{"id":2500,"date":"2015-07-18T05:57:04","date_gmt":"2015-07-18T05:57:04","guid":{"rendered":"http:\/\/www.pir8geek.com\/?p=2500"},"modified":"2015-07-18T05:57:04","modified_gmt":"2015-07-18T05:57:04","slug":"snitch-a-tool-which-automate-information-gathering","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=2500","title":{"rendered":"Snitch &#8211; A tool which automate Information Gathering"},"content":{"rendered":"<p><strong>Snitch<\/strong> is a tool which automate information gathering process for specified domain. Using build-in dork categories, this tool helps gather specified informations domain which can be found using web search engines. It can be quite useful in early phases of pentest.<br \/>\n<strong>To download Snitch from git:<\/strong><br \/>\n1. Open a terminal and execute the following command.<\/p>\n<pre>git clone https:\/\/github.com\/Smaash\/snitch.git<\/pre>\n<p>Usage and Example:<strong><br \/>\n<\/strong><\/p>\n<pre>root@0x69:~\/snitch$ python snitch.py\n                       _ __       __  \n           _________  (_) \/______\/ \/_ \n          \/ ___\/ __ \\\/ \/ __\/ ___\/ __ \\ \n         (__  ) \/ \/ \/ \/ \/_\/ \/__\/ \/ \/ \/\n        \/____\/_\/ \/_\/_\/\\__\/\\___\/_\/ \/_\/ ~0.3   \nUsage: snitch.py [options]\nOptions:\n  -h, --help            show this help message and exit\n  -U [url], --url=[url]\n                        domain(s) or domain extension(s) separated by comma*\n  -D [type], --dork=[type]\n                        dork type(s) separated by comma*\n  -C [dork], --custom=[dork]\n                        custom dork*\n  -O [file], --output=[file]\n                        output file\n  -S [ip:port], --socks=[ip:port]\n                        socks5 proxy\n  -I [seconds], --interval=[seconds]\n                        interval between requests, 2s by default\n  -P [pages], --pages=[pages]\n                        pages to retrieve, 10 by default\n  -v                    turn on verbosity\n Dork types:\n  info   Information leak &amp; Potential web bugs\n  ext    Sensitive extensions\n  docs   Documents &amp; Messages\n  files  Files &amp; Directories\n  soft   Web software\n  all    All\n<\/pre>\n<pre>root@0x69:~\/snitch$ python snitch.py -D ext -U gov -P15\n[!] Pages limit set to 15\n[+] Target: gov\n[+] Looking for sensitive extensions\nhttp:\/\/www.seismic.ca.gov\/pub\/CSSC_1998-01_COG.pdf.OLD\nhttp:\/\/greengenes.lbl.gov\/Download\/Sequence_Data\/Fasta_data_files\/CoreSet_2010\/formatdb.log\nhttp:\/\/www.uspto.gov\/web\/patents\/pdx\/permitting_access.pdf_2010may17.bak\nhttps:\/\/software.sandia.gov\/trac\/canary\/attachment\/ticket\/3917\/Pike_Hach%26SCAN_Oracle.edsx_convert.log\nhttp:\/\/www.dss.virginia.gov\/tst.log\nhttp:\/\/appliedresearch.cancer.gov\/nhanes_pam\/create.pam_perday.log\nhttps:\/\/igscb.jpl.nasa.gov\/igscb\/station\/log\/abmf_20150428.log\nhttp:\/\/sun.ars-grin.gov:8080\/dbf.sql\nhttp:\/\/cci.lbl.gov\/~phzwart\/Betty_data\/latest_data\/acorn\/14_molrep.log\nhttp:\/\/appliedresearch.cancer.gov\/nhanes_pam\/create.pam_perminute.log\nhttps:\/\/software.sandia.gov\/trac\/dakota\/attachment\/ticket\/4166\/hopperConf.log\nhttps:\/\/igscb.jpl.nasa.gov\/igscb\/station\/mgexlog\/nya2_20130905.log\nhttp:\/\/www.swrcb.ca.gov\/losangeles\/board_decisions\/adopted_orders\/index.shtml.old\nhttp:\/\/web.epa.ohio.gov\/phpMyAdmin.2.11.5\/scripts\/create_tables_mysql_4_1_2+.sql\nhttps:\/\/trac.mcs.anl.gov\/projects\/mpich2\/attachment\/ticket\/83\/config.log\nhttps:\/\/tcga-data.nci.nih.gov\/docs\/index.html.bak\nhttp:\/