⃣ 安装 gau ``` go install github.com/lc/gau/v2/cmd/gau@latest ``` ### 7️⃣ 安装 GF ``` go install github.com/tomnomnom/gf@latest ``` ### 8️⃣ 下载并配置 Gf-Patterns ``` git clone https://github.com/1ndianl33t/Gf-Patterns mkdir -p ~/.gf cp ~Gf-Patterns/*.json ~/.gf ls ~/.gf ``` ### 9️⃣ 安装 SpiderFoot ``` sudo apt install spiderfoot ``` ### 🔟 添加自定义 JSON Importer 模块 1. 导航至 SpiderFoot 模块目录: cd /usr/share/spiderfoot/modules 2. 创建并编辑自定义模块文件: sudo nano sfp_jsonimport.py 3. 将以下代码粘贴到 `sfp_jsonimport.py` 中: ``` import os import json from spiderfoot import SpiderFootEvent, SpiderFootPlugin class sfp_jsonimport(SpiderFootPlugin): meta = { 'name': "JSON Importer (Custom)", 'summary': "Imports recon findings from a dynamically chosen JSON file into SpiderFoot and correlates them.", 'flags': [], 'useCases': ["Investigate"], 'categories': ["Custom"] } opts = {} optdescs = {} def setup(self, sfc, userOpts=dict()): self.sf = sfc for opt in userOpts: self.opts[opt] = userOpts[opt] def watchedEvents(self): return [] def producedEvents(self): return [ "IP_ADDRESS", "DOMAIN_NAME", "INTERNET_NAME", "S3_BUCKET", "PASSWORD", "TCP_PORT_OPEN", "PHONE_NUMBER", "SOFTWARE_USED", "VULNERABILITY_CVE", "EMAILADDR" ] def start(self): target = os.environ.get("SPF_TARGET") if not target: self.sf.error("SPF_TARGET environment variable not set.") return # ✅ fixed path (no backslashes) json_path = f"/home//cts_recon/{target}_spf.json" #customize the path according to cloned directory in linux if not os.path.isfile(json_path): self.sf.error(f"JSON file not found: {json_path}") return try: with open(json_path, "r") as f: data = json.load(f) except Exception as e: self.sf.error(f"Error loading JSON file: {e}") return root_evt = SpiderFootEvent("ROOT", f"JSON Import Root: {target}", self.__class__.__name__, None) self.notifyListeners(root_evt) root_domain = data.get("domain", target) domain_evt = SpiderFootEvent("DOMAIN_NAME", root_domain, self.__class__.__name__, root_evt) self.notifyListeners(domain_evt) self.sf.info(f"Imported root domain: {root_domain}") # Subdomains for dom in data.get("subdomains", []): evt = SpiderFootEvent("DOMAIN_NAME", dom, self.__class__.__name__, domain_evt) self.notifyListeners(evt) self.sf.info(f"Imported subdomain: {dom}") # IPs for ip, ipdata in data.get("ips", {}).items(): ip_evt = SpiderFootEvent("IP_ADDRESS", ip, self.__class__.__name__, domain_evt) self.notifyListeners(ip_evt) self.sf.info(f"Imported IP: {ip}") for port in ipdata.get("open_ports", []): port_evt = SpiderFootEvent("TCP_PORT_OPEN", str(port), self.__class__.__name__, ip_evt) self.notifyListeners(port_evt) self.sf.info(f"Imported open port {port} on {ip}") for cve in ipdata.get("cves", []): cve_evt = SpiderFootEvent("VULNERABILITY_GENERAL", cve, self.__class__.__name__, ip_evt) self.notifyListeners(cve_evt) self.sf.info(f"Imported CVE {cve} for {ip}") # Emails for email in data.get("emails", []): email_evt = SpiderFootEvent("EMAILADDR", email, self.__class__.__name__, domain_evt) self.notifyListeners(email_evt) self.sf.info(f"Imported email: {email}") # Technologies for tech in data.get("technologies", []): tech_evt = SpiderFootEvent("SOFTWARE_USED", tech, self.__class__.__name__, domain_evt) self.notifyListeners(tech_evt) self.sf.info(f"Imported technology: {tech}") self.sf.info("✅ JSON Import completed successfully.") ``` ### 1️⃣1️⃣ 运行 Pipeline: 执行 pipeline.py ``` python3 pipeline.py ```
标签:GitHub, Python, 实时处理, 无后门, 日志审计, 运行时操纵, 逆向工具