PyPI - moriarty-project - Versions diffs - 0.1.6__py3-none-any.whl - Mend

moriarty-project 0.1.6__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (416) hide show

moriarty/__init__.py +5 -0
moriarty/adapters/__init__.py +0 -0
moriarty/agent/__init__.py +0 -0
moriarty/assets/modules/.gitkeep +0 -0
moriarty/assets/modules/asia/douban.yaml +19 -0
moriarty/assets/modules/asia/kakao.yaml +19 -0
moriarty/assets/modules/asia/line.yaml +19 -0
moriarty/assets/modules/asia/mixi.yaml +19 -0
moriarty/assets/modules/asia/naver.yaml +19 -0
moriarty/assets/modules/asia/qq.yaml +19 -0
moriarty/assets/modules/asia/vk.yaml +19 -0
moriarty/assets/modules/asia/wechat.yaml +19 -0
moriarty/assets/modules/asia/weibo.yaml +19 -0
moriarty/assets/modules/asia/xiaohongshu.yaml +19 -0
moriarty/assets/modules/behance.yaml +47 -0
moriarty/assets/modules/business/crunchbase.yaml +27 -0
moriarty/assets/modules/business/fiverr.yaml +32 -0
moriarty/assets/modules/business/freelancer.yaml +27 -0
moriarty/assets/modules/business/glassdoor.yaml +27 -0
moriarty/assets/modules/business/guru.yaml +26 -0
moriarty/assets/modules/business/indeed.yaml +25 -0
moriarty/assets/modules/business/monster.yaml +25 -0
moriarty/assets/modules/business/peopleperhour.yaml +26 -0
moriarty/assets/modules/business/toptal.yaml +28 -0
moriarty/assets/modules/business/upwork.yaml +27 -0
moriarty/assets/modules/business/ziprecruiter.yaml +25 -0
moriarty/assets/modules/content/buymeacoffee.yaml +27 -0
moriarty/assets/modules/content/gumroad.yaml +27 -0
moriarty/assets/modules/content/ko-fi.yaml +32 -0
moriarty/assets/modules/content/onlyfans.yaml +27 -0
moriarty/assets/modules/content/patreon.yaml +33 -0
moriarty/assets/modules/content/substack.yaml +32 -0
moriarty/assets/modules/creative/500px.yaml +31 -0
moriarty/assets/modules/creative/artstation.yaml +33 -0
moriarty/assets/modules/creative/deviantart.yaml +32 -0
moriarty/assets/modules/creative/flickr.yaml +31 -0
moriarty/assets/modules/creative/pexels.yaml +26 -0
moriarty/assets/modules/creative/unsplash.yaml +26 -0
moriarty/assets/modules/creative/vimeo.yaml +31 -0
moriarty/assets/modules/crypto/binance.yaml +27 -0
moriarty/assets/modules/crypto/bitcointalk.yaml +33 -0
moriarty/assets/modules/crypto/coinbase.yaml +26 -0
moriarty/assets/modules/crypto/etherscan.yaml +32 -0
moriarty/assets/modules/crypto/foundation.yaml +28 -0
moriarty/assets/modules/crypto/kraken.yaml +27 -0
moriarty/assets/modules/crypto/mirror.yaml +27 -0
moriarty/assets/modules/crypto/niftygateway.yaml +26 -0
moriarty/assets/modules/crypto/opensea.yaml +32 -0
moriarty/assets/modules/crypto/rarible.yaml +27 -0
moriarty/assets/modules/crypto/superrare.yaml +29 -0
moriarty/assets/modules/dating/bumble.yaml +25 -0
moriarty/assets/modules/dating/grindr.yaml +27 -0
moriarty/assets/modules/dating/happn.yaml +25 -0
moriarty/assets/modules/dating/her.yaml +27 -0
moriarty/assets/modules/dating/hinge.yaml +25 -0
moriarty/assets/modules/dating/match.yaml +25 -0
moriarty/assets/modules/dating/meetme.yaml +27 -0
moriarty/assets/modules/dating/okcupid.yaml +25 -0
moriarty/assets/modules/dating/pof.yaml +25 -0
moriarty/assets/modules/dating/tinder.yaml +25 -0
moriarty/assets/modules/dating-nsfw/adultfriendfinder.yaml +28 -0
moriarty/assets/modules/dating-nsfw/ashley-madison.yaml +26 -0
moriarty/assets/modules/design/adobe-portfolio.yaml +27 -0
moriarty/assets/modules/design/carbonmade.yaml +27 -0
moriarty/assets/modules/design/cgsociety.yaml +27 -0
moriarty/assets/modules/design/coroflot.yaml +27 -0
moriarty/assets/modules/design/figma.yaml +27 -0
moriarty/assets/modules/design/sketch.yaml +26 -0
moriarty/assets/modules/dev/bitbucket.yaml +35 -0
moriarty/assets/modules/dev/codeforces.yaml +32 -0
moriarty/assets/modules/dev/codepen.yaml +34 -0
moriarty/assets/modules/dev/hackerone.yaml +32 -0
moriarty/assets/modules/dev/hackthebox.yaml +27 -0
moriarty/assets/modules/dev/huggingface.yaml +27 -0
moriarty/assets/modules/dev/kaggle.yaml +32 -0
moriarty/assets/modules/dev/leetcode.yaml +32 -0
moriarty/assets/modules/dev/replit.yaml +31 -0
moriarty/assets/modules/dribbble.yaml +53 -0
moriarty/assets/modules/ecommerce/etsy.yaml +32 -0
moriarty/assets/modules/education/duolingo.yaml +32 -0
moriarty/assets/modules/education/edx.yaml +26 -0
moriarty/assets/modules/education/khanacademy.yaml +26 -0
moriarty/assets/modules/education/lynda.yaml +27 -0
