Repository files navigation

♥ Free Software, requires only free accounts to third part services ♥

Lack of knowledge ... that is the problem.

William Edwards Deming

SARENKA is an Open Source Intelligence (OSINT) tool that helps you in obtaining and understandingAttack Surface.

The main goal is gathering information from search engines for Internet-connected devices (https://censys.io/,https://www.shodan.io/,https://www.criminalip.io/ko).It scrapes data about Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and also has a database where CVEs are mapped to CWE.

It returns data about the local machine - local installed software (from Windows Registry), local network information (python libraries, popular cmd commads).

For now, the application also has simple tools like a hash calculator, shannon entropy calculator and very simple port scanner.More cryptography-math tools and reconnaissance scripts are planned.

The app is alive and has been rewritten from scratch on branchdevelop.

• ncybersec
• llllap3xllll
• securityonline.info
• haxf4rall.com
• hackdig.com
• findglocal.com
• 台灣數位國土安全部 - DDHS
• laptrinhx.com
• kitploit.com
• attackware.com
• hacking.land
• cyberfishnews.com
• modernnetsec.io
• spywarenews.com
• cert.europa.eu
• dfir.pro
• iransec.net
• hacker-gadgets.com
• vulners.com
• redpacketsecurity.com
• kali-linuxtr.net
• anonymousmedia.org
• pentesttools.net
• wangshit.xyz
• geekychild.com
• hacker.observer
• nuomiphp.com
• danielonsecurity.com
• haktechs
• cybeseclabs.com
• vk.com
• hacking.reviews
• thehacker.co
• iguru.gr
• en.iguru.gr
• rucore.net
• hackerzzz.com
• my.oschina.net
• kalilinuxtutorials.com
• pintait.com
• osintbrasil.blogspot.com
• wenyanet.com
• federatica.space
• giters.com
• redhotcyber.com
• haktechs.com
• hakin9.org
• www.libhunt.com
• cybersec365.org
• reddit.com user mikeis075
• blackhatethicalhacking.com

• get data fromhttps://censys.io/ by ip
• get data fromhttps://www.shodan.io/ by ip
• get data fromhttps://www.criminalip.io/ by ip
• getDNS data
• getWHOIS data
• banner grabbing
• findCVEs byCWE
• generate pdf report

You can also:

• calculatehashes based on user string
• calculateshannon entropy based on user string
• check isport open|closed (instead always use nmap if you can - it is slow)

Our team tests the application on Windows 10 and Kali Linux with Python 3.8.

SARENKA requires:

• Python

$ git clone https://github.com/pawlaczyk/sarenka.git

$ cd ./sarenka

$ python3 -m venv env

Powershell

$ ./env/Scripts/Activate.ps1

cmd

$ ./env/Scripts/activate.bat

$ pip3 install -r ./requirements.txt

$ python ./sarenka/sarenka.py

####Please create accounts on services:

• https://account.shodan.io/register
• https://censys.io/register

# go to sarenka/sarenka$ python backend/manage.py runserver

#####Add user credentials at "Settings"

• Want some feature, other tool, library functionality?
• Have any idea or question?
• Don't hesitate to contact .

Details in documentation.

• Renderforest
• gawk
• chocolatey
• PyCharm

And of course SARENKA itself is open source with apublic repositoryon GitHub.

• Rewrite documentation in English (end of 2021)
• trello/ github instead of Jira
• Cover 100% code by tests
• typing backend
• document all functions and class
• Docker
• online demo
• Jenkins
• GraphQL
• Selenium Scrapers
• More pentesting tools
• Google Dorks
• Abstract Algebra calculator
• Number Theory calculator
• Server certificate validator
• tests on Linux
• NLP
• d3js visualizations
• alternative pure version for command line

• https://circleci.com/
• https://github.com/snyk-bot

• Kali Linux kali-rolling 2020.2; Python 3.8.2
• Windows 10; Python 3.8.5

Till end of March, 2021 documentation will be available only in Polish!The documentation is availabehere.

SARENKA islicensed under theMIT License.