Snitch for information gathering about domains

Snitch – information gathering tool

1 Shares
1
0
0

Snitch is a tool for automatically gathering information about any domain. Using the built-in dork libraries, this tool collects information about given domains that can be found using the search engines Google, Yahoo, DuckDuckGo, Bing and so on. It can be very useful in the early stages of penetration testing (commonly referred to as the intelligence gathering phase).

Gathering information about a domain with Snitch

Snitch can define the following types of information:

  • general information,
  • potentially confidential information,
  • files of different extensions,
  • directories, subdirectories, etc.

Of course, there are other applications with similar functionality.

How to use Snitch

First we need to install Snitch by running the following command in the terminal:

git clone https://github.com/Smaash/snitch

When you start Snitch, it displays a list of available options:

brain@update:~/snitch$ python snitch.py
		               _ __       __  
		   _________  (_) /______/ /_ 
		  / ___/ __ \/ / __/ ___/ __ \ 
		 (__  ) / / / / /_/ /__/ / / /
		/____/_/ /_/_/\__/\___/_/ /_/ ~0.3   
		  
Usage: snitch.py [options]

Options:
  -h, --help            show this help message and exit
  -U [url], --url=[url]
                        domain(s) or domain extension(s) separated by comma*
  -D [type], --dork=[type]
                        dork type(s) separated by comma*
  -C [dork], --custom=[dork]
                        custom dork*
  -O [file], --output=[file]
                        output file
  -S [ip:port], --socks=[ip:port]
                        socks5 proxy
  -I [seconds], --interval=[seconds]
                        interval between requests, 2s by default
  -P [pages], --pages=[pages]
                        pages to retrieve, 10 by default
  -v                    turn on verbosity

 Dork types:
  info   Information leak & Potential web bugs
  ext    Sensitive extensions
  docs   Documents & Messages
  files  Files & Directories
  soft   Web software
  all    All

To demonstrate how this tool works, let’s find seven domains with a target address of .gov

brain@update:~/snitch$ python snitch.py -D ext -U gov -P7
[!] Pages limit set to 7
[+] Target: gov

[+] Looking for sensitive extensions

http://www.seismic.ca.gov/pub/CSSC_1998-01_COG.pdf.OLD
http://greengenes.lbl.gov/Download/Sequence_Data/Fasta_data_files/CoreSet_2010/formatdb.log
http://www.uspto.gov/web/patents/pdx/permitting_access.pdf_2010may17.bak
https://software.sandia.gov/trac/canary/attachment/ticket/3917/Pike_Hach%26SCAN_Oracle.edsx_convert.log
http://www.dss.virginia.gov/tst.log
http://appliedresearch.cancer.gov/nhanes_pam/create.pam_perday.log
https://igscb.jpl.nasa.gov/igscb/station/log/abmf_20150428.log
1 Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like