moriarty/assets/modules/education/memrise.yaml +27 -0
moriarty/assets/modules/education/pluralsight.yaml +27 -0
moriarty/assets/modules/education/skillshare.yaml +27 -0
moriarty/assets/modules/education/udacity.yaml +27 -0
moriarty/assets/modules/email/github_email.yaml +40 -0
moriarty/assets/modules/email/gravatar.yaml +23 -0
moriarty/assets/modules/europe/badoo.yaml +19 -0
moriarty/assets/modules/europe/lovoo.yaml +19 -0
moriarty/assets/modules/europe/myspace.yaml +19 -0
moriarty/assets/modules/europe/netlog.yaml +19 -0
moriarty/assets/modules/europe/ok.yaml +19 -0
moriarty/assets/modules/europe/skyrock.yaml +19 -0
moriarty/assets/modules/europe/studivz.yaml +19 -0
moriarty/assets/modules/europe/tuenti.yaml +19 -0
moriarty/assets/modules/europe/viadeo.yaml +19 -0
moriarty/assets/modules/europe/xing.yaml +19 -0
moriarty/assets/modules/fitness/fitbit.yaml +27 -0
moriarty/assets/modules/fitness/garmin.yaml +27 -0
moriarty/assets/modules/fitness/myfitnesspal.yaml +27 -0
moriarty/assets/modules/fitness/strava.yaml +33 -0
moriarty/assets/modules/fitness/zwift.yaml +28 -0
moriarty/assets/modules/food/allrecipes.yaml +27 -0
moriarty/assets/modules/food/tasty.yaml +27 -0
moriarty/assets/modules/food/yelp.yaml +32 -0
moriarty/assets/modules/food/zomato.yaml +28 -0
moriarty/assets/modules/forums/4chan.yaml +26 -0
moriarty/assets/modules/forums/8kun.yaml +26 -0
moriarty/assets/modules/forums/9gag.yaml +26 -0
moriarty/assets/modules/forums/discourse.yaml +26 -0
moriarty/assets/modules/forums/disqus.yaml +31 -0
moriarty/assets/modules/forums/hackernews.yaml +32 -0
moriarty/assets/modules/forums/launchpad.yaml +27 -0
moriarty/assets/modules/forums/phpbb.yaml +25 -0
moriarty/assets/modules/forums/quora.yaml +32 -0
moriarty/assets/modules/forums/serverfault.yaml +27 -0
moriarty/assets/modules/forums/slashdot.yaml +28 -0
moriarty/assets/modules/forums/stackexchange.yaml +32 -0
moriarty/assets/modules/forums/superuser.yaml +27 -0
moriarty/assets/modules/forums/vbulletin.yaml +25 -0
moriarty/assets/modules/forums/xenforo.yaml +25 -0
moriarty/assets/modules/forums-nsfw/kiwifarms.yaml +25 -0
moriarty/assets/modules/forums-nsfw/lolcow.yaml +26 -0
moriarty/assets/modules/gaming/apextracker.yaml +27 -0
moriarty/assets/modules/gaming/battlenet.yaml +26 -0
moriarty/assets/modules/gaming/chess.yaml +30 -0
moriarty/assets/modules/gaming/discord-public.yaml +27 -0
moriarty/assets/modules/gaming/dotabuff.yaml +32 -0
moriarty/assets/modules/gaming/epicgames.yaml +25 -0
moriarty/assets/modules/gaming/faceit.yaml +33 -0
moriarty/assets/modules/gaming/fortnitetracker.yaml +32 -0
moriarty/assets/modules/gaming/gog.yaml +26 -0
moriarty/assets/modules/gaming/itch.yaml +32 -0
moriarty/assets/modules/gaming/kongregate.yaml +25 -0
moriarty/assets/modules/gaming/minecraft.yaml +31 -0
moriarty/assets/modules/gaming/opgg.yaml +32 -0
moriarty/assets/modules/gaming/origin.yaml +26 -0
moriarty/assets/modules/gaming/playstation.yaml +30 -0
moriarty/assets/modules/gaming/roblox.yaml +31 -0
moriarty/assets/modules/gaming/xbox.yaml +25 -0
moriarty/assets/modules/github.yaml +68 -0
moriarty/assets/modules/gitlab.yaml +60 -0
moriarty/assets/modules/instagram.yaml +48 -0
moriarty/assets/modules/latam/fotolog.yaml +27 -0
moriarty/assets/modules/latam/orkut.yaml +26 -0
moriarty/assets/modules/latam/taringa.yaml +27 -0
moriarty/assets/modules/learning/coursera.yaml +26 -0
moriarty/assets/modules/learning/udemy.yaml +26 -0
moriarty/assets/modules/linkedin.yaml +40 -0
moriarty/assets/modules/marketplaces/depop.yaml +28 -0
moriarty/assets/modules/marketplaces/ebay.yaml +32 -0
moriarty/assets/modules/marketplaces/grailed.yaml +27 -0
moriarty/assets/modules/marketplaces/mercari.yaml +26 -0
moriarty/assets/modules/marketplaces/poshmark.yaml +27 -0
moriarty/assets/modules/marketplaces/reverb.yaml +27 -0
moriarty/assets/modules/marketplaces/vinted.yaml +28 -0
moriarty/assets/modules/medium.yaml +44 -0
moriarty/assets/modules/music/audiomack.yaml +26 -0
moriarty/assets/modules/music/bandcamp.yaml +30 -0
moriarty/assets/modules/music/beatport.yaml +28 -0
moriarty/assets/modules/music/deezer.yaml +26 -0
moriarty/assets/modules/music/discogs.yaml +32 -0
moriarty/assets/modules/music/genius.yaml +26 -0
moriarty/assets/modules/music/lastfm.yaml +30 -0
moriarty/assets/modules/music/mixcloud.yaml +26 -0
moriarty/assets/modules/music/reverbnation.yaml +31 -0
