Ice3man543 / Hawkeye
Licence: mit
Hawkeye filesystem analysis tool
Stars: ✭ 202
Projects that are alternatives of or similar to Hawkeye
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+151.98%)
Mutual labels: hacking, pentesting, infosec, bug-bounty
Cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+1273.76%)
Mutual labels: hacking, pentesting, infosec, netsec
Goaltdns
A permutation generation tool written in golang
Stars: ✭ 119 (-41.09%)
Mutual labels: hacking, infosec, netsec, bug-bounty
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+3487.13%)
Mutual labels: hacking, pentesting, infosec, bug-bounty
Nmap
Idiomatic nmap library for go developers
Stars: ✭ 391 (+93.56%)
Mutual labels: hacking, pentesting, infosec, netsec
Gorsair
Gorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+235.64%)
Mutual labels: pentesting, infosec, netsec
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+283.66%)
Mutual labels: hacking, pentesting, infosec
Spellbook
Micro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-73.76%)
Mutual labels: hacking, pentesting, bug-bounty
Subjack
Subdomain Takeover tool written in Go
Stars: ✭ 1,194 (+491.09%)
Mutual labels: pentesting, infosec, bug-bounty
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-69.31%)
Mutual labels: hacking, pentesting, infosec
Pentesting toolkit
🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+527.72%)
Mutual labels: hacking, pentesting, infosec
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-9.9%)
Mutual labels: hacking, pentesting, infosec
Passphrase Wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+175.25%)
Mutual labels: hacking, pentesting, infosec
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+330.69%)
Mutual labels: hacking, pentesting, infosec
Red Teaming Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+2679.7%)
Mutual labels: hacking, pentesting, infosec
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+462.38%)
Mutual labels: hacking, pentesting, infosec
Hacker Container
Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-48.02%)
Mutual labels: hacking, pentesting, infosec
Awesome Shodan Queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1265.35%)
Mutual labels: hacking, pentesting, infosec
Apkurlgrep
Extract endpoints from APK files
Stars: ✭ 405 (+100.5%)
Mutual labels: hacking, pentesting, infosec
Subtake
Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-48.51%)
Mutual labels: pentesting, infosec, bug-bounty
Hawkeye
HawkEye is a simple tool to crawl the filesystem or a directory looking for interesting stuff like SSH Keys, Log Files, Sqlite Database, password files, etc. Hawkeye uses a fast filesystem crawler to look through files recursively and then sends them for analysis in real time and presents the data in both json format and simple console output. The tool is built with a modular approach making it easy to use and easily extensible.
It can be used during pentests as a privilege escalation tool to look through the filesystem finding configuration files or ssh keys sometimes left by the sys-admins.
]
Features
- Simple and modular code base making it easy to contribute.
- Fast And Powerful Directory crawling module doing real-time analysis
- Easily extensible and vast scanner (Thanks to Gitrob)
- Outputs in various formats
Installation Instructions
The installation is easy. Git clone the repo and run go build.
go get github.com/Ice3man543/hawkeye
Upgrading
If you wish to upgrade the package you can use:
go get -u github.com/Ice3man543/hawkeye
Usage
Hawkeye needs a directory to begin with. A directory can be supplied with -d flag. For example -
./hawkeye -d <directory>
To run it against my home directory, i can pass /home/ice3man as the argument.
./hawkeye -d /home/ice3man
[email protected] ~/tmp ./hawkeye -d /home/ice3man
_ _ _ ___
| || | __ _ __ __ __| |__| __|_ _ ___
| __ |/ _ |\ V V /| / /| _|| || |/ -_)
|_||_|\__,_| \_/\_/ |_\_\|___|\_, |\___|
|__/
Analysis v1.0 - by @Ice3man
[13:31:59] HawkEye : An advance filesystem analysis tool
[13:31:59] Written By : @Ice3man
[13:31:59] Github : https://github.com/Ice3man543
[Log file] /home/ice3man/.tplmap/tplmap.log
[Log file] /home/ice3man/burpsuite-master/hs_err_pid3028.log
[Log file] /home/ice3man/.log/jack/jackdbus.log
[Shell command history file] /home/ice3man/oldvps/root/.bash_history
[Shell configuration file] /home/ice3man/oldvps/root/.bashrc
You can use -v flag to show verbose output. You can also get json output using -o flag.
[
{
"path": "/home/ice3man/oldvps/root/.bash_history",
"description": "Shell command history file",
"comment": ""
},
{
"path": "/home/ice3man/oldvps/root/.profile",
"description": "Shell profile configuration file",
"comment": "Shell configuration files can contain passwords, API keys, hostnames and other goodies"
},
{
"path": "/home/ice3man/oldvps/root/.bashrc",
"description": "Shell configuration file",
"comment": "Shell configuration files can contain passwords, API keys, hostnames and other goodies"
},
]
You can list the signatures present in the tool's database by using -l option.
[-] Signatures present in Database:
-> CryptoFiles
-> PasswordFiles
-> ConfigurationFiles
-> DatabaseFiles
-> MiscFiles
You can specify the signatures to be used by the tool by passing the --sig flag. It takes a comma-separated list of signatures to be used. You can also specify exclusion of certain signatures using --exclude-sig flag.
[email protected] ~/tmp ./hawkeye -d /home/ice3man -sig cryptofiles
[email protected] ~/tmp ./hawkeye -d /home/ice3man -exclude-sig miscfiles
License
HawkEye is made with 🖤 by Ice3man.
Buy me a coffee if you appreciate my work.
See the License file for more details.
Thanks
HawkEye uses signatures from the awesome Gitrob project by Michenriksen. Thanks to him :)
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].