Getting Started

# Documentation

# Registry

# Default, no modules installed
# Quick install
> pkg quickstart
> pkg --help

# Scopes
> workspace demo
> add domain
Domain :

# Confirm
> select domains
> select domains where id=1
> select domains where value like
> select domains where ( value like e% and value like %m ) or false

# Modules
# Informations gathered by modules can be picked up by others
> pkg list

# Certificate transparency
> use ctlogs
> run

> use dns-resolve
> run

# Scan for discovered URLs
> use url-scan
> target
> target where resolvable
> run
> select urls

Unscoping entities

# Unscopping entities
# Modules are greedy and add inscope things you don't want
# You can delete it, but it can still be picked up by other modules
# Or you can set specific flags on that entity
> target
> noscope domains where
> target

# Reverse behavior
> scope domains where true

# Autonoscope
# You can define rules to auto-unscope items
[sn0int][demo] > # add the domain first
[sn0int][demo] > # this is necessary because we only want to partially unscope
[sn0int][demo] > add domain
[sn0int][demo] >
[sn0int][demo] > # automatically noscope all subdomains
[sn0int][demo] > autonoscope add domain
[sn0int][demo] > # except subdomains of
[sn0int][demo] > autoscope add domain
[sn0int][demo] >
[sn0int][demo] > autonoscope list
  scope domain ""
noscope domain ""
[sn0int][demo] >
[sn0int][demo] > # this is going to be out-of-scope
[sn0int][demo] > add subdomain
[sn0int][demo] > # this is going to be in-scope
[sn0int][demo] > add subdomain
[sn0int][demo] >
[sn0int][demo] > select subdomains
#1, ""
#2, ""
[sn0int][demo] > select subdomains where unscoped=0
#2, ""
[sn0int][demo] > select subdomains where unscoped=1
#1, ""
[sn0int][demo] >

# Autonoscope rules for domains are applied to domains, subdomains, urls
# Autonoscope rules for IPs are applied to ipaddrs, netblocks, ports
# Autonoscope rules for URLs are applied only to urls


# Keyring
[sn0int][default] > keyring add aws:AKIAIOSFODNN7EXAMPLE
Secretkey: keep-this-secret
[sn0int][default] > keyring list
[sn0int][default] >
[sn0int][default] > keyring list aws
[sn0int][default] > keyring list instagram
[sn0int][default] >
[sn0int][default] > keyring get aws:AKIAIOSFODNN7EXAMPLE
Namespace:    "aws"
Secret:       "keep-this-secret"
[sn0int][default] >


Structure Attributes
Domains value
Subdomains value, domain_id, resolvable
IP value, family, continent, continent_code, country, city, latitude, longitude, asn, as_org, description, reverse_dns
URLs subdomain_id, value, status, body, online, title, redirect
Emails value, displayname, valid
Phonenumbers value, name, valid, last_online, country, carrier, line, is_ported, last_ported, caller_name, caller_type
Devices value, name, hostname, vendor, last_seen
Networks value, latitude, longitude, description
Accounts service, username, displayname, email, url, last_seen, birthday, phonenumber, profile_pic
Breaches value
Images value, filename, mime, width, height, created, latitude, longitude, nudity, ahash, dhash, phash
Ports ip_addr_id, ip_addr, port, status, banner, service, version
Netblocks family, value, asn, as_org, description
CryptoAddrs value, currency, denominator, balance, received, first_seen, last_withdrawal, description


# Registry contains all modules

# Searching
 > pkg search patreon
kpcyrd/patreon (0.1.0) - 17 downloads
    Collect information from patreon profiles

# Install
> pkg install kpcyrd/patreon
[+] Installing kpcyrd/patreon
[+] Loaded 51 modules