moriarty/assets/modules/music/soundcloud.yaml +31 -0
moriarty/assets/modules/music/spotify.yaml +26 -0
moriarty/assets/modules/music/tidal.yaml +26 -0
moriarty/assets/modules/nsfw/adultwork.yaml +27 -0
moriarty/assets/modules/nsfw/bongacams.yaml +28 -0
moriarty/assets/modules/nsfw/cam4.yaml +28 -0
moriarty/assets/modules/nsfw/chaturbate.yaml +28 -0
moriarty/assets/modules/nsfw/clips4sale.yaml +27 -0
moriarty/assets/modules/nsfw/extralunchmoney.yaml +27 -0
moriarty/assets/modules/nsfw/fansly.yaml +28 -0
moriarty/assets/modules/nsfw/fetlife.yaml +28 -0
moriarty/assets/modules/nsfw/iwantclips.yaml +27 -0
moriarty/assets/modules/nsfw/justforfans.yaml +28 -0
moriarty/assets/modules/nsfw/loyalfans.yaml +28 -0
moriarty/assets/modules/nsfw/manyvids.yaml +27 -0
moriarty/assets/modules/nsfw/myfreecams.yaml +28 -0
moriarty/assets/modules/nsfw/niteflirt.yaml +26 -0
moriarty/assets/modules/nsfw/pornhub.yaml +32 -0
moriarty/assets/modules/nsfw/redtube.yaml +27 -0
moriarty/assets/modules/nsfw/stripchat.yaml +28 -0
moriarty/assets/modules/nsfw/xhamster.yaml +27 -0
moriarty/assets/modules/nsfw/xvideos.yaml +27 -0
moriarty/assets/modules/nsfw/youporn.yaml +27 -0
moriarty/assets/modules/photography/eyeem.yaml +25 -0
moriarty/assets/modules/photography/fotki.yaml +25 -0
moriarty/assets/modules/photography/photobucket.yaml +26 -0
moriarty/assets/modules/photography/smugmug.yaml +25 -0
moriarty/assets/modules/photography/vsco.yaml +27 -0
moriarty/assets/modules/pinterest.yaml +40 -0
moriarty/assets/modules/podcasts/anchor.yaml +26 -0
moriarty/assets/modules/podcasts/castbox.yaml +26 -0
moriarty/assets/modules/podcasts/podbean.yaml +26 -0
moriarty/assets/modules/professional/about.yaml +31 -0
moriarty/assets/modules/professional/academia.yaml +27 -0
moriarty/assets/modules/professional/angellist.yaml +27 -0
moriarty/assets/modules/professional/calendly.yaml +26 -0
moriarty/assets/modules/professional/issuu.yaml +27 -0
moriarty/assets/modules/professional/mendeley.yaml +27 -0
moriarty/assets/modules/professional/notion.yaml +27 -0
moriarty/assets/modules/professional/orcid.yaml +27 -0
moriarty/assets/modules/professional/producthunt.yaml +31 -0
moriarty/assets/modules/professional/researchgate.yaml +32 -0
moriarty/assets/modules/professional/scribd.yaml +27 -0
moriarty/assets/modules/professional/slideshare.yaml +31 -0
moriarty/assets/modules/professional/trello.yaml +26 -0
moriarty/assets/modules/professional/typeform.yaml +27 -0
moriarty/assets/modules/reddit.yaml +46 -0
moriarty/assets/modules/regional/amino.yaml +27 -0
moriarty/assets/modules/regional/ask-fm.yaml +32 -0
moriarty/assets/modules/regional/babycenter.yaml +26 -0
moriarty/assets/modules/regional/cafemom.yaml +27 -0
moriarty/assets/modules/regional/care2.yaml +27 -0
moriarty/assets/modules/regional/diaspora.yaml +26 -0
moriarty/assets/modules/regional/ello.yaml +27 -0
moriarty/assets/modules/regional/gaia.yaml +27 -0
moriarty/assets/modules/regional/habbo.yaml +27 -0
moriarty/assets/modules/regional/imvu.yaml +27 -0
moriarty/assets/modules/regional/lemmy.yaml +27 -0
moriarty/assets/modules/regional/peertube.yaml +26 -0
moriarty/assets/modules/regional/pixelfed.yaml +27 -0
moriarty/assets/modules/regional/plurk.yaml +26 -0
moriarty/assets/modules/regional/recroom.yaml +27 -0
moriarty/assets/modules/regional/secondlife.yaml +26 -0
moriarty/assets/modules/regional/vine-archive.yaml +27 -0
moriarty/assets/modules/regional/vrchat.yaml +27 -0
moriarty/assets/modules/regional/weheartit.yaml +27 -0
moriarty/assets/modules/social/anilist.yaml +27 -0
moriarty/assets/modules/social/beacons.yaml +26 -0
moriarty/assets/modules/social/blogger.yaml +27 -0
moriarty/assets/modules/social/crunchyroll.yaml +27 -0
moriarty/assets/modules/social/discord.yaml +27 -0
moriarty/assets/modules/social/dreamwidth.yaml +26 -0
moriarty/assets/modules/social/facebook.yaml +34 -0
moriarty/assets/modules/social/goodreads.yaml +32 -0
moriarty/assets/modules/social/imdb.yaml +27 -0
moriarty/assets/modules/social/kitsu.yaml +27 -0
moriarty/assets/modules/social/letterboxd.yaml +32 -0
moriarty/assets/modules/social/linktree.yaml +26 -0
moriarty/assets/modules/social/livejournal.yaml +27 -0
moriarty/assets/modules/social/mastodon.yaml +30 -0
moriarty/assets/modules/social/minds.yaml +25 -0
moriarty/assets/modules/social/myanimelist.yaml +32 -0
moriarty/assets/modules/social/ravelry.yaml +27 -0
