• This repository has been archived on 06/Mar/2019
  • Stars
    star
    101
  • Rank 338,166 (Top 7 %)
  • Language
    Python
  • License
    Apache License 2.0
  • Created almost 10 years ago
  • Updated about 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Tagging and annotation framework for scan data

ZTag

Build Status

ZTag is a utility that works in conjunction with ZMap and ZGrab and allows annotating raw scan data with additional metadata (e.g., device models and vulnerabilities) and transforming records. ZTag is used extensively within Censys (https://www.censys.io) to produce the data present in the search engine. However, it can also be run independently with ZMap and ZGrab.

Installation

ZTag follows the standard Python setup.py flow.

python setup.py build
python setup.py install

Basic Usage

ZTag consumes the JSON output from ZGrab scanner and then produces its own JSON output. Most simply, these JSON documents can be piped into ztag. For example, when processing an HTTP ZGrab Scan:

cat http.json | ztag -p 80 -P http -S get

There is a long list of protocol/subprotocol combinations that exist but are not particularly well documented.

More Repositories

1

zmap

ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
C
5,453
star
2

zgrab2

Fast Go Application Scanner
Go
1,726
star
3

zdns

Fast DNS Lookup Library and CLI Tool
Go
920
star
4

zgrab

**DEPRECATED** This project has been replaced by https://github.com/zmap/zgrab2
Go
748
star
5

zlint

X.509 Certificate Linter focused on Web PKI standards and requirements.
Go
356
star
6

zcrypto

Liberal Go TLS + X.509 Library for Research
Go
134
star
7

celerybeat-mongo

A Celery Beat Scheduler that uses MongoDB to store both schedule definitions and status information
Python
126
star
8

go-iptree

GoLang IP Radix Tree
Go
113
star
9

zannotate

Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS)
Go
94
star
10

zbrowse

Headless Chrome-based browser
JavaScript
60
star
11

zcertificate

Command line utility for parsing certificates
Go
59
star
12

zschema

A schema language for JSON documents that allows validation and compilation into various database engines
Python
40
star
13

pybulkwhois

Python framework for manipulating bulk WHOIS data from RIRs
Python
19
star
14

iptree

A space-optimized binary tree for storing IP addresses
C++
13
star
15

constants

Repository of constants used in TLS and X509 parsing
12
star
16

rootfetch

Python egg for fetching common certificate root stores
Python
9
star
17

cachehash

An efficient C hash-table like data structure with static size that evicts LRU object on insertion
C
9
star
18

zson

A python library that allows easily encoding and decoding objects into JSON
Python
7
star
19

zflags

go command line option parser http://godoc.org/github.com/jessevdk/…
Go
6
star
20

website

ZMap's Public Website
HTML
5
star
21

zdb

[deprecated] Backend database for Internet-wide scans
C++
4
star
22

zlint-test-corpus

Test certificates for ZLint CI tests
2
star
23

homebrew-formula

Dependencies not included in standard Homebrew taps
Ruby
1
star