PyPI - moriarty-project - Versions diffs - 0.1.6__py3-none-any.whl - Mend

moriarty-project 0.1.6__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (416) hide show

moriarty/__init__.py +5 -0
moriarty/adapters/__init__.py +0 -0
moriarty/agent/__init__.py +0 -0
moriarty/assets/modules/.gitkeep +0 -0
moriarty/assets/modules/asia/douban.yaml +19 -0
moriarty/assets/modules/asia/kakao.yaml +19 -0
moriarty/assets/modules/asia/line.yaml +19 -0
moriarty/assets/modules/asia/mixi.yaml +19 -0
moriarty/assets/modules/asia/naver.yaml +19 -0
moriarty/assets/modules/asia/qq.yaml +19 -0
moriarty/assets/modules/asia/vk.yaml +19 -0
moriarty/assets/modules/asia/wechat.yaml +19 -0
moriarty/assets/modules/asia/weibo.yaml +19 -0
moriarty/assets/modules/asia/xiaohongshu.yaml +19 -0
moriarty/assets/modules/behance.yaml +47 -0
moriarty/assets/modules/business/crunchbase.yaml +27 -0
moriarty/assets/modules/business/fiverr.yaml +32 -0
moriarty/assets/modules/business/freelancer.yaml +27 -0
moriarty/assets/modules/business/glassdoor.yaml +27 -0
moriarty/assets/modules/business/guru.yaml +26 -0
moriarty/assets/modules/business/indeed.yaml +25 -0
moriarty/assets/modules/business/monster.yaml +25 -0
moriarty/assets/modules/business/peopleperhour.yaml +26 -0
moriarty/assets/modules/business/toptal.yaml +28 -0
moriarty/assets/modules/business/upwork.yaml +27 -0
moriarty/assets/modules/business/ziprecruiter.yaml +25 -0
moriarty/assets/modules/content/buymeacoffee.yaml +27 -0
moriarty/assets/modules/content/gumroad.yaml +27 -0
moriarty/assets/modules/content/ko-fi.yaml +32 -0
moriarty/assets/modules/content/onlyfans.yaml +27 -0
moriarty/assets/modules/content/patreon.yaml +33 -0
moriarty/assets/modules/content/substack.yaml +32 -0
moriarty/assets/modules/creative/500px.yaml +31 -0
moriarty/assets/modules/creative/artstation.yaml +33 -0
moriarty/assets/modules/creative/deviantart.yaml +32 -0
moriarty/assets/modules/creative/flickr.yaml +31 -0
moriarty/assets/modules/creative/pexels.yaml +26 -0
moriarty/assets/modules/creative/unsplash.yaml +26 -0
moriarty/assets/modules/creative/vimeo.yaml +31 -0
moriarty/assets/modules/crypto/binance.yaml +27 -0
moriarty/assets/modules/crypto/bitcointalk.yaml +33 -0
moriarty/assets/modules/crypto/coinbase.yaml +26 -0
moriarty/assets/modules/crypto/etherscan.yaml +32 -0
moriarty/assets/modules/crypto/foundation.yaml +28 -0
moriarty/assets/modules/crypto/kraken.yaml +27 -0
moriarty/assets/modules/crypto/mirror.yaml +27 -0
moriarty/assets/modules/crypto/niftygateway.yaml +26 -0
moriarty/assets/modules/crypto/opensea.yaml +32 -0
moriarty/assets/modules/crypto/rarible.yaml +27 -0
moriarty/assets/modules/crypto/superrare.yaml +29 -0
moriarty/assets/modules/dating/bumble.yaml +25 -0
moriarty/assets/modules/dating/grindr.yaml +27 -0
moriarty/assets/modules/dating/happn.yaml +25 -0
moriarty/assets/modules/dating/her.yaml +27 -0
moriarty/assets/modules/dating/hinge.yaml +25 -0
moriarty/assets/modules/dating/match.yaml +25 -0
moriarty/assets/modules/dating/meetme.yaml +27 -0
moriarty/assets/modules/dating/okcupid.yaml +25 -0
moriarty/assets/modules/dating/pof.yaml +25 -0
moriarty/assets/modules/dating/tinder.yaml +25 -0
moriarty/assets/modules/dating-nsfw/adultfriendfinder.yaml +28 -0
moriarty/assets/modules/dating-nsfw/ashley-madison.yaml +26 -0
moriarty/assets/modules/design/adobe-portfolio.yaml +27 -0
moriarty/assets/modules/design/carbonmade.yaml +27 -0
moriarty/assets/modules/design/cgsociety.yaml +27 -0
moriarty/assets/modules/design/coroflot.yaml +27 -0
moriarty/assets/modules/design/figma.yaml +27 -0
moriarty/assets/modules/design/sketch.yaml +26 -0
moriarty/assets/modules/dev/bitbucket.yaml +35 -0
moriarty/assets/modules/dev/codeforces.yaml +32 -0
moriarty/assets/modules/dev/codepen.yaml +34 -0
moriarty/assets/modules/dev/hackerone.yaml +32 -0
moriarty/assets/modules/dev/hackthebox.yaml +27 -0
moriarty/assets/modules/dev/huggingface.yaml +27 -0
moriarty/assets/modules/dev/kaggle.yaml +32 -0
moriarty/assets/modules/dev/leetcode.yaml +32 -0
moriarty/assets/modules/dev/replit.yaml +31 -0
moriarty/assets/modules/dribbble.yaml +53 -0
moriarty/assets/modules/ecommerce/etsy.yaml +32 -0
moriarty/assets/modules/education/duolingo.yaml +32 -0