moriarty/assets/modules/social/snapchat.yaml +25 -0
moriarty/assets/modules/social/telegram.yaml +35 -0
moriarty/assets/modules/social/tiktok.yaml +35 -0
moriarty/assets/modules/social/trakt.yaml +28 -0
moriarty/assets/modules/social/wattpad.yaml +32 -0
moriarty/assets/modules/social/wordpress-com.yaml +26 -0
moriarty/assets/modules/sports/espn.yaml +26 -0
moriarty/assets/modules/sports/untappd.yaml +32 -0
moriarty/assets/modules/stackoverflow.yaml +47 -0
moriarty/assets/modules/steam.yaml +47 -0
moriarty/assets/modules/streaming/caffeine.yaml +25 -0
moriarty/assets/modules/streaming/dlive.yaml +27 -0
moriarty/assets/modules/streaming/trovo.yaml +25 -0
moriarty/assets/modules/travel/airbnb.yaml +26 -0
moriarty/assets/modules/travel/booking.yaml +26 -0
moriarty/assets/modules/travel/couchsurfing.yaml +27 -0
moriarty/assets/modules/travel/tripadvisor.yaml +32 -0
moriarty/assets/modules/tumblr.yaml +40 -0
moriarty/assets/modules/twitch.yaml +48 -0
moriarty/assets/modules/twitter.yaml +39 -0
moriarty/assets/modules/youtube.yaml +42 -0
moriarty/assets/templates/cves/CVE-2017-5638.yaml +27 -0
moriarty/assets/templates/cves/CVE-2018-7600.yaml +30 -0
moriarty/assets/templates/cves/CVE-2019-11510.yaml +27 -0
moriarty/assets/templates/cves/CVE-2019-19781.yaml +28 -0
moriarty/assets/templates/cves/CVE-2020-14882.yaml +28 -0
moriarty/assets/templates/cves/CVE-2020-14883.yaml +29 -0
moriarty/assets/templates/cves/CVE-2020-3452.yaml +28 -0
moriarty/assets/templates/cves/CVE-2020-5902.yaml +28 -0
moriarty/assets/templates/cves/CVE-2021-21972.yaml +31 -0
moriarty/assets/templates/cves/CVE-2021-21985.yaml +28 -0
moriarty/assets/templates/cves/CVE-2021-26084.yaml +30 -0
moriarty/assets/templates/cves/CVE-2021-41773.yaml +25 -0
moriarty/assets/templates/cves/CVE-2021-42013.yaml +28 -0
moriarty/assets/templates/cves/CVE-2021-44228.yaml +27 -0
moriarty/assets/templates/cves/CVE-2022-0185.yaml +21 -0
moriarty/assets/templates/cves/CVE-2022-1388.yaml +36 -0
moriarty/assets/templates/cves/CVE-2022-22954.yaml +28 -0
moriarty/assets/templates/cves/CVE-2022-22965.yaml +31 -0
moriarty/assets/templates/cves/CVE-2022-26134.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-22515.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-22527.yaml +29 -0
moriarty/assets/templates/cves/CVE-2023-23752.yaml +33 -0
moriarty/assets/templates/cves/CVE-2023-27350.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-2868.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-34362.yaml +27 -0
moriarty/assets/templates/cves/CVE-2023-3519.yaml +28 -0
moriarty/assets/templates/cves/CVE-2023-4966.yaml +27 -0
moriarty/assets/templates/default-logins/admin-weak.yaml +40 -0
moriarty/assets/templates/default-logins/wordpress-default.yaml +38 -0
moriarty/assets/templates/exposures/aws-credentials.yaml +35 -0
moriarty/assets/templates/exposures/backup-files.yaml +36 -0
moriarty/assets/templates/exposures/database-files.yaml +34 -0
moriarty/assets/templates/exposures/docker-exposed.yaml +31 -0
moriarty/assets/templates/exposures/env-exposed.yaml +41 -0
moriarty/assets/templates/exposures/git-exposed.yaml +41 -0
moriarty/assets/templates/exposures/phpinfo.yaml +36 -0
moriarty/assets/templates/exposures/svn-exposed.yaml +28 -0
moriarty/assets/templates/fuzzing/api-endpoints.yaml +39 -0
moriarty/assets/templates/fuzzing/common-files.yaml +37 -0
moriarty/assets/templates/fuzzing/open-redirect-fuzz.yaml +35 -0
moriarty/assets/templates/fuzzing/xss-search-fuzz.yaml +29 -0
moriarty/assets/templates/git-config.yaml +18 -0
moriarty/assets/templates/misconfigurations/cors-misconfiguration.yaml +30 -0
moriarty/assets/templates/misconfigurations/debug-enabled.yaml +29 -0
moriarty/assets/templates/misconfigurations/directory-listing.yaml +33 -0
moriarty/assets/templates/misconfigurations/jwt-none-algo.yaml +30 -0
moriarty/assets/templates/misconfigurations/ssl-tls-weak.yaml +23 -0
moriarty/assets/templates/vulnerabilities/lfi-basic.yaml +31 -0
moriarty/assets/templates/vulnerabilities/open-redirect.yaml +31 -0
moriarty/assets/templates/vulnerabilities/rce-basic.yaml +34 -0
moriarty/assets/templates/vulnerabilities/sqli-error.yaml +39 -0
moriarty/assets/templates/vulnerabilities/ssrf-basic.yaml +31 -0
moriarty/assets/templates/vulnerabilities/xss-reflected.yaml +38 -0
moriarty/assets/templates/vulnerabilities/xxe-basic.yaml +30 -0
