-
Notifications
You must be signed in to change notification settings - Fork 11
/
install.sh
executable file
·418 lines (370 loc) · 14.1 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
#!/bin/bash
# stop on error
set -e
# stop on undefined
set -u
echo ""
echo "### Setup Script"
echo "Use 'bash install -force' to reinstall each tool."
echo ""
# check if installation is forced
if [ ${#} -eq 1 ]
then
if [ "${1}" == "-force" ]
then
force="1"
else
force="0"
fi
else
force="0"
fi
# define variables
pathToRepo="$(cd "$(dirname "${BASH_SOURCE[0]}" )" && pwd )"
pathToRessources="${pathToRepo}/ressources"
pathToScripts="${pathToRepo}/ressources/modules"
pathToTemplates="${pathToRepo}/ressources/templates"
pathToBuild="${pathToRepo}/build"
pathToConfig="${pathToBuild}/config.json"
pathToTemp="${pathToBuild}/temp"
pathToGit="${pathToBuild}/git"
pathToPython="${pathToBuild}/python-env"
# check if the script is run using sudo
if [ -n "${SUDO_USER:-}" ]
then
pathToHomeDir="/home/${SUDO_USER}"
else
pathToHomeDir="$HOME"
fi
# create temporay path
if [ ! -d ${pathToTemp} ]
then
mkdir ${pathToTemp}
else
rm -rf ${pathToTemp}
mkdir ${pathToTemp}
fi
echo ""
echo "### APT Install"
echo ""
sudo apt update
sudo apt install -y git wget python3 python3-pip python3.11-venv whois curl nmap libimage-exiftool-perl jq dnstwist bc
echo ""
echo "### Write modules.json"
echo ""
# check if all keys are empty
if jq -e 'map(. == "") | all' ${pathToConfig} > /dev/null
then
echo "No API key in ${pathToConfig} found!"
echo "Using API keys leads to more extensive results."
echo "The installation process can later be repeated using additional API keys."
echo "Do you want to continue the installation without using API keys? (y/everything else for no)."
read answer
if [ "${answer}" != "y" ]
then
echo "Abort installation"
exit
fi
fi
# read api keys
bevigilKey=$(jq -r '.bevigil_com' ${pathToConfig})
binaryedgeKey=$(jq -r '.binaryedge_io' ${pathToConfig})
bufferoverKey=$(jq -r '.bufferover_run' ${pathToConfig})
censysKey=$(jq -r '.censys_io' ${pathToConfig})
fullhuntKey=$(jq -r '.fullhunt_io' ${pathToConfig})
githubKey=$(jq -r '.github_com' ${pathToConfig})
grayhatwarfareKey=$(jq -r '.grayhatwarfare_com' ${pathToConfig})
hunterKey=$(jq -r '.hunter_io' ${pathToConfig})
intelxKey=$(jq -r '.intelx_io' ${pathToConfig})
leakixKey=$(jq -r '.leakix_net' ${pathToConfig})
netlasKey=$(jq -r '.netlas_io' ${pathToConfig})
networksdbKey=$(jq -r '.networksdb_io' ${pathToConfig})
onypheKey=$(jq -r '.onyphe_io' ${pathToConfig})
projectdiscoveryKey=$(jq -r '.projectdiscovery_io_key' ${pathToConfig})
projectdiscoveryUser=$(jq -r '.projectdiscovery_io_user' ${pathToConfig})
robtexKey=$(jq -r '.robtex_com' ${pathToConfig})
securitytrailsKey=$(jq -r '.securitytrails_com' ${pathToConfig})
shodanKey=$(jq -r '.shodan_io' ${pathToConfig})
spyonwebKey=$(jq -r '.spyonweb_com' ${pathToConfig})
sslmateKey=$(jq -r '.sslmate_com' ${pathToConfig})
teamsPassword=$(jq -r '.teams_microsoft_com_password' ${pathToConfig})
teamsUser=$(jq -r '.teams_microsoft_com_user' ${pathToConfig})
tombaKeya=$(jq -r '.tomba_io_ta' ${pathToConfig})
tombaKeys=$(jq -r '.tomba_io_ts' ${pathToConfig})
urlscanKey=$(jq -r '.urlscan_io' ${pathToConfig})
validinKey=$(jq -r '.validin_com' ${pathToConfig})
virustotalKey=$(jq -r '.virustotal_com' ${pathToConfig})
xingPassword=$(jq -r '.xing_com_password' ${pathToConfig})
xingUser=$(jq -r '.xing_com_user' ${pathToConfig})
zoomeyeKey=$(jq -r '.zoomeye_hk' ${pathToConfig})
# ' inside xing and teams password
if [[ "${teamsPassword}" == *"'"* ]]
then
echo "No ' inside teams password allowed."
