Forensics, Malware Analysis

Automater – IP URL and MD5 OSINT Analysis

Automater is a URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts. Given a target (URL, IP, or HASH) or a file full of targets Automater will return relevant results from sources like the following: IPvoid.com, Robtex.com, Fortiguard.com, unshorten.me, Urlvoid.com, Labs.alienvault.com, ThreatExpert, VxVault, and VirusTotal.

Options

./Automater.py -h
usage: Automater.py [-h] [-o OUTPUT] [-w WEB] [-c CSV] [-d DELAY] [-s SOURCE]
 
                    [--p]
 
                    target
 
IP, URL, and Hash Passive Analysis tool
 
positional arguments:
 
  target                List one IP Addresses, URL or Hash to query or pass
 
                        the filename of a file containing IP Addresses, URL or
 
                        Hash to query each separated by a newline.
 
optional arguments:
 
  -h, --help            show this help message and exit
 
  -o OUTPUT, --output OUTPUT
 
                        This option will output the results to a file.
 
  -w WEB, --web WEB     This option will output the results to an HTML file.
 
  -c CSV, --csv CSV     This option will output the results to a CSV file.
 
  -d DELAY, --delay DELAY
 
                        This will change the delay to the inputted seconds.
 
                        Default is 2.
 
  -s SOURCE, --source SOURCE
 
                        This option will only run the target against a
 
                        specific source engine to pull associated domains.
 
                        Options are defined in the name attribute of the site
 
                        element in the XML configuration file
 
  --p                   This option tells the program to post information to
 
                        sites that allow posting. By default the program will
 
                        NOT post to sites that require a post.

For more, please visit tool’s website here.

Download
from GitHub

git clone https://github.com/1aN0rmus/TekDefense-Automater /opt/TekDefense-Automater