moriarty/assets/wordlists/subdomains-1000.txt +1063 -0
moriarty/cli/__init__.py +3 -0
moriarty/cli/app.py +120 -0
moriarty/cli/async_utils.py +19 -0
moriarty/cli/dns.py +83 -0
moriarty/cli/domain_cmd.py +572 -0
moriarty/cli/email.py +383 -0
moriarty/cli/email_investigate.py +224 -0
moriarty/cli/intelligence.py +329 -0
moriarty/cli/output.py +62 -0
moriarty/cli/rdap.py +94 -0
moriarty/cli/state.py +38 -0
moriarty/cli/tls.py +91 -0
moriarty/cli/user.py +227 -0
moriarty/core/cache_backend.py +223 -0
moriarty/core/config_manager.py +303 -0
moriarty/correlator/__init__.py +0 -0
moriarty/data/__init__.py +81 -0
moriarty/data/ioc/__init__.py +142 -0
moriarty/data/ioc/matcher.py +254 -0
moriarty/data/ioc/types.py +267 -0
moriarty/data/local_intelligence.py +507 -0
moriarty/data/signature_loaders/__init__.py +103 -0
moriarty/data/signature_loaders/base.py +54 -0
moriarty/data/signature_loaders/ioc_feed.py +356 -0
moriarty/data/signature_loaders/wappalyzer.py +112 -0
moriarty/dsl/__init__.py +0 -0
moriarty/dsl/loader.py +99 -0
moriarty/dsl/schema.py +47 -0
moriarty/export/__init__.py +0 -0
moriarty/intelligence/__init__.py +27 -0
moriarty/intelligence/__main__.py +150 -0
moriarty/intelligence/config.py +395 -0
moriarty/intelligence/ioc.py +267 -0
moriarty/intelligence/signatures.py +550 -0
moriarty/intelligence/storage.py +501 -0
moriarty/interop/__init__.py +0 -0
moriarty/logging/__init__.py +0 -0
moriarty/logging/config.py +47 -0
moriarty/models/__init__.py +16 -0
moriarty/models/assertion.py +24 -0
moriarty/models/entity.py +22 -0
moriarty/models/evidence.py +37 -0
moriarty/models/relation.py +24 -0
moriarty/models/types.py +28 -0
moriarty/modules/__init__.py +0 -0
moriarty/modules/avatar_hash.py +184 -0
moriarty/modules/directory_fuzzer.py +322 -0
moriarty/modules/dns_scan.py +40 -0
moriarty/modules/domain_scanner.py +620 -0
moriarty/modules/email_check.py +98 -0
moriarty/modules/email_investigate.py +267 -0
moriarty/modules/email_security.py +274 -0
moriarty/modules/googlemaps_lookup.py +106 -0
moriarty/modules/headless_executor.py +201 -0
moriarty/modules/orchestrator.py +60 -0
moriarty/modules/passive_recon.py +444 -0
moriarty/modules/phone_extractor.py +151 -0
moriarty/modules/pipeline_orchestrator.py +726 -0
moriarty/modules/port_scanner.py +129 -0
moriarty/modules/rdap.py +61 -0
moriarty/modules/rdap_extended.py +188 -0
moriarty/modules/stealth_mode.py +610 -0
moriarty/modules/subdomain_discovery.py +595 -0
moriarty/modules/technology_profiler.py +361 -0
moriarty/modules/template_executor.py +239 -0
moriarty/modules/template_scanner.py +1048 -0
moriarty/modules/tls_scan.py +46 -0
moriarty/modules/tls_validator.py +188 -0
moriarty/modules/vuln_scanner.py +483 -0
moriarty/modules/waf_detector.py +585 -0
moriarty/modules/wayback_discovery.py +234 -0
moriarty/modules/web_crawler.py +163 -0
moriarty/net/__init__.py +0 -0
moriarty/net/dns_cache.py +175 -0
moriarty/net/dns_client.py +188 -0
moriarty/net/rdap_client.py +52 -0
moriarty/net/smtp_client.py +114 -0
moriarty/net/tls_client.py +111 -0
moriarty/parsers/__init__.py +0 -0
moriarty/parsers/html_parser.py +136 -0
moriarty/tests/__init__.py +0 -0
moriarty/tests/test_email_service.py +17 -0
moriarty/tests/test_models.py +46 -0
moriarty/tests/test_orchestrator.py +30 -0
moriarty/tests/test_tls_client.py +18 -0
moriarty_project-0.1.6.dist-info/METADATA +388 -0
moriarty_project-0.1.6.dist-info/RECORD +418 -0
moriarty_project-0.1.6.dist-info/WHEEL +4 -0
moriarty_project-0.1.6.dist-info/entry_points.txt +2 -0

moriarty/modules/email_check.py ADDED Viewed

@@ -0,0 +1,98 @@
+from __future__ import annotations
+from dataclasses import dataclass
+from typing import List, Optional
+from email_validator import EmailNotValidError, validate_email
+from ..net.dns_client import DNSClient, DNSLookupResult
+from ..net.smtp_client import SMTPClient, SMTPProbeResult
+@dataclass(slots=True)
+class EmailCheckOptions:
+    check_dns: bool = True
+    check_smtp: bool = False
+    from_address: str = "postmaster@localhost"
+    retries: int = 1
+    wait: float = 1.0
+@dataclass(slots=True)
+class EmailCheckResult:
+    input_email: str
+    normalized_email: str
+    local_part: str
+    domain: str
+    dns: Optional[DNSLookupResult]
+    smtp: Optional[SMTPProbeResult]
+    warnings: List[str]
+class EmailCheckService:
+    """Run DNS and SMTP probes for an email address."""
