D0xk1t - Web-based OSINT and Active Reconaissance Suite
Active reconnaissance, information gathering and OSINT built in a portable web application.
Since D0xk1t is self-hosted, it does not work immediately out-of-box. It is recommended that you use a
virtualenvcontainer due to the sheer number of dependencies that can run into conflict with your Python configuration.
Lucky for you, there are two ways to build D0xk1t. The quick 'n easy way, and the manual way.
Quick 'n Easy Way:
$ git clone && cd D0xk1t $ # Start virtualenv if you wish $ pip install -r requirements.txt $ python run.py
config.py. Here, you will see all the environmental variables that the application utilizes. Three important fields you MUSTbe aware of if you plan to deploy to the web.
GOOGLEMAPS_API_KEY = "YOUR_API_KEY_HERE" SECRET_KEY = 'SECRET_KEY_HERE'
GOOGLEMAPS_API_KEYdenotes the Google Maps API Key. This is essential for the GeoIP module. You can obtain it here and change the variable accordingly.
SECRET_KEYis the private key utilized by WTForm's CSRF protection feature. If deployed, change it to your liking.
Once installed, run with
python run.py. The application will run a first-time boot, and will then be accessible at
127.0.0.1:5000. Login with credentials, and you will be present with the admin panel.
Of course, this is self-hosting on localhost. Although work-in-progress, D0xk1t will soon support hosting on a variety of SaaS and server stacks of your choice.
The D0x module is a comprehensive info-gathering database that enables the pentester to write "D0x", or a file that holds a collection of data of a certain target, or targets. Using this data, the tester will be able to effectively understand their target, which is a critical point in the attacker's kill chain. D0xing is usually deemed malicious and black-hat in nature. However, with the D0x module, we aim to help security researchers gain momentum when conducting in-the-field pentesting.
The D0x module does come with several features, improved upon based off of the prior revision.
When working with metadata, IP addresses often pop up as a point-of-interest. Using Maxmind and Google Map's APIs, the GeoIP module aims to collect geolocation information on public IP addresses, in order to gather data on physical location during the reconnaissance stage of the killchain.