moriarty/assets/modules/education/edx.yaml +26 -0
moriarty/assets/modules/education/khanacademy.yaml +26 -0
moriarty/assets/modules/education/lynda.yaml +27 -0
moriarty/assets/modules/education/memrise.yaml +27 -0
moriarty/assets/modules/education/pluralsight.yaml +27 -0
moriarty/assets/modules/education/skillshare.yaml +27 -0
moriarty/assets/modules/education/udacity.yaml +27 -0
moriarty/assets/modules/email/github_email.yaml +40 -0
moriarty/assets/modules/email/gravatar.yaml +23 -0
moriarty/assets/modules/europe/badoo.yaml +19 -0
moriarty/assets/modules/europe/lovoo.yaml +19 -0
moriarty/assets/modules/europe/myspace.yaml +19 -0
moriarty/assets/modules/europe/netlog.yaml +19 -0
moriarty/assets/modules/europe/ok.yaml +19 -0
moriarty/assets/modules/europe/skyrock.yaml +19 -0
moriarty/assets/modules/europe/studivz.yaml +19 -0
moriarty/assets/modules/europe/tuenti.yaml +19 -0
moriarty/assets/modules/europe/viadeo.yaml +19 -0
moriarty/assets/modules/europe/xing.yaml +19 -0
moriarty/assets/modules/fitness/fitbit.yaml +27 -0
moriarty/assets/modules/fitness/garmin.yaml +27 -0
moriarty/assets/modules/fitness/myfitnesspal.yaml +27 -0
moriarty/assets/modules/fitness/strava.yaml +33 -0
moriarty/assets/modules/fitness/zwift.yaml +28 -0
moriarty/assets/modules/food/allrecipes.yaml +27 -0
moriarty/assets/modules/food/tasty.yaml +27 -0
moriarty/assets/modules/food/yelp.yaml +32 -0
moriarty/assets/modules/food/zomato.yaml +28 -0
moriarty/assets/modules/forums/4chan.yaml +26 -0
moriarty/assets/modules/forums/8kun.yaml +26 -0
moriarty/assets/modules/forums/9gag.yaml +26 -0
moriarty/assets/modules/forums/discourse.yaml +26 -0
moriarty/assets/modules/forums/disqus.yaml +31 -0
moriarty/assets/modules/forums/hackernews.yaml +32 -0
moriarty/assets/modules/forums/launchpad.yaml +27 -0
moriarty/assets/modules/forums/phpbb.yaml +25 -0
moriarty/assets/modules/forums/quora.yaml +32 -0
moriarty/assets/modules/forums/serverfault.yaml +27 -0
moriarty/assets/modules/forums/slashdot.yaml +28 -0
moriarty/assets/modules/forums/stackexchange.yaml +32 -0
moriarty/assets/modules/forums/superuser.yaml +27 -0
moriarty/assets/modules/forums/vbulletin.yaml +25 -0
moriarty/assets/modules/forums/xenforo.yaml +25 -0
moriarty/assets/modules/forums-nsfw/kiwifarms.yaml +25 -0
moriarty/assets/modules/forums-nsfw/lolcow.yaml +26 -0
moriarty/assets/modules/gaming/apextracker.yaml +27 -0
moriarty/assets/modules/gaming/battlenet.yaml +26 -0
moriarty/assets/modules/gaming/chess.yaml +30 -0
moriarty/assets/modules/gaming/discord-public.yaml +27 -0
moriarty/assets/modules/gaming/dotabuff.yaml +32 -0
moriarty/assets/modules/gaming/epicgames.yaml +25 -0
moriarty/assets/modules/gaming/faceit.yaml +33 -0
moriarty/assets/modules/gaming/fortnitetracker.yaml +32 -0
moriarty/assets/modules/gaming/gog.yaml +26 -0
moriarty/assets/modules/gaming/itch.yaml +32 -0
moriarty/assets/modules/gaming/kongregate.yaml +25 -0
moriarty/assets/modules/gaming/minecraft.yaml +31 -0
moriarty/assets/modules/gaming/opgg.yaml +32 -0
moriarty/assets/modules/gaming/origin.yaml +26 -0
moriarty/assets/modules/gaming/playstation.yaml +30 -0
moriarty/assets/modules/gaming/roblox.yaml +31 -0
moriarty/assets/modules/gaming/xbox.yaml +25 -0
moriarty/assets/modules/github.yaml +68 -0
moriarty/assets/modules/gitlab.yaml +60 -0
moriarty/assets/modules/instagram.yaml +48 -0
moriarty/assets/modules/latam/fotolog.yaml +27 -0
moriarty/assets/modules/latam/orkut.yaml +26 -0
moriarty/assets/modules/latam/taringa.yaml +27 -0
moriarty/assets/modules/learning/coursera.yaml +26 -0
moriarty/assets/modules/learning/udemy.yaml +26 -0
moriarty/assets/modules/linkedin.yaml +40 -0
moriarty/assets/modules/marketplaces/depop.yaml +28 -0
moriarty/assets/modules/marketplaces/ebay.yaml +32 -0
moriarty/assets/modules/marketplaces/grailed.yaml +27 -0
moriarty/assets/modules/marketplaces/mercari.yaml +26 -0
moriarty/assets/modules/marketplaces/poshmark.yaml +27 -0
moriarty/assets/modules/marketplaces/reverb.yaml +27 -0
moriarty/assets/modules/marketplaces/vinted.yaml +28 -0
moriarty/assets/modules/medium.yaml +44 -0
moriarty/assets/modules/music/audiomack.yaml +26 -0
moriarty/assets/modules/music/bandcamp.yaml +30 -0
