Belati

Belati - The Traditional Swiss Army Knife For OSINT

Belati is tool for Collecting Public Data & Public Document from Website and other service for OSINT purpose. This tools is inspired by Foca and Datasploit for OSINT :)

Current Version

v0.2.4

Belati In Action

Why I Made this?

Just for learning stuff and OSINT purpose. Correct me if i'm wrong

What Belati can do?

• Interactive command line shell
• Whois(Indonesian TLD Support)
• Banner Grabbing
• Subdomain Enumeration
• Service Scanning for all Subdomain Machine
• Web Appalyzer Support
• DNS mapping / Zone Scanning
• Mail Harvester from Website & Search Engine
• Mail Harvester from MIT PGP Public Key Server
• Scrapping Public Document for Domain from Search Engine
• Fake and Random User Agent ( Prevent from blocking )
• Proxy Support for Harvesting Emails and Documents
• Public Git Finder in domain/subdomain
• Public SVN Finder in domain/subdomain
• Robot.txt Scraper in domain/subdomain
• Gather Public Company Info & Employee
• SQLite3 Database Support for storing Belati Results
• Setup Wizard/Configuration for Belati
• Django Web Management
• Webserver only mode
• Auto Dependency Checker
• Auto Update system
• Document Metadata/Exif Extractor
• Document Author Metadata
• Graph Visualization( On Progress )

TODO

Please see Belati TODO list here -> #12

Library

• python-whois
• Sublist3r
• Subbrute

Requirements

• nmap
• git
• sqlite3
• exiftool

Install/Usage

git clone https://github.com/aancw/Belati.git
cd Belati
git submodule update --init --recursive --remote
pip install --upgrade pip
pip install -r requirements.txt #please use pip with python v2
sudo su
python Belati.py --help

Docker Installation

• Download Dockerfile:

wget https://raw.githubusercontent.com/aancw/Belati/master/Dockerfile

• Execute the following command to create a Docker image locally:

  docker build -t belati . #dot

• To create a container from the image, execute:

  docker run -p 8000:8000 -it belati /bin/bash

• Running Belati

  belati -h

For more info, please refer to this guide: https://github.com/espi0n/Dockerfiles/blob/master/Belati/README.md

Tested On

• Ubuntu 16.04 x86_64
• Arch Linux x86_64
• CentOS 7
• Debian Jessie
• MacOS

Python Requirements

This tool not compatible with Python 3. I need to migrate this later. So use python v2.7 instead!

Why Need Root Privilege?

I've try to avoid using Root Privilege, but nmap need Root Privilege. You can add sudo or other way to run nmap without root privilege. It's your choice ;)

Reference -> https://secwiki.org/w/Running_nmap_as_an_unprivileged_user

Don't worry. Belati still running well when you are run with normal user ;)

Dependencies

• urllib2
• dnspython
• requests
• argparse
• texttable
• python-geoip-geolite2
• python-geoip
• dnsknife
• termcolor
• colorama
• validators
• tqdm
• tldextract
• fake-useragent
• python-wappalyzer
• future
• beautifulsoup4
• python-whois
• futures
• django
• pyexifinfo
• cmd2
• tabulate

Missing Dependencies?

If you are seeing this

$ python Belati.py

            You are missing a module required for Belati. In order to continue using Belati, please install them with:

            `pip install --upgrade --force-reinstall -r requirements.txt`

            or manually install missing modules with:

            `pip install --upgrade --force-reinstall dnspython requests termcolor colorama future beautifulsoup4 futures`

and this

You are using pip version 8.1.2, however version 9.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

Please upgrade pip version and follow the instructions:

pip install --upgrade pip

System Dependencies

For CentOS/Fedora user, please install this:

yum install gcc gmp gmp-devel python-devel

For Debian/Ubuntu user, please install this:

sudo apt-get install nmap git sqlite3 exiftool

Notice

This tool is for educational purposes only. Any damage you make will not affect the author. Do It With Your Own Risk!

Feedback/Suggestion

Feel free to create Issue in this repository or email me at cacaddv [at] gmail.com . Your feedback and suggestion is useful for Belati development progress :)

Contribution

Belati welcomes contribution from everyone. Please see CONTRIBUTING.md

Contributors

Please see CONTRIBUTORS.md and please add your name for credit in that file :)

Thanks To

Thanks to PyWhois Library, Sublist3r, MailHarvester, Emingoo for being part of my code. Also thanks to Hispagatos, Infosec-ninjas, eCHo, RNDC( Research and development center ) and all other people who are inspiring this project :)

Publications

Echo Ezine 31 : http://ezine.echo.or.id/issue31/005.txt - Belati : Collecting Public Data & Public Document for OSINT Purpose - Petruknisme

IDSECCONF 2017 : https://www.slideshare.net/idsecconf/belati-the-traditional-swiss-army-knife-for-osint - Belati: The Traditional Swiss Army Knife for OSINT

License

Author: Aan Wahyu( https://petruknisme.com )

Belati is licensed under GPL V2. You can use, modify, or redistribute this tool under the terms of GNU General Public License (GPLv2). Please see LICENSE for the full license text.