+    def __init__(self, email: str, options: EmailCheckOptions, timeout: float = 8.0) -> None:
+        self._raw_email = email
+        self._options = options
+        self._timeout = timeout
+    async def run(self) -> EmailCheckResult:
+        normalized = self._normalize_email(self._raw_email)
+        domain = normalized["domain"]
+        local_part = normalized["local_part"]
+        warnings: List[str] = []
+        dns_result: Optional[DNSLookupResult] = None
+        if self._options.check_dns:
+            dns_client = DNSClient(timeout=self._timeout)
+            dns_result = await dns_client.lookup_domain(domain)
+            if not dns_result.mx:
+                warnings.append("Domain has no MX records; falling back to A/AAAA for SMTP.")
+        smtp_result: Optional[SMTPProbeResult] = None
+        if self._options.check_smtp:
+            smtp_client = SMTPClient(timeout=self._timeout, wait=self._options.wait, retries=self._options.retries)
+            hosts: List[str] = []
+            if dns_result and dns_result.mx:
+                hosts = [record.exchange.rstrip('.') for record in dns_result.mx]
+            elif dns_result and (dns_result.a or dns_result.aaaa):
+                hosts = [domain]
+            else:
+                hosts = [domain]
+                warnings.append("No DNS information available; SMTP probe will target the domain directly.")
+            smtp_result = await smtp_client.probe(
+                email=normalized["email"],
+                from_address=self._options.from_address,
+                hosts=hosts,
+            )
+        return EmailCheckResult(
+            input_email=self._raw_email,
+            normalized_email=normalized["email"],
+            local_part=local_part,
+            domain=domain,
+            dns=dns_result,
+            smtp=smtp_result,
+            warnings=warnings,
+        )
+    @staticmethod
+    def _normalize_email(raw_email: str) -> dict[str, str]:
+        try:
+            validated = validate_email(raw_email, check_deliverability=False)
+        except EmailNotValidError as exc:
+            raise ValueError(f"Invalid email address: {exc}") from exc
+        normalized_attr = getattr(validated, "normalized", None)
+        normalized_email = (normalized_attr or validated.email).lower()
+        local_part, domain = normalized_email.split("@", 1)
+        return {
+            "email": normalized_email,
+            "local_part": local_part,
+            "domain": domain,
+        }
+__all__ = ["EmailCheckOptions", "EmailCheckResult", "EmailCheckService"]

moriarty/modules/email_investigate.py ADDED Viewed

@@ -0,0 +1,267 @@
+from __future__ import annotations
+import asyncio
+import hashlib
+from dataclasses import dataclass
+from typing import Any, Dict, List, Optional
+import httpx
+import structlog
+from ..models.entity import Entity
+from ..models.types import EntityKind
+logger = structlog.get_logger(__name__)
+@dataclass(slots=True)
+class SocialProfile:
+    """Perfil encontrado em uma plataforma."""
+    platform: str
+    url: str
+    username: Optional[str] = None
+    user_id: Optional[str] = None
+    display_name: Optional[str] = None
+    avatar_url: Optional[str] = None
+    bio: Optional[str] = None
+    verified: bool = False
+    confidence: float = 0.5
+    metadata: Dict[str, Any] = None
+    def __post_init__(self) -> None:
+        if self.metadata is None:
+            self.metadata = {}
+@dataclass(slots=True)
+class EmailInvestigationResult:
+    """Resultado de uma investigação profunda de email."""
+    email: str
+    normalized_email: str
+    domain: str
+    local_part: str
+    # Gravatar
+    gravatar_hash: str
+    gravatar_profile: Optional[Dict[str, Any]] = None
+    gravatar_avatar: Optional[str] = None
+    # Social profiles
+    social_profiles: List[SocialProfile] = None
+    # Breaches
+    breached: bool = False
+    breach_count: int = 0
+    breaches: List[Dict[str, Any]] = None
+    # Linked data
+    phone_numbers: List[str] = None
+    websites: List[str] = None
+    usernames: List[str] = None
+    # Metadata
+    total_platforms_found: int = 0
+    search_timestamp: str = ""
+    def __post_init__(self) -> None:
+        if self.social_profiles is None:
+            self.social_profiles = []
+        if self.breaches is None:
+            self.breaches = []
+        if self.phone_numbers is None:
+            self.phone_numbers = []
+        if self.websites is None:
+            self.websites = []
+        if self.usernames is None:
+            self.usernames = []
+class EmailInvestigator:
+    """Investiga email em múltiplas fontes."""
+    def __init__(self, timeout: float = 8.0, user_agent: Optional[str] = None) -> None:
+        self._timeout = timeout
+        self._user_agent = user_agent or "Moriarty/0.1.0 (OSINT Client)"
+    async def investigate(self, email: str) -> EmailInvestigationResult:
+        """Executa investigação completa."""