moriarty/assets/modules/music/beatport.yaml +28 -0
moriarty/assets/modules/music/deezer.yaml +26 -0
moriarty/assets/modules/music/discogs.yaml +32 -0
moriarty/assets/modules/music/genius.yaml +26 -0
moriarty/assets/modules/music/lastfm.yaml +30 -0
moriarty/assets/modules/music/mixcloud.yaml +26 -0
moriarty/assets/modules/music/reverbnation.yaml +31 -0
moriarty/assets/modules/music/soundcloud.yaml +31 -0
moriarty/assets/modules/music/spotify.yaml +26 -0
moriarty/assets/modules/music/tidal.yaml +26 -0
moriarty/assets/modules/nsfw/adultwork.yaml +27 -0
moriarty/assets/modules/nsfw/bongacams.yaml +28 -0
moriarty/assets/modules/nsfw/cam4.yaml +28 -0
moriarty/assets/modules/nsfw/chaturbate.yaml +28 -0
moriarty/assets/modules/nsfw/clips4sale.yaml +27 -0
moriarty/assets/modules/nsfw/extralunchmoney.yaml +27 -0
moriarty/assets/modules/nsfw/fansly.yaml +28 -0
moriarty/assets/modules/nsfw/fetlife.yaml +28 -0
moriarty/assets/modules/nsfw/iwantclips.yaml +27 -0
moriarty/assets/modules/nsfw/justforfans.yaml +28 -0
moriarty/assets/modules/nsfw/loyalfans.yaml +28 -0
moriarty/assets/modules/nsfw/manyvids.yaml +27 -0
moriarty/assets/modules/nsfw/myfreecams.yaml +28 -0
moriarty/assets/modules/nsfw/niteflirt.yaml +26 -0
moriarty/assets/modules/nsfw/pornhub.yaml +32 -0
moriarty/assets/modules/nsfw/redtube.yaml +27 -0
moriarty/assets/modules/nsfw/stripchat.yaml +28 -0
moriarty/assets/modules/nsfw/xhamster.yaml +27 -0
moriarty/assets/modules/nsfw/xvideos.yaml +27 -0
moriarty/assets/modules/nsfw/youporn.yaml +27 -0
moriarty/assets/modules/photography/eyeem.yaml +25 -0
moriarty/assets/modules/photography/fotki.yaml +25 -0
moriarty/assets/modules/photography/photobucket.yaml +26 -0
moriarty/assets/modules/photography/smugmug.yaml +25 -0
moriarty/assets/modules/photography/vsco.yaml +27 -0
moriarty/assets/modules/pinterest.yaml +40 -0
moriarty/assets/modules/podcasts/anchor.yaml +26 -0
moriarty/assets/modules/podcasts/castbox.yaml +26 -0
moriarty/assets/modules/podcasts/podbean.yaml +26 -0
moriarty/assets/modules/professional/about.yaml +31 -0
moriarty/assets/modules/professional/academia.yaml +27 -0
moriarty/assets/modules/professional/angellist.yaml +27 -0
moriarty/assets/modules/professional/calendly.yaml +26 -0
moriarty/assets/modules/professional/issuu.yaml +27 -0
moriarty/assets/modules/professional/mendeley.yaml +27 -0
moriarty/assets/modules/professional/notion.yaml +27 -0
moriarty/assets/modules/professional/orcid.yaml +27 -0
moriarty/assets/modules/professional/producthunt.yaml +31 -0
moriarty/assets/modules/professional/researchgate.yaml +32 -0
moriarty/assets/modules/professional/scribd.yaml +27 -0
moriarty/assets/modules/professional/slideshare.yaml +31 -0
moriarty/assets/modules/professional/trello.yaml +26 -0
moriarty/assets/modules/professional/typeform.yaml +27 -0
moriarty/assets/modules/reddit.yaml +46 -0
moriarty/assets/modules/regional/amino.yaml +27 -0
moriarty/assets/modules/regional/ask-fm.yaml +32 -0
moriarty/assets/modules/regional/babycenter.yaml +26 -0
moriarty/assets/modules/regional/cafemom.yaml +27 -0
moriarty/assets/modules/regional/care2.yaml +27 -0
moriarty/assets/modules/regional/diaspora.yaml +26 -0
moriarty/assets/modules/regional/ello.yaml +27 -0
moriarty/assets/modules/regional/gaia.yaml +27 -0
moriarty/assets/modules/regional/habbo.yaml +27 -0
moriarty/assets/modules/regional/imvu.yaml +27 -0
moriarty/assets/modules/regional/lemmy.yaml +27 -0
moriarty/assets/modules/regional/peertube.yaml +26 -0
moriarty/assets/modules/regional/pixelfed.yaml +27 -0
moriarty/assets/modules/regional/plurk.yaml +26 -0
moriarty/assets/modules/regional/recroom.yaml +27 -0
moriarty/assets/modules/regional/secondlife.yaml +26 -0
moriarty/assets/modules/regional/vine-archive.yaml +27 -0
moriarty/assets/modules/regional/vrchat.yaml +27 -0
moriarty/assets/modules/regional/weheartit.yaml +27 -0
moriarty/assets/modules/social/anilist.yaml +27 -0
moriarty/assets/modules/social/beacons.yaml +26 -0
moriarty/assets/modules/social/blogger.yaml +27 -0
moriarty/assets/modules/social/crunchyroll.yaml +27 -0
moriarty/assets/modules/social/discord.yaml +27 -0
moriarty/assets/modules/social/dreamwidth.yaml +26 -0
moriarty/assets/modules/social/facebook.yaml +34 -0