\/spec.jpl.nasa.gov\/ftp\/pub\/catalog\/c098001.log\nhttp:\/\/www.glerl.noaa.gov\/metdata\/2check_all.log\nhttp:\/\/www.maine.gov\/dep\/ftp\/MAIRIS\/5.2.3_Installation\/mairis_5_2_3_seq_mgmt.sql\nhttp:\/\/ft.ornl.gov\/eavl\/regression\/configure.log\nhttp:\/\/airsar.jpl.nasa.gov\/airdata\/PRECISION_LOG\/hd1883.log\nhttp:\/\/www.uspto.gov\/main\/homepagenews\/pprwrk_rdctn_act.htm_2009sep29a.bak\nhttp:\/\/eula.mindspark.com\/cookies\/\nhttp:\/\/www.antd.nist.gov\/pubs\/Sriram_BGP_IEEE_JSAC.pdf.old\nhttp:\/\/www-esh.fnal.gov\/pls\/default\/itna.log\nhttp:\/\/web.epa.ohio.gov\/phpMyAdmin.2.11.5\/scripts\/upgrade_tables_mysql_4_1_2+.sql\nhttp:\/\/www.modot.mo.gov\/newsandinfo\/documents\/_baks\/Whathappenstoyourbenefitswhenyouterminatestateemployment.pdf.0001.c487.bak\nhttp:\/\/maine.gov\/REVENUE\/netfile\/WS_FTP.LOG\nhttp:\/\/mls.jpl.nasa.gov\/lay\/UARS_MLS.LOG\nhttp:\/\/airsar.jpl.nasa.gov\/airdata\/PRECISION_LOG\/hd1469.log\nhttp:\/\/www.iowa.gov\/boee\/handbook.pdf.old\nhttp:\/\/yuri.lbl.gov\/ontologies\/obo-all\/uberon_prerelease\/uberon_prerelease.obo_xml.OLD\nhttps:\/\/igscb.jpl.nasa.gov\/igscb\/station\/general\/blank.log\nhttp:\/\/yuri.lbl.gov\/ontologies\/obo-all\/disease_ontology\/disease_ontology.owl2.OLD\nhttps:\/\/www.health.ny.gov\/health_care\/medicaid\/nyserrcd.ini\nhttp:\/\/www.thruway.ny.gov\/business\/contractors\/expedite\/bid.ini\nhttp:\/\/www.wpc.ncep.noaa.gov\/html\/ecmwf0012loop500_ak.cfg\nhttps:\/\/fermilinux.fnal.gov\/documentation\/security\/krb5.conf\nhttp:\/\/spartatools.dnsops.gov\/wiki\/index.php\/Dnsval.conf\nhttp:\/\/w3.pppl.gov\/~hammett\/comp\/MSWindows\/teraterm\/TERATERM.INI\nhttp:\/\/usgcb.nist.gov\/usgcb\/content\/configuration\/workstation-ks.cfg\nhttps:\/\/ics-web.sns.ornl.gov\/kasemir\/CSS\/Training\/DLS\/Config\/settings.ini\nhttp:\/\/cmip-pcmdi.llnl.gov\/cmip5\/docs\/esg.ini\nhttp:\/\/spartatools.dnsops.gov\/wiki\/index.php\/Dnssec-tools.conf\nhttp:\/\/www.usatlas.bnl.gov\/~caballer\/files\/cvmfs\/etc\/httpd\/welcome.conf\nhttps:\/\/security.fnal.gov\/krb5.conf\nhttp:\/\/collaborate2.nws.noaa.gov\/canned_data\/data_files\/pqact.conf\nhttp:\/\/archives1.dags.hawaii.gov\/gsdl\/collect\/vitalsta\/etc\/oai.cfg\nhttp:\/\/lambda.gsfc.nasa.gov\/data\/suborbital\/BICEP2\/B2_3yr_camb_planck_withB_params_20140314.ini\n[+] Done!\n<\/pre>\n<p>Download Snitch at Github Repository: <a href=\"https:\/\/github.com\/Smaash\/snitch\" target=\"_blank\" rel=\"noopener noreferrer\">Snitch<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Snitch is a tool which automate information gathering process for specified domain. Using build-in dork categories, this tool helps gather specified informations domain which can be found using web search engines. It can be quite useful in early phases of pentest. To download Snitch from git: 1. Open a terminal and execute the following command.<\/p>\n","protected":false},"author":1,"featured_media":2502,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[162],"tags":[530,275,531],"class_list":["post-2500","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-information-gathering","tag-dork","tag-pentest","tag-snitch"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2500","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2500"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2500\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2500"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2500"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2500"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}