exit 1
fi
if [[ "${xingPassword}" == *"'"* ]]
then
echo "No ' inside xing password allowed."
exit 1
fi
# write config for subfinder
cat > ${pathToBuild}/subfinder.config << EOL
bevigil: [${bevigilKey}]
binaryedge: [${binaryedgeKey}]
bufferover: [${bufferoverKey}]
censys: [${censysKey}]
certspotter: [${sslmateKey}]
chaos: [${projectdiscoveryKey}]
github: [${githubKey}]
hunter: [${hunterKey}]
intelx: [2.intelx.io:${intelxKey}]
leakix: [${leakixKey}]
netlas: [${netlasKey}]
robtex: [${robtexKey}]
securitytrails: [${securitytrailsKey}]
shodan: [${shodanKey}]
virustotal: [${virustotalKey}]
zoomeyeapi: [${zoomeyeKey}]
EOL
# write config for dnsx
if [ -n "${projectdiscoveryKey}" ]
then
if [ ! -d "${pathToHomeDir}/.pdcp" ]
then
mkdir "${pathToHomeDir}/.pdcp"
fi
cat > ${pathToHomeDir}/.pdcp/credentials.yaml << EOL
- username: $(echo "${projectdiscoveryUser}" | cut -d "@" -f 1)
email: ${projectdiscoveryUser}
api-key: ${projectdiscoveryKey}
server: https://api.projectdiscovery.io
EOL
fi
# write api keys, passwords and absolute paths to modules.json
sed -e "s|REPLACE-GITHUB-APIKEY|${githubKey}|g" \
-e "s|REPLACE-GRAYHATWARFARE-APIKEY|${grayhatwarfareKey}|g" \
-e "s|REPLACE-HUNTER-APIKEY|${hunterKey}|g" \
-e "s|REPLACE-RESSOURCE-PATH|${pathToRessources}|g" \
-e "s|REPLACE-MSTEAMS-USER|${teamsUser}|g" \
-e "s|REPLACE-MSTEAMS-PASSWORD|${teamsPassword}|g" \
-e "s|REPLACE-NETWORKSDB-APIKEY|${networksdbKey}|g" \
-e "s|REPLACE-ONYPHE-APIKEY|${onypheKey}|g" \
-e "s|REPLACE-INTELX-APIKEY|${intelxKey}|g" \
-e "s|REPLACE-ROBTEX-APIKEY|${robtexKey}|g" \
-e "s|REPLACE-SECURITYTRAILS-APIKEY|${securitytrailsKey}|g" \
-e "s|REPLACE-SHODAN-APIKEY|${shodanKey}|g" \
-e "s|REPLACE-SPYONWEP-APIKEY|${spyonwebKey}|g" \
-e "s|REPLACE-SUBFINDER-CONFIG|${pathToBuild}/subfinder.config|g" \
-e "s|REPLACE-TOMBATA-APIKEY|${tombaKeya}|g" \
-e "s|REPLACE-TOMBATS-APIKEY|${tombaKeys}|g" \
-e "s|REPLACE-URLSCAN-APIKEY|${urlscanKey}|g" \
-e "s|REPLACE-VALIDIN-APIKEY|${validinKey}|g" \
-e "s|REPLACE-XING-USER|${xingUser}|g" \
-e "s|REPLACE-XING-PASSWORD|${xingPassword}|g" \
-e "s|REPLACE-ZOOMEYE-APIKEY|${zoomeyeKey}|g" \
"${pathToTemplates}/modules.json" > "${pathToTemp}/modules.json"
# last line in modules.json should not contain an API key, because if key is empty, the line will be removed and the JSON syntax is broken
grep -v " '' " "${pathToTemp}/modules.json" > ${pathToBuild}/modules.json
echo ""
echo "### Install Golang tools."