moriarty/assets/modules/social/goodreads.yaml +32 -0
moriarty/assets/modules/social/imdb.yaml +27 -0
moriarty/assets/modules/social/kitsu.yaml +27 -0
moriarty/assets/modules/social/letterboxd.yaml +32 -0
moriarty/assets/modules/social/linktree.yaml +26 -0
moriarty/assets/modules/social/livejournal.yaml +27 -0
moriarty/assets/modules/social/mastodon.yaml +30 -0
moriarty/assets/modules/social/minds.yaml +25 -0
moriarty/assets/modules/social/myanimelist.yaml +32 -0
moriarty/assets/modules/social/ravelry.yaml +27 -0
moriarty/assets/modules/social/snapchat.yaml +25 -0
moriarty/assets/modules/social/telegram.yaml +35 -0
moriarty/assets/modules/social/tiktok.yaml +35 -0
moriarty/assets/modules/social/trakt.yaml +28 -0
moriarty/assets/modules/social/wattpad.yaml +32 -0
moriarty/assets/modules/social/wordpress-com.yaml +26 -0
moriarty/assets/modules/sports/espn.yaml +26 -0
moriarty/assets/modules/sports/untappd.yaml +32 -0
moriarty/assets/modules/stackoverflow.yaml +47 -0
moriarty/assets/modules/steam.yaml +47 -0
moriarty/assets/modules/streaming/caffeine.yaml +25 -0
moriarty/assets/modules/streaming/dlive.yaml +27 -0
moriarty/assets/modules/streaming/trovo.yaml +25 -0
moriarty/assets/modules/travel/airbnb.yaml +26 -0
moriarty/assets/modules/travel/booking.yaml +26 -0
moriarty/assets/modules/travel/couchsurfing.yaml +27 -0
moriarty/assets/modules/travel/tripadvisor.yaml +32 -0
moriarty/assets/modules/tumblr.yaml +40 -0
moriarty/assets/modules/twitch.yaml +48 -0
moriarty/assets/modules/twitter.yaml +39 -0
moriarty/assets/modules/youtube.yaml +42 -0
moriarty/assets/templates/cves/CVE-2017-5638.yaml +27 -0
moriarty/assets/templates/cves/CVE-2018-7600.yaml +30 -0
moriarty/assets/templates/cves/CVE-2019-11510.yaml +27 -0
moriarty/assets/templates/cves/CVE-2019-19781.yaml +28 -0
moriarty/assets/templates/cves/CVE-2020-14882.yaml +28 -0
moriarty/assets/templates/cves/CVE-2020-14883.yaml +29 -0
moriarty/assets/templates/cves/CVE-2020-3452.yaml +28 -0
moriarty/assets/templates/cves/CVE-2020-5902.yaml +28 -0
moriarty/assets/templates/cves/CVE-2021-21972.yaml +31 -0
moriarty/assets/templates/cves/CVE-2021-21985.yaml +28 -0
moriarty/assets/templates/cves/CVE-2021-26084.yaml +30 -0
moriarty/assets/templates/cves/CVE-2021-41773.yaml +25 -0
moriarty/assets/templates/cves/CVE-2021-42013.yaml +28 -0
moriarty/assets/templates/cves/CVE-2021-44228.yaml +27 -0
moriarty/assets/templates/cves/CVE-2022-0185.yaml +21 -0
moriarty/assets/templates/cves/CVE-2022-1388.yaml +36 -0
moriarty/assets/templates/cves/CVE-2022-22954.yaml +28 -0
moriarty/assets/templates/cves/CVE-2022-22965.yaml +31 -0
moriarty/assets/templates/cves/CVE-2022-26134.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-22515.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-22527.yaml +29 -0
moriarty/assets/templates/cves/CVE-2023-23752.yaml +33 -0
moriarty/assets/templates/cves/CVE-2023-27350.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-2868.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-34362.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-3519.yaml +28 -0
moriarty/assets/templates/cves/CVE-2023-4966.yaml +27 -0
moriarty/assets/templates/default-logins/admin-weak.yaml +40 -0
moriarty/assets/templates/default-logins/wordpress-default.yaml +38 -0
moriarty/assets/templates/exposures/aws-credentials.yaml +35 -0
moriarty/assets/templates/exposures/backup-files.yaml +36 -0
moriarty/assets/templates/exposures/database-files.yaml +34 -0
moriarty/assets/templates/exposures/docker-exposed.yaml +31 -0
moriarty/assets/templates/exposures/env-exposed.yaml +41 -0
moriarty/assets/templates/exposures/git-exposed.yaml +41 -0
moriarty/assets/templates/exposures/phpinfo.yaml +36 -0
moriarty/assets/templates/exposures/svn-exposed.yaml +28 -0
moriarty/assets/templates/fuzzing/api-endpoints.yaml +39 -0
moriarty/assets/templates/fuzzing/common-files.yaml +37 -0
moriarty/assets/templates/fuzzing/open-redirect-fuzz.yaml +35 -0
moriarty/assets/templates/fuzzing/xss-search-fuzz.yaml +29 -0
moriarty/assets/templates/git-config.yaml +18 -0
moriarty/assets/templates/misconfigurations/cors-misconfiguration.yaml +30 -0
moriarty/assets/templates/misconfigurations/debug-enabled.yaml +29 -0
