https://github.com/woj-ciech/Danger-zone
⇒ HORRIBLE SETUP #FuckingGoogleSearchApiModule# Correlate data between domains, ips and email addresses, present it as a graph# And store everything into Elasticsearch and JSON files# You have to edit the settings.json file in order to provide your API keys and Elestic database info# Golden Rule → Don't jump to conclusions too fast
Usage
python danger-zone.py -h
usage: dangerzone.py [-h][--email EMAIL][--address ADDRESS][--domain DOMAIN][--elasticsearch]
Correlate data between domains, ips and email addresses and present it as a
graph.
optional arguments:
-h, --help show this help message and exit
--email EMAIL Email address
--address ADDRESS IP address
--domain DOMAIN Domain name
--elasticsearch Elasticsearch output
# Example domain check
python danger-zone.py --domain example.net --elastic
Modules
- Email
→ Trumail - Validation email address (https://trumail.io/)
→ Whoxy - Reverse Whois service (https://whoxy.com/) KEY NEEDED
→ haveIbeenPwned - Dumps (https://haveibeenpwned.com/)
→ Username check - Check username, based on email address, across social media sites (https://username-availability.herokuapp.com/)
→ Google - Query Google
- IP
→ Geolocation - Geolocate IP (https://extreme-ip-lookup.com/)
→ Threatcrowd - Information about IP (https://github.com/AlienVault-OTX/ApiV2)
→ VirusTotal - Information about IP (https://www.virustotal.com/) Key needed
- Domain
→ TLD - Get sponsor of particular Top Level Domain (https://raw.githubusercontent.com/mikewesthad/tld-data/master/data/tlds.json)
→ Threatcrowd - Information about domain (https://github.com/AlienVault-OTX/ApiV2)
→ Whoxy - Whois service (https://whoxy.com/)
→ Whois history - Historical data about domain (https://whoxy.com/)
→ Wayback Machine - Archive version of website (http://archive.org/)
→ VirusTotal - Information about domain (https://www.virustotal.com/)