+        from datetime import datetime, timezone
+        from email_validator import validate_email
+        # Normaliza
+        validated = validate_email(email, check_deliverability=False)
+        normalized = validated.normalized or validated.email
+        local_part, domain = normalized.lower().split("@", 1)
+        # Gera hash Gravatar
+        gravatar_hash = hashlib.md5(normalized.encode("utf-8")).hexdigest()
+        # Executa investigações em paralelo
+        tasks = [
+            self._check_gravatar(gravatar_hash),
+            self._check_social_profiles_smart(email, local_part),
+            self._check_breaches_anon(email),
+        ]
+        gravatar_data, social_profiles, breach_data = await asyncio.gather(*tasks, return_exceptions=True)
+        # Processa Gravatar
+        gravatar_profile = None
+        gravatar_avatar = None
+        if isinstance(gravatar_data, dict):
+            gravatar_profile = gravatar_data
+            gravatar_avatar = f"https://www.gravatar.com/avatar/{gravatar_hash}?s=200&d=404"
+        # Processa social
+        profiles: List[SocialProfile] = []
+        if isinstance(social_profiles, list):
+            profiles = social_profiles
+        # Processa breaches
+        breached = False
+        breach_count = 0
+        breaches = []
+        if isinstance(breach_data, dict):
+            breached = breach_data.get("breached", False)
+            breach_count = breach_data.get("count", 0)
+            breaches = breach_data.get("breaches", [])
+        # Extrai dados agregados
+        usernames = list(set(p.username for p in profiles if p.username))
+        websites = list(set(p.metadata.get("website") for p in profiles if p.metadata.get("website")))
+        result = EmailInvestigationResult(
+            email=email,
+            normalized_email=normalized,
+            domain=domain,
+            local_part=local_part,
+            gravatar_hash=gravatar_hash,
+            gravatar_profile=gravatar_profile,
+            gravatar_avatar=gravatar_avatar,
+            social_profiles=profiles,
+            breached=breached,
+            breach_count=breach_count,
+            breaches=breaches,
+            phone_numbers=[],
+            websites=websites,
+            usernames=usernames,
+            total_platforms_found=len(profiles),
+            search_timestamp=datetime.now(timezone.utc).isoformat(),
+        )
+        return result
+    async def _check_gravatar(self, gravatar_hash: str) -> Optional[Dict[str, Any]]:
+        """Verifica perfil Gravatar."""
+        url = f"https://www.gravatar.com/{gravatar_hash}.json"
+        try:
+            async with httpx.AsyncClient(timeout=self._timeout, follow_redirects=False) as client:
+                response = await client.get(url)
+                if response.status_code == 200:
+                    data = response.json()
+                    return data.get("entry", [{}])[0] if data.get("entry") else None
+        except Exception:
+            pass
+        return None
+    async def _check_social_profiles_smart(
+        self, email: str, local_part: str
+    ) -> List[SocialProfile]:
+        """Busca inteligente em redes sociais usando templates."""
+        from ..dsl.loader import TemplateLoader
+        from ..modules.template_executor import TemplateExecutor
+        profiles: List[SocialProfile] = []
+        # Carrega templates
+        loader = TemplateLoader()
+        loader.load_builtin()
+        # Filtra apenas templates habilitados
+        templates = [t for t in loader.list_templates() if t.enabled and not t.require_headless]
+        if not templates:
+            return profiles
+        # Executa templates usando local_part como username
+        executor = TemplateExecutor(timeout=self._timeout, user_agent=self._user_agent)
+        # Limita a 20 sites mais relevantes para não demorar muito
+        relevant_templates = templates[:20]
+        semaphore = asyncio.Semaphore(10)  # Max 10 paralelas
+        async def check_site(template: Any) -> Optional[SocialProfile]:
+            async with semaphore:
+                try:
+                    result = await executor.execute(template, {"username": local_part})
+                    if result.exists and result.confidence > 0.5:
+                        # Extrai dados relevantes
+                        profile = SocialProfile(
+                            platform=template.site,
+                            url=result.url,
+                            username=local_part,
+                            display_name=result.extracted.get("name"),
+                            bio=result.extracted.get("bio"),
+                            avatar_url=result.extracted.get("avatar"),
+                            confidence=result.confidence,
+                            metadata={
+                                "website": result.extracted.get("website"),
+                                "location": result.extracted.get("location"),
+                                "followers": result.extracted.get("followers"),
+                            },
+                        )
+                        return profile
+                except Exception:
+                    pass
+            return None
+        tasks = [check_site(t) for t in relevant_templates]
+        results = await asyncio.gather(*tasks, return_exceptions=True)
+        # Filtra resultados válidos
+        for result in results:
+            if isinstance(result, SocialProfile):
+                profiles.append(result)
+        return profiles
+    async def _check_breaches_anon(self, email: str) -> Dict[str, Any]:
+        """Verifica breaches usando HIBP k-anonymity."""
+        # HIBP k-anonymity: hash SHA-1, envia apenas primeiros 5 chars
+        sha1_hash = hashlib.sha1(email.encode("utf-8")).hexdigest().upper()
+        prefix = sha1_hash[:5]
+        suffix = sha1_hash[5:]
+        url = f"https://api.pwnedpasswords.com/range/{prefix}"
+        try:
+            async with httpx.AsyncClient(timeout=self._timeout) as client:
+                response = await client.get(url, headers={"User-Agent": self._user_agent})
+                if response.status_code == 200:
+                    # Procura pelo suffix na resposta
+                    lines = response.text.split("\n")
+                    for line in lines:
+                        if line.startswith(suffix):
+                            count = int(line.split(":")[1])
+                            logger.warning("breach.found", email=email, count=count)
+                            return {
+                                "breached": True,
+                                "count": count,
+                                "breaches": [{"source": "HIBP", "occurrences": count}],
+                            }
+        except Exception as exc:
+            logger.debug("breach.check.error", error=str(exc))
+        return {"breached": False, "count": 0, "breaches": []}
+__all__ = ["EmailInvestigator", "EmailInvestigationResult", "SocialProfile"]

moriarty/modules/email_security.py ADDED Viewed

@@ -0,0 +1,274 @@
+"""Validações avançadas de segurança de email."""