moriarty/assets/templates/misconfigurations/directory-listing.yaml +33 -0
moriarty/assets/templates/misconfigurations/jwt-none-algo.yaml +30 -0
moriarty/assets/templates/misconfigurations/ssl-tls-weak.yaml +23 -0
moriarty/assets/templates/vulnerabilities/lfi-basic.yaml +31 -0
moriarty/assets/templates/vulnerabilities/open-redirect.yaml +31 -0
moriarty/assets/templates/vulnerabilities/rce-basic.yaml +34 -0
moriarty/assets/templates/vulnerabilities/sqli-error.yaml +39 -0
moriarty/assets/templates/vulnerabilities/ssrf-basic.yaml +31 -0
moriarty/assets/templates/vulnerabilities/xss-reflected.yaml +38 -0
moriarty/assets/templates/vulnerabilities/xxe-basic.yaml +30 -0
moriarty/assets/wordlists/subdomains-1000.txt +1063 -0
moriarty/cli/__init__.py +3 -0
moriarty/cli/app.py +120 -0
moriarty/cli/async_utils.py +19 -0
moriarty/cli/dns.py +83 -0
moriarty/cli/domain_cmd.py +572 -0
moriarty/cli/email.py +383 -0
moriarty/cli/email_investigate.py +224 -0
moriarty/cli/intelligence.py +329 -0
moriarty/cli/output.py +62 -0
moriarty/cli/rdap.py +94 -0
moriarty/cli/state.py +38 -0
moriarty/cli/tls.py +91 -0
moriarty/cli/user.py +227 -0
moriarty/core/cache_backend.py +223 -0
moriarty/core/config_manager.py +303 -0
moriarty/correlator/__init__.py +0 -0
moriarty/data/__init__.py +81 -0
moriarty/data/ioc/__init__.py +142 -0
moriarty/data/ioc/matcher.py +254 -0
moriarty/data/ioc/types.py +267 -0
moriarty/data/local_intelligence.py +507 -0
moriarty/data/signature_loaders/__init__.py +103 -0
moriarty/data/signature_loaders/base.py +54 -0
moriarty/data/signature_loaders/ioc_feed.py +356 -0
moriarty/data/signature_loaders/wappalyzer.py +112 -0
moriarty/dsl/__init__.py +0 -0
moriarty/dsl/loader.py +99 -0
moriarty/dsl/schema.py +47 -0
moriarty/export/__init__.py +0 -0
moriarty/intelligence/__init__.py +27 -0
moriarty/intelligence/__main__.py +150 -0
moriarty/intelligence/config.py +395 -0
moriarty/intelligence/ioc.py +267 -0
moriarty/intelligence/signatures.py +550 -0
moriarty/intelligence/storage.py +501 -0
moriarty/interop/__init__.py +0 -0
moriarty/logging/__init__.py +0 -0
moriarty/logging/config.py +47 -0
moriarty/models/__init__.py +16 -0
moriarty/models/assertion.py +24 -0
moriarty/models/entity.py +22 -0
moriarty/models/evidence.py +37 -0
moriarty/models/relation.py +24 -0
moriarty/models/types.py +28 -0
moriarty/modules/__init__.py +0 -0
moriarty/modules/avatar_hash.py +184 -0
moriarty/modules/directory_fuzzer.py +322 -0
moriarty/modules/dns_scan.py +40 -0
moriarty/modules/domain_scanner.py +620 -0
moriarty/modules/email_check.py +98 -0
moriarty/modules/email_investigate.py +267 -0
moriarty/modules/email_security.py +274 -0
moriarty/modules/googlemaps_lookup.py +106 -0
moriarty/modules/headless_executor.py +201 -0
moriarty/modules/orchestrator.py +60 -0
moriarty/modules/passive_recon.py +444 -0
moriarty/modules/phone_extractor.py +151 -0
moriarty/modules/pipeline_orchestrator.py +726 -0
moriarty/modules/port_scanner.py +129 -0
moriarty/modules/rdap.py +61 -0
moriarty/modules/rdap_extended.py +188 -0
moriarty/modules/stealth_mode.py +610 -0
moriarty/modules/subdomain_discovery.py +595 -0
moriarty/modules/technology_profiler.py +361 -0
moriarty/modules/template_executor.py +239 -0
moriarty/modules/template_scanner.py +1048 -0
moriarty/modules/tls_scan.py +46 -0
moriarty/modules/tls_validator.py +188 -0
moriarty/modules/vuln_scanner.py +483 -0
moriarty/modules/waf_detector.py +585 -0
moriarty/modules/wayback_discovery.py +234 -0
moriarty/modules/web_crawler.py +163 -0
moriarty/net/__init__.py +0 -0
moriarty/net/dns_cache.py +175 -0
moriarty/net/dns_client.py +188 -0
moriarty/net/rdap_client.py +52 -0
moriarty/net/smtp_client.py +114 -0
moriarty/net/tls_client.py +111 -0
moriarty/parsers/__init__.py +0 -0
moriarty/parsers/html_parser.py +136 -0
moriarty/tests/__init__.py +0 -0
moriarty/tests/test_email_service.py +17 -0
moriarty/tests/test_models.py +46 -0
moriarty/tests/test_orchestrator.py +30 -0
moriarty/tests/test_tls_client.py +18 -0
moriarty_project-0.1.6.dist-info/METADATA +388 -0
moriarty_project-0.1.6.dist-info/RECORD +418 -0
moriarty_project-0.1.6.dist-info/WHEEL +4 -0
moriarty_project-0.1.6.dist-info/entry_points.txt +2 -0