echo ""
# download golang
wget https://golang.google.cn/dl/go1.23.0.linux-amd64.tar.gz -O ${pathToTemp}/go.tar.gz
tar -xf ${pathToTemp}/go.tar.gz -C ${pathToTemp}
rm -r ${pathToTemp}/go.tar.gz
export GOPATH=${pathToTemp}
if ! [ -x "$(command -v spk)" ] || [ "${force}" == "1" ]
then
${pathToTemp}/go/bin/go install github.com/dhn/spk@latest
chmod +x ${pathToTemp}/bin/spk
sudo mv ${pathToTemp}/bin/spk /usr/local/bin
else
echo "spk is installed"
fi
if ! [ -x "$(command -v csprecon)" ] || [ "${force}" == "1" ]
then
${pathToTemp}/go/bin/go install github.com/edoardottt/csprecon/cmd/csprecon@latest
chmod +x ${pathToTemp}/bin/csprecon
sudo mv ${pathToTemp}/bin/csprecon /usr/local/bin
else
echo "csprecon is installed"
fi
if ! [ -x "$(command -v subfinder)" ] || [ "${force}" == "1" ]
then
${pathToTemp}/go/bin/go install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
chmod +x ${pathToTemp}/bin/subfinder
sudo mv ${pathToTemp}/bin/subfinder /usr/local/bin
else
echo "subfinder is installed"
fi
if ! [ -x "$(command -v dnsx)" ] || [ "${force}" == "1" ]
then
${pathToTemp}/go/bin/go install github.com/projectdiscovery/dnsx/cmd/dnsx@latest
chmod +x ${pathToTemp}/bin/dnsx
sudo mv ${pathToTemp}/bin/dnsx /usr/local/bin
else
echo "dnsx is installed"
fi
echo ""
echo "### Compile Binary from Git."
echo ""
git clone https://github.com/blechschmidt/massdns.git ${pathToTemp}/massdns
if ! [ -x "$(command -v massdns)" ] || [ "${force}" == "1" ]
then
cd ${pathToTemp}/massdns && make
chmod +x ${pathToTemp}/massdns/bin/massdns
sudo mv ${pathToTemp}/massdns/bin/massdns /usr/local/bin
cd -
rm -rf ${pathToTemp}/massdns
else
echo "massdns is installed"
fi
echo ""
echo "### Wget compiled binaries."
