Python for OSINT Tooling

Dear readers, 

Python lets you work quickly and integrate your systems effectively, and that’s why it’s very popular among hackers and security specialists. In this edition, we would like to take a closer look at this amazing programming language. But instead of showing you basics and how to start your programming journey, we will show you how to implement Python into various projects. 

We start with an amazing tutorial prepared by Felix Castan, where you will see how to use Python to write your own OSINT tool. There are plenty of examples and information inside, which you can use for your own projects. You can’t miss this article! 

Now that we know how to build our own open source intelligence tool, let’s see other software examples. We had a privilege to meet two incredible authors: Lohitya Pushkar who wrote about his tool FinalRecon, which is built on a Python script for web reconnaissance, and Saeed Dehqan, who will show you how OWASP Maryam works. It’s a web-based Footprinting optional/modular framework based on the Recon-ng core and written in Python! 

But that’s only the beginning, after all, Python offers many possibilities. Let’s explore them! Another interesting article is about creating a ransomware sample with Python. The script was developed by Pedro Duarte, and he will guide you through this process, so you get insight into the process of creating simple ransomware. All examples were done in a safe environment.

In packet analysis/inspection, reverse engineering, and malware analysis, some (numeric) values are represented in hexadecimal big-endian or little-endian, how can we convert it? In Data Representation Conversion, you will find an answer to this question, as the author Rafael J. Lara L. has prepared a very detailed explanation, which can serve as a cheat sheet for you. 

Squatm3 is a Python tool designed to enumerate available domains generated by modifying the original domain name through different techniques. An in-depth step by step guide was written by Davide Cioccia and Stefan Petrushevski, authors of this tool. 

Eisen is another interesting project, an open source Python package making the implementation of deep learning methods easy. It’s definitely something different from our usual articles, but it does offer a unique approach to image analysis and computer vision tasks. And it is based on PyTorch. 

As always, we prepared a few articles about other topics. Ethical hacking possibilities in Kali Linux environment is a simple tutorial for less advanced users, who need a step by step guide into the world of hacking. You will read about MiTM attacks, server-side attacks, deauthentication attacks, and others. 

A Code Injection Method for Rapid Docker Image Building and Ransomware threat and its impact on SCADA closes this issue. 

We would like to send a big thank you to all contributors that joined this edition! Without you, this amazing issue wouldn’t be possible. Special thanks to all the, reviewers and proofreaders involved in the process of creating this issue.

Things are still weird and unpredictable with COVID-19. As we are still trying to adjust to this new reality, and overcome new challenges, remember that we are in this together. And only together we will stay strong! We hope that no matter where you are, you are safe, taking care of yourself and your loved ones. 

Enjoy the reading,

Hakin9 Editorial Team

---

Table of Contents

---

Build your own OSINT tools with PYTHON

Felix Castan

For this article, we are going to make all the programs in Python3, although all of them will work with hardly any modifications in both versions. In this article, we are going to see two different ways of approaching data collection; on the one hand, we are going to try to extract it from the website of the target entity and on the other hand, we will do it using search engines like Google.

---

OWASP Maryam

Saeed Dehqan

Open-source intelligence (OSINT) is a method of using open source tools to collect information and analyze them for a specific purpose. OSINT can be very helpful for hackers to use to garner data about particular organizations. Today, using open-sources like Bing, Google, Yahoo, etc., to gather data is one of the important steps for reconnaissance and this is a common task. It should be a tool to automate this routine. One of the best tools in this field is OWASP Maryam.

---

Importance of Reconnaissance - FinalRecon tool

Lohitya Pushkar ( thewhiteh4t )

A proper recon provides us with detailed information like open ports, active services, specification of servers, routing, important files, hidden links, etc. When performing a penetration test, it is crucial to begin with reconnaissance; it is possible that the information collected during the recon phase plays a critical role during exploitation as well as the post-exploitation phase of the test.

---

Creating a Simple Ransomware

Pedro Duarte

A ransomware, by definition, is a software that in some way blocks access to a machine or part of it, usually asking for money to fix it. Typically, this means encrypting files inside the victim’s computer, often stealing those and blackmailing the owner stating that they will make them public if they don’t give in to their conditions. The targets are usually companies and not individuals, as their computers store sensitive data that can represent huge losses if lost or made available to the public. During this tutorial we will be creating a simple ransomware with Python. It will be divided into two scripts - the server (that should be run in the attacker’s machine) and the client (that should be run in the victim’s machine).

---

Data Representation Conversion

Rafael J. Lara L. a.k.a 0xcafecafe

Recently, I faced a situation where I had to intercept and capture an HTTP communication dialog. The data captured was represented as “���”, that is: character “” followed by character “x” followed by character “a” and so; but I needed Python to treat this data as a byte sequence representation, where ‘�’ meaning byte conformed by hexadecimal ‘a’ followed by hexadecimal ‘b’, how could we convert it in that way? It would be helpful to have a guideline, a snip list or a cheat sheet that shows us how to do such conversions.

---

Squatm3 - Cybersquatting made easy

Davide Cioccia, Stefan Petrushevski

In this article, we introduce Squatm3 and Squatm3gator, two tools are written in Python 3, developed for security analysts and penetration testers, to detect and perform cybersquatting attacks before it is too late. Individuals or organizations can use Squatm3 or Squatm3gator to identify squatted domains, generated using one or multiple techniques.

---

EISEN: A Python Package For Deep Learning

Ozan Oktay

Eisen is an open source Python package making the implementation of deep learning methods easy. It is specifically tailored to medical image analysis and computer vision tasks, but its flexibility allows extension to any application. Eisen is based on PyTorch and it follows the same architecture of other packages belonging to the PyTorch ecosystem.

---

Ethical hacking possibilities in Kali Linux environment

Petar Cisara, Robert Pinter

This article deals with the problem of ethical hacking and security of computer systems. When we talk about security of an information system, we actually mean the primary three attributes of the system: confidentiality, integrity and availability. There are various approaches that aim to identify existing security weaknesses and security assessments. One of them is using Kali Linux operating system with its integrated effective tools specially adapted to the realization of various types of attacks.

---

A Code Injection Method for Rapid Docker Image Building

Yujing Wang, Qinyang Bao

In this article, we propose a code injection method that overcomes these inefficiencies by targeting only the changed layer and then bypassing the layer’s content checksum. This process is developed specifically for an interpreted language such as Python, where changes can be detected explicitly via text diff tools and run as-is without compilation.

---

Ransomware threat and its impact on SCADA

Anzor Lors, Arvind Kumar

Modern cyber crimes have exponentially grown over the last decade. Ransomware is one of the types of malware that is the result of sophisticated attempts to compromise modern computer systems. The governments and large corporations are investing heavily to combat this cyber threat against their critical infrastructure. It has been observed over the last few years that Industrial Control Systems (ICS) have become the main target of Ransomware due to the sensitive operations involved in the day to day processes of these industries.