moriarty/assets/modules/streaming/dlive.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+site: dlive
+name: DLive
+category:
+  - streaming
+  - crypto
+tags:
+  - streaming
+  - blockchain
+url_template: "https://dlive.tv/{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: css
+    query: ".profile"
+not_found_selectors:
+  - type: regex
+    query: "not found"
+extractors: []
+require_headless: false
+rate_limit_per_second: 1.5
+enabled: true
+nsfw: false

moriarty/assets/modules/streaming/trovo.yaml ADDED Viewed

@@ -0,0 +1,25 @@
+site: trovo
+name: Trovo
+category:
+  - streaming
+tags:
+  - streaming
+url_template: "https://trovo.live/{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: css
+    query: ".profile"
+not_found_selectors:
+  - type: regex
+    query: "not found"
+extractors: []
+require_headless: false
+rate_limit_per_second: 1.5
+enabled: true
+nsfw: false

moriarty/assets/modules/travel/airbnb.yaml ADDED Viewed

@@ -0,0 +1,26 @@
+site: airbnb
+name: Airbnb
+category:
+  - travel
+tags:
+  - travel
+  - hosting
+url_template: "https://www.airbnb.com/users/show/{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: css
+    query: ".profile-header"
+not_found_selectors:
+  - type: regex
+    query: "not found"
+extractors: []
+require_headless: false
+rate_limit_per_second: 1.0
+enabled: true
+nsfw: false

moriarty/assets/modules/travel/booking.yaml ADDED Viewed

@@ -0,0 +1,26 @@
+site: booking
+name: Booking.com
+category:
+  - travel
+tags:
+  - travel
+  - hotels
+url_template: "https://www.booking.com/myprofile/{username}.html"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: css
+    query: ".profile"
+not_found_selectors:
+  - type: regex
+    query: "not found"
+extractors: []
+require_headless: false
+rate_limit_per_second: 1.0
+enabled: true
+nsfw: false

moriarty/assets/modules/travel/couchsurfing.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+site: couchsurfing
+name: Couchsurfing
+category:
+  - travel
+  - social
+tags:
+  - travel
+  - hosting
+url_template: "https://www.couchsurfing.com/people/{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: css
+    query: ".profile-header"
+not_found_selectors:
+  - type: regex
+    query: "not found"
+extractors: []
+require_headless: false
+rate_limit_per_second: 1.5
+enabled: true
+nsfw: false

moriarty/assets/modules/travel/tripadvisor.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+site: tripadvisor
+name: TripAdvisor
+category:
+  - travel
+  - reviews
+tags:
+  - travel
+  - reviews
+url_template: "https://www.tripadvisor.com/members/{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: css
+    query: ".memberProfile"
+not_found_selectors:
+  - type: regex
+    query: "not found"
+extractors:
+  - name: reviews
+    selector:
+      type: css
+      query: ".review-count"
+    required: false
+require_headless: false
+rate_limit_per_second: 1.0
+enabled: true
+nsfw: false

moriarty/assets/modules/tumblr.yaml ADDED Viewed

@@ -0,0 +1,40 @@
+site: tumblr
+name: Tumblr
+category:
+  - social
+  - blog
+tags:
+  - top20
+url_template: "https://{username}.tumblr.com"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: css
+    query: ".blog-title"
+  - type: css
+    query: "[data-blog-name]"
+not_found_selectors:
+  - type: regex
+    query: "There's nothing here"
+  - type: regex
+    query: "Whatever you were looking for doesn't currently exist"
+extractors:
+  - name: title
+    selector:
+      type: css
+      query: ".blog-title"
+    required: false
+  - name: description
+    selector:
+      type: css
+      query: ".blog-description"
+    required: false
+require_headless: false
+rate_limit_per_second: 2.0
+enabled: true