echo ""
if ! [ -x "$(command -v geckodriver)" ] || [ "${force}" == "1" ]
then
latestGeckodriver=$(curl -sL https://api.github.com/repos/mozilla/geckodriver/releases/latest | jq -r ".tag_name")
wget https://github.com/mozilla/geckodriver/releases/download/${latestGeckodriver}/geckodriver-${latestGeckodriver}-linux64.tar.gz -O ${pathToTemp}/geckodriver.tar.gz
tar -xf ${pathToTemp}/geckodriver.tar.gz -C ${pathToTemp}
chmod +x ${pathToTemp}/geckodriver
sudo mv ${pathToTemp}/geckodriver /usr/local/bin
rm ${pathToTemp}/geckodriver.tar.gz
else
echo "geckodriver is installed"
fi
if ! [ -x "$(command -v gitleaks)" ] || [ "${force}" == "1" ]
then
latestGitleaks=$(curl -sL https://api.github.com/repos/gitleaks/gitleaks/releases/latest | jq -r ".tag_name")
latestGitleaksNoV=$(echo ${latestGitleaks} | sed "s/v//")
wget https://github.com/gitleaks/gitleaks/releases/download/${latestGitleaks}/gitleaks_${latestGitleaksNoV}_linux_x64.tar.gz -O ${pathToTemp}/gitleaks.tar.gz
tar -xf ${pathToTemp}/gitleaks.tar.gz -C ${pathToTemp}
chmod +x ${pathToTemp}/gitleaks
sudo mv ${pathToTemp}/gitleaks /usr/local/bin
rm ${pathToTemp}/README.md ${pathToTemp}/LICENSE ${pathToTemp}/gitleaks.tar.gz
else
echo "gitleaks is installed"
fi
if ! [ -x "$(command -v trufflehog)" ] || [ "${force}" == "1" ]
then
wget https://github.com/trufflesecurity/trufflehog/releases/download/v3.81.9/trufflehog_3.81.9_linux_amd64.tar.gz -O ${pathToTemp}/truffleHog.tar.gz
tar -xf ${pathToTemp}/truffleHog.tar.gz -C ${pathToTemp}
chmod +x ${pathToTemp}/trufflehog
sudo mv ${pathToTemp}/trufflehog /usr/local/bin
rm ${pathToTemp}/README.md ${pathToTemp}/LICENSE ${pathToTemp}/truffleHog.tar.gz
else
echo "trufflehog is installed"
fi
if ! [ -x "$(command -v letItGo)" ] || [ "${force}" == "1" ]
then
latestLetitgo=$(curl -sL https://api.github.com/repos/SecurityRiskAdvisors/letItGo/releases/latest | jq -r ".tag_name")
wget https://github.com/SecurityRiskAdvisors/letItGo/releases/download/${latestLetitgo}/letItGo_${latestLetitgo}_linux_amd64 -O ${pathToTemp}/letItGo
chmod +x ${pathToTemp}/letItGo
sudo mv ${pathToTemp}/letItGo /usr/local/bin
else
echo "letItGo is installed"
fi
if ! [ -x "$(command -v scanrepo)" ] || [ "${force}" == "1" ]
then
wget https://github.com/techjacker/repo-security-scanner/releases/download/0.4.1/repo-security-scanner_0.4.1_Linux_x86_64.tar.gz -O ${pathToTemp}/scanrepo.tar.gz
tar -xf ${pathToTemp}/scanrepo.tar.gz -C ${pathToTemp}
chmod +x ${pathToTemp}/repo-security-scanner
sudo mv ${pathToTemp}/repo-security-scanner /usr/local/bin/scanrepo
rm ${pathToTemp}/scanrepo.tar.gz
else
echo "scanrepo is installed"
fi
if ! [ -x "$(command -v noseyparker)" ] || [ "${force}" == "1" ]
then
wget https://github.com/praetorian-inc/noseyparker/releases/download/v0.19.0/noseyparker-v0.19.0-x86_64-unknown-linux-gnu.tar.gz -O ${pathToTemp}/noseyparker-v0.16.0-x86_64-unknown-linux-gnu.tar.gz
# prevent directory "bin" conflict with "go install"
mkdir ${pathToTemp}/noseyparker
tar -xf ${pathToTemp}/noseyparker-v0.16.0-x86_64-unknown-linux-gnu.tar.gz -C ${pathToTemp}/noseyparker
chmod +x ${pathToTemp}/noseyparker/bin/noseyparker
sudo mv ${pathToTemp}/noseyparker/bin/noseyparker /usr/local/bin
else
echo "noseyparker is installed"
fi
echo ""
echo "### Install Python dependencies"
echo ""
# generate python environment
python3 -m venv ${pathToPython}
source ${pathToPython}/bin/activate
# prepare git directory
if [ ! -d ${pathToGit} ]
then
mkdir ${pathToGit}
else
rm -rf ${pathToGit}
mkdir ${pathToGit}
fi
git clone https://github.com/punk-security/dnsreaper ${pathToGit}/dnsreaper
if ! [ -x "$(command -v dnsreaper)" ] || [ "${force}" == "1" ]
then
${pathToPython}/bin/pip3 install -r ${pathToGit}/dnsreaper/requirements.txt
echo "cd ${pathToGit}/dnsreaper && ${pathToPython}/bin/python3 main.py \"\$@\"" > ${pathToTemp}/dnsreaper
chmod +x ${pathToTemp}/dnsreaper
sudo mv ${pathToTemp}/dnsreaper /usr/local/bin
else
echo "dnsreaper is installed"
fi
git clone https://github.com/MattKeeley/Spoofy ${pathToGit}/Spoofy
if ! [ -x "$(command -v spoofy)" ] || [ "${force}" == "1" ]
then
${pathToPython}/bin/pip3 install -r ${pathToGit}/Spoofy/requirements.txt
echo "cd ${pathToGit}/Spoofy && ${pathToPython}/bin/python3 spoofy.py \"\$@\"" > ${pathToTemp}/spoofy
chmod +x ${pathToTemp}/spoofy
sudo mv ${pathToTemp}/spoofy /usr/local/bin
else
echo "spoofy is installed"
fi
git clone https://github.com/devanshbatham/FavFreak.git ${pathToGit}/FavFreak
if ! [ -x "$(command -v favfreak)" ] || [ "${force}" == "1" ]
then
${pathToPython}/bin/pip3 install -r ${pathToGit}/FavFreak/requirements.txt
echo "cd ${pathToGit}/FavFreak && ${pathToPython}/bin/python3 favfreak.py \"\$@\"" > ${pathToTemp}/favfreak
chmod +x ${pathToTemp}/favfreak
sudo mv ${pathToTemp}/favfreak /usr/local/bin
else
echo "favfreak is installed"
fi
git clone https://github.com/sse-secure-systems/TeamsEnum ${pathToGit}/TeamsEnum
if ! [ -x "$(command -v TeamsEnum)" ] || [ "${force}" == "1" ]
then
${pathToPython}/bin/pip3 install -r ${pathToGit}/TeamsEnum/requirements.txt
echo "cd ${pathToGit}/TeamsEnum && ${pathToPython}/bin/python3 TeamsEnum.py \"\$@\"" > ${pathToTemp}/TeamsEnum
chmod +x ${pathToTemp}/TeamsEnum
sudo mv ${pathToTemp}/TeamsEnum /usr/local/bin
else
echo "TeamsEnum is installed"
fi
echo ""
echo "Copy custom scripts to /usr/local/bin"
# add custom scripts to $PATH
allCustomScripts=$(ls ${pathToScripts})
for scriptName in ${allCustomScripts}
do
fileNameNoExt=$(basename "${scriptName}" | cut -d. -f 1)
fileExtension=$(basename "${scriptName}" | cut -d. -f 2)
if [ "${fileExtension}" == "py" ]
then
# add absolute path to python environment
echo "${pathToPython}/bin/python3 ${pathToScripts}/${scriptName} \"\$@\"" > ${pathToTemp}/${fileNameNoExt}
chmod +x ${pathToTemp}/${fileNameNoExt}
sudo mv ${pathToTemp}/${fileNameNoExt} /usr/local/bin
elif [ "${fileExtension}" == "sh" ]
then
cp ${pathToScripts}/${scriptName} ${pathToTemp}/${fileNameNoExt}
chmod +x ${pathToTemp}/${fileNameNoExt}
sudo mv ${pathToTemp}/${fileNameNoExt} /usr/local/bin
fi
done
# install selenium and lxml
${pathToPython}/bin/pip3 install -U selenium lxml requests
deactivate
# delete temporary directory
sudo rm -rf ${pathToTemp}
echo ""
echo "Done"