+import asyncio
+import hashlib
+import ssl
+from dataclasses import dataclass
+from typing import List, Optional
+import aiodns
+import httpx
+import structlog
+logger = structlog.get_logger(__name__)
+@dataclass
+class TLSARecord:
+    """Registro TLSA (DANE)."""
+    usage: int
+    selector: int
+    matching_type: int
+    certificate_data: str
+@dataclass
+class ARCResult:
+    """Resultado da validação ARC."""
+    present: bool
+    chain_valid: bool
+    instances: int
+    sealer: Optional[str] = None
+@dataclass
+class TLSGrade:
+    """Avaliação TLS do servidor."""
+    protocol: str  # TLSv1.2, TLSv1.3
+    cipher: str
+    grade: str  # A+, A, B, C, D, F
+    supports_tls13: bool
+    forward_secrecy: bool
+    vulnerabilities: List[str]
+@dataclass
+class GreylistingStatus:
+    """Status de greylisting."""
+    detected: bool
+    retry_after: Optional[int] = None  # segundos
+    temp_fail_code: Optional[int] = None
+class EmailSecurityChecker:
+    """Verifica recursos avançados de segurança de email."""
+    def __init__(self, timeout: float = 10.0):
+        self._timeout = timeout
+        self._resolver = aiodns.DNSResolver(timeout=timeout)
+    async def check_tlsa(self, domain: str, port: int = 25) -> List[TLSARecord]:
+        """
+        Verifica registros TLSA (DANE - DNS-based Authentication of Named Entities).
+        Ex: _25._tcp.mail.example.com
+        """
+        tlsa_domain = f"_{port}._tcp.{domain}"
+        try:
+            logger.info("email.security.tlsa.check", domain=tlsa_domain)
+            result = await self._resolver.query(tlsa_domain, "TLSA")
+            if not isinstance(result, list):
+                return []
+            records = []
+            for record in result:
+                # Formato TLSA: usage selector matching_type certificate_data
+                try:
+                    usage = getattr(record, 'usage', 0)
+                    selector = getattr(record, 'selector', 0)
+                    matching_type = getattr(record, 'matching_type', 0)
+                    cert_data = getattr(record, 'cert', '')
+                    records.append(TLSARecord(
+                        usage=usage,
+                        selector=selector,
+                        matching_type=matching_type,
+                        certificate_data=cert_data,
+                    ))
+                except Exception as e:
+                    logger.warning("email.security.tlsa.parse_error", error=str(e))
+            logger.info("email.security.tlsa.found", domain=tlsa_domain, count=len(records))
+            return records
+        except aiodns.error.DNSError:
+            logger.debug("email.security.tlsa.not_found", domain=tlsa_domain)
+            return []
+    async def check_arc(self, mx_host: str) -> ARCResult:
+        """
+        Verifica suporte a ARC (Authenticated Received Chain).
+        ARC é usado para preservar autenticação através de intermediários.
+        Checamos via headers SMTP ou via consulta ao servidor.
+        """
+        # Simulação - em produção, faria uma conexão SMTP real
+        # e verificaria os headers de uma mensagem test
+        logger.info("email.security.arc.check", mx_host=mx_host)
+        # Por agora, retorna placeholder
+        # TODO: Implementar verificação real via SMTP
+        return ARCResult(
+            present=False,
+            chain_valid=False,
+            instances=0,
+            sealer=None,
+        )
+    async def grade_tls(self, mx_host: str, port: int = 25) -> TLSGrade:
+        """
+        Avalia a qualidade da configuração TLS do servidor SMTP.
+        Verifica:
+        - Versão do protocolo (TLS 1.2, 1.3)
+        - Cipher suites
+        - Forward secrecy
+        - Vulnerabilidades conhecidas
+        """
+        logger.info("email.security.tls_grade.start", mx_host=mx_host, port=port)
+        vulnerabilities = []
+        try:
+            # Cria contexto SSL
+            context = ssl.create_default_context()
+            # Tenta conexão TLS
+            reader, writer = await asyncio.wait_for(
+                asyncio.open_connection(mx_host, port, ssl=context),
+                timeout=self._timeout
+            )
+            # Obtém informações SSL
+            ssl_object = writer.get_extra_info('ssl_object')
+            if ssl_object:
+                protocol = ssl_object.version()
+                cipher = ssl_object.cipher()
+                supports_tls13 = protocol == 'TLSv1.3'
+                # Verifica forward secrecy (PFS)
+                cipher_name = cipher[0] if cipher else ""
+                forward_secrecy = any(fs in cipher_name for fs in ['ECDHE', 'DHE'])
+                # Determina grade
+                if supports_tls13 and forward_secrecy:
+                    grade = "A+"
+                elif protocol == 'TLSv1.2' and forward_secrecy:
+                    grade = "A"
+                elif protocol == 'TLSv1.2':
+                    grade = "B"
+                elif protocol == 'TLSv1.1':
+                    grade = "C"
+                    vulnerabilities.append("TLS 1.1 deprecