OSINT and active reconaissance built into a web application
doxbox is a web application for OSINT and active reconaissance. It leverages various security tools and library APIs in order to conduct info-gathering and threat modeling. Built on top of Flask, it is perfect for self-hosting an instance during auditing.
doxbox currently utilizes Python 2.7.x due to various dependency clashes and depreciation.
Docker:
$ docker build -t doxbox .
$ docker run -d -p 5000:5000 doxbox
Manual:
$ git clone https://github.com/ex0dus-0x/doxbox && cd doxbox
$ # Initialize virtualenv if you wish
$ pip install -r requirements.txt
$ python run.py
Open config.py
. Here, you will see all the environmental variables that the application utilizes. Three important fields you MUST be aware of if you plan to deploy to the web.
GOOGLEMAPS_API_KEY = "YOUR_API_KEY_HERE"
SECRET_KEY = 'SECRET_KEY_HERE'
GOOGLEMAPS_API_KEY
denotes the Google Maps API Key. This is essential for the GeoIP module. You can obtain it here and change the variable accordingly.
SECRET_KEY
is the private key utilized by WTForm's CSRF protection feature. If deployed, change it to your liking.
Comprehensive info-gathering database for target(s). Using this data, the tester will be able to effectively understand their target, which is a critical point in the attacker's kill chain.
- Secure database support, with delete and export (as
.csv
) options
Collects geolocation information on public IP addresses, in order to gather data on physical location during the reconaissance stage of the killchain.
- Google Maps for accurate GeoIP visualization
- API endpoint support
Collections DNS information in the form of metadata, whether it be an address from a WHOIS lookup, or nameservers.
Send a pull request if you feel that anything should be changed, removed, optimized, etc. Issues are also great for reporting bugs.