The AllIntelligence tool allows us to have an overview of possible attack vectors of an organization. As input you provide a domain, from which we will obtain information from two points of view:
-
Technical level: open ports, located services and possible vulnerabilities. Such as email services vulnerable to phishing, vulnerable web technologies (Wordpress, Joomla or other vulnerable CMS) and other affected services.
-
Level of Digital Identity: where we will analyze possible leaks of email information associated with the organization and social networks of these that can provide useful information for an attacker.
All this in order to analyze the amount of information that an attacker could obtain from our organization when making an APT.
To download this project we execute the following commands:
git clone https://github.com/AllPentesting/AllIntelligence.git
cd AllIntelligenceThis will download the current project and create the AllIntelligence folder with the tool.
You can find more information on the Wiki. You can find the code functions documentation in our project's Github Pages at Github Pages LINK
Objectives to achieve:
| Objectives | Status |
|---|---|
| Web interface with Flask |  |
| Shodan API |  |
| Hunter.io API | |
| Dehashed API | |
| MaxMind API | |
| Pipl API | |
| Testing manual | |
| Report generation | |