moriarty/assets/modules/twitch.yaml ADDED Viewed

@@ -0,0 +1,48 @@
+site: twitch
+name: Twitch
+category:
+  - social
+  - gaming
+  - video
+tags:
+  - top20
+url_template: "https://www.twitch.tv/{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: regex
+    query: '"login":"[^"]+"'
+not_found_selectors:
+  - type: regex
+    query: "Sorry. Unless you've got a time machine"
+  - type: regex
+    query: "404"
+extractors:
+  - name: username
+    selector:
+      type: regex
+      query: '"login":"([^"]+)"'
+      group: 1
+    required: false
+  - name: display_name
+    selector:
+      type: regex
+      query: '"displayName":"([^"]+)"'
+      group: 1
+    required: false
+  - name: description
+    selector:
+      type: regex
+      query: '"description":"([^"]+)"'
+      group: 1
+    required: false
+require_headless: false
+rate_limit_per_second: 1.5
+enabled: true

moriarty/assets/modules/twitter.yaml ADDED Viewed

@@ -0,0 +1,39 @@
+site: twitter
+name: Twitter/X
+category:
+  - social
+tags:
+  - top20
+url_template: "https://twitter.com/{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: regex
+    query: '"screen_name":"[^"]+"'
+not_found_selectors:
+  - type: regex
+    query: "This account doesn't exist"
+  - type: regex
+    query: "Account suspended"
+extractors:
+  - name: screen_name
+    selector:
+      type: regex
+      query: '"screen_name":"([^"]+)"'
+      group: 1
+    required: false
+  - name: name
+    selector:
+      type: regex
+      query: '"name":"([^"]+)"'
+      group: 1
+    required: false
+require_headless: true
+rate_limit_per_second: 1.0
+enabled: false

moriarty/assets/modules/youtube.yaml ADDED Viewed

@@ -0,0 +1,42 @@
+site: youtube
+name: YouTube
+category:
+  - social
+  - video
+tags:
+  - top20
+url_template: "https://www.youtube.com/@{username}"
+method: GET
+headers:
+  Accept: text/html
+exists_selectors:
+  - type: regex
+    query: '"channelId":"[^"]+"'
+  - type: regex
+    query: '"title":"[^"]+"'
+not_found_selectors:
+  - type: regex
+    query: "This page isn't available"
+  - type: regex
+    query: "404 Not Found"
+extractors:
+  - name: channel_id
+    selector:
+      type: regex
+      query: '"channelId":"([^"]+)"'
+      group: 1
+    required: false
+  - name: title
+    selector:
+      type: regex
+      query: '"title":"([^"]+)"'
+      group: 1
+    required: false
+require_headless: false
+rate_limit_per_second: 2.0
+enabled: true

moriarty/assets/templates/cves/CVE-2017-5638.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+id: cve-2017-5638
+info:
+  name: Apache Struts 2 Remote Code Execution (CVE-2017-5638)
+  author: moriarty
+  severity: critical
+  description: Detects Apache Struts installations exposing the S2-045 OGNL parser error pattern
+  tags: cve,struts,rce
+requests:
+  - method: GET
+    path:
+      - "/struts2-showcase/index.action"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: regex
+        regex:
+          - "Struts Problem Report"
+          - "Struts2"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'ognl.OgnlException') or contains(body, 'No result defined for action')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2018-7600.yaml ADDED Viewed

@@ -0,0 +1,30 @@
+id: cve-2018-7600
+info:
+  name: Drupalgeddon2 Remote Code Execution (CVE-2018-7600)
+  author: moriarty
+  severity: critical
+  description: Detects Drupal instances vulnerable to Drupalgeddon2 via ajax request leakage
+  tags: cve,drupal,rce
+requests:
+  - method: POST
+    path:
+      - "/user/register?element_parents=account/mail/%23value&ajax_form=1"
+    headers:
+      Content-Type: "application/x-www-form-urlencoded"
+    body: "form_id=user_register_form&_drupal_ajax=1"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "form_build_id"
+          - "ajax_html"
+        condition: and
+      - type: dsl
+        dsl:
+          - "contains(body, 'drupal_settings')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2019-11510.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+id: cve-2019-11510
+info:
+  name: Pulse Secure Arbitrary File Read (CVE-2019-11510)
+  author: moriarty
+  severity: critical
+  description: Detects Pulse Secure VPN appliances exposing the HTML5 gateway directory traversal flaw
+  tags: cve,pulse,vpn
+requests:
+  - method: GET
+    path:
+      - "/dana-na/../dana/html5acc/guacamole/"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "Guacamole"
+          - "HTML5"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'Pulse Secure') or contains(header('Set-Cookie') or '', 'DSID')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2019-19781.yaml ADDED Viewed

@@ -0,0 +1,28 @@
+id: cve-2019-19781
+info:
+  name: Citrix ADC Directory Traversal (CVE-2019-19781)
+  author: moriarty
+  severity: critical
+  description: Detects Citrix ADC / Gateway vulnerable path traversal endpoint
+  tags: cve,citrix,traversal
+requests:
+  - method: GET
+    path:
+      - "/vpn/../vpns/portal/scripts/newbm.pl"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+          - 403
+      - type: word
+        words:
+          - "ctx_id"
+          - "newbm.pl"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'Citrix') or contains(header('Set-Cookie') or '', 'NSC_')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2020-14882.yaml ADDED Viewed

