Semi-automatic OSINT framework and package manager
GPL-3.0 License
Bot releases are visible (Hide)
We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.
Published by kpcyrd about 1 year ago
bytesize
and 1 KB
-> 1000 bytes, to humansize
and 1 KiB
-> 1024 bytes.This is a very small release but marked as semver-minor due to the output change.
We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.
Published by kpcyrd over 1 year ago
0
as invalid, refusing the connection.We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.
Published by kpcyrd almost 2 years ago
EOF while parsing a value at line 1 column 0
to Sandbox child has crashed
We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.
Published by kpcyrd over 2 years ago
export DOCKER_BUILDKIT=1
)We'd like to thank @SantiagoTorres, @repi and @rgacogne for their support on github sponsors.
Published by kpcyrd almost 3 years ago
fstat
We'd like to thank @SantiagoTorres and @repi for their support on github sponsors.
Published by kpcyrd almost 3 years ago
sn0int rescope -i
There've been commands for {scope,noscope,autoscope,autonoscope}
for a while, scope/noscope sets entities to out-of-scope which automatically excludes them from further investigations, and autoscope/autonoscope is a system to automatically set things out-of-scope with a hierarchical rule set.
In the past there was no way to re-apply these rules to existing entities. This is now possible with the rescope
command that's available both from the interactive cli and the commandline.
It defaults to non-interactive mode that shows a diff when applying the rules and asks for confirmation. -n
is a dry-run to always reject the change, -y
to automatically apply it and -i
to interactively decide for each entity.
Besides the obvious y and n there's also:
example.com
matched noscope .com
and you select a, example.com
would be set out-of-scope and the next-up foobar.com
would be automatically set out-of-scope without asking againWe'd like to thank @SantiagoTorres and @repi for their support on github sponsors.
Published by kpcyrd almost 3 years ago
run <module>
interactivelyrun -X <proxy>
We'd like to thank @SantiagoTorres and @repi for their support on github sponsors.
Published by kpcyrd about 3 years ago
!
from readlineSN0INT_WORKSPACE
environment variable. Running shell commands with the new !
feature autoamtically sets this variable to the current workspaceWe'd like to thank @SantiagoTorres and @repi for their support on github sponsors.
Published by kpcyrd over 3 years ago
We'd like to thank @repi for their support on github sponsors.
Published by kpcyrd over 3 years ago
We'd like to thank @repi for their support on github sponsors.
Published by kpcyrd over 3 years ago
stats
command to show data in the workspace. This is also available as a subcommand with sn0int -w foo stats
select --values
as shorthand for jq -r .value
We'd like to thank @repi for their support on github sponsors.
Published by kpcyrd over 3 years ago
We'd like to thank @repi for their support on github sponsors.
Published by kpcyrd almost 4 years ago
sn0int add --stdin
We'd like to thank @repi for their support on github sponsors.
Published by kpcyrd over 4 years ago
We'd like to thank @repi for their support on github sponsors.
Published by kpcyrd over 4 years ago
Previous releases introduced activity
as a new discoverable datapoint, there's now a new cal
command to show a calendar that's annotated with a heat-map.
sn0int cal 2020
It's also possible to break them down to a specific time (-T
) which defaults to 12 minute slices, or group by hour instead (-H
). To -C
to show additional days for context (this also works in the month view):
sn0int cal -TC3
There's a new notification system that you can hook into. Notifications are also just sent with regular sn0int modules that take -- Source: notifications
as input, to get the list of notification modules that are currently installed run:
sn0int pkg list --source notifications
This enables you to run sn0int automatically and unattended to monitor infrastructure. A full walk-through of how to setup notification routing can be found here:
https://sn0int.readthedocs.io/en/latest/notifications.html
Please note that this feature is still very much work in progress.
mod
command in favor of pkg
pkg quickstart
skip already installed modulesWe'd like to thank @repi for their support on github sponsors.
Published by kpcyrd over 4 years ago
Published by kpcyrd over 4 years ago
Published by kpcyrd over 4 years ago
quickstart
with pkg quickstart
sn0int activity
, like '1h ago'Published by kpcyrd over 4 years ago
x509_parse_pem
(dependency downgraded and sent https://github.com/rusticata/x509-parser/pull/27)sn0int run --dump-sandbox-init-msg
for sandbox debuggingexit
and quit
to exit the sn0int cli