@@ -0,0 +1,28 @@
+id: cve-2020-14882
+info:
+  name: Oracle WebLogic Console Path Traversal (CVE-2020-14882)
+  author: moriarty
+  severity: critical
+  description: Detects Oracle WebLogic vulnerable console portal traversal chain
+  tags: cve,weblogic,traversal
+requests:
+  - method: GET
+    path:
+      - "/console/css/%252e%252e%252fconsole.portal"
+      - "/console/images/%252e%252e%252fconsole.portal"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "Oracle WebLogic"
+          - "Console Portal"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'bea.portal.servlet.PortalServlet')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2020-14883.yaml ADDED Viewed

@@ -0,0 +1,29 @@
+id: cve-2020-14883
+info:
+  name: Oracle WebLogic Remote Command Execution (CVE-2020-14883)
+  author: moriarty
+  severity: critical
+  description: Detects Oracle WebLogic installations leaking diagnostic JSP portal via traversal
+  tags: cve,weblogic,rce
+requests:
+  - method: GET
+    path:
+      - "/console/css/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=HomePage1"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "WebLogic Server"
+          - "PortalFramework"
+        condition: or
+      - type: word
+        part: body
+        words:
+          - 'class="loginMessage"'
+        condition: or
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2020-3452.yaml ADDED Viewed

@@ -0,0 +1,28 @@
+id: cve-2020-3452
+info:
+  name: Cisco ASA / FTD Web Services Read (CVE-2020-3452)
+  author: moriarty
+  severity: high
+  description: Detects vulnerable Cisco ASA/FTD devices exposing the translation-table path traversal
+  tags: cve,cisco,traversal
+requests:
+  - method: GET
+    path:
+      - "/+CSCOT+/translation-table?type=mst&textdomain=/%25../"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+          - 404
+      - type: word
+        words:
+          - "<!DOCTYPE html>"
+          - "CSCOE"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'Cisco') or contains(header('Server') or '', 'CSA')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2020-5902.yaml ADDED Viewed

@@ -0,0 +1,28 @@
+id: cve-2020-5902
+info:
+  name: F5 BIG-IP TMUI RCE (CVE-2020-5902)
+  author: moriarty
+  severity: critical
+  description: Detects vulnerable F5 BIG-IP appliances exposing tmshCmd workspace endpoint
+  tags: cve,f5,rce
+requests:
+  - method: GET
+    path:
+      - "/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+          - 401
+      - type: word
+        words:
+          - "tmshCmd.jsp"
+          - "F5 Networks"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'workspace/tmsh') or contains(body, 'REST API Error')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2021-21972.yaml ADDED Viewed

@@ -0,0 +1,31 @@
+id: cve-2021-21972
+info:
+  name: VMware vCenter UploadOVA RCE (CVE-2021-21972)
+  author: moriarty
+  severity: critical
+  description: Detects VMware vCenter vROPS plugin upload endpoint exposure
+  tags: cve,vmware,rce
+requests:
+  - method: POST
+    path:
+      - "/ui/vropspluginui/rest/services/uploadova"
+    headers:
+      Content-Type: "application/json"
+    body: "{}"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 405
+          - 500
+      - type: word
+        part: header
+        words:
+          - "ALLOW"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'UploadFileServlet') or contains(body, 'java.lang.IllegalStateException')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2021-21985.yaml ADDED Viewed

@@ -0,0 +1,28 @@
+id: cve-2021-21985
+info:
+  name: VMware vCenter vSAN Plugin RCE (CVE-2021-21985)
+  author: moriarty
+  severity: critical
+  description: Detects VMware vCenter vSAN plugin unauthenticated proxy endpoint
+  tags: cve,vmware,rce
+requests:
+  - method: GET
+    path:
+      - "/ui/h5-vsan/rest/proxy/service/vmodlContext"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+          - 500
+      - type: word
+        words:
+          - "vmodlContext"
+          - "vmware.vsan.client.services"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'Exception') or contains(body, 'java.lang')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2021-26084.yaml ADDED Viewed

@@ -0,0 +1,30 @@
+id: cve-2021-26084
+info:
+  name: Atlassian Confluence OGNL Injection (CVE-2021-26084)
+  author: moriarty
+  severity: critical
+  description: Detects Confluence endpoints susceptible to OGNL injection via template preview
+  tags: cve,confluence,rce
+requests:
+  - method: POST
+    path:
+      - "/pages/createpage-entervariables.action"
+    headers:
+      Content-Type: "application/x-www-form-urlencoded"
+    body: "queryString=bannerMessage\u003d%27%3Cscript%3E1%3C/script%3E&types=page"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "atlassian-editor"
+          - "ajs-message"
+        condition: or
+      - type: dsl
+        dsl:
+          - "contains(body, 'Confluence')"
+    stop-at-first-match: true

moriarty/assets/templates/cves/CVE-2021-41773.yaml ADDED Viewed

@@ -0,0 +1,25 @@
+id: cve-2021-41773
+info:
+  name: Apache HTTP Server Path Traversal (CVE-2021-41773)
+  author: moriarty
+  severity: high
+  description: Detects Apache HTTP Server 2.4.49 path traversal vulnerability
+  tags: cve,apache,traversal
+requests:
+  - method: GET
+    path:
+      - "/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+      - type: dsl
+        dsl:
+          - "not contains(body, '<html')"
+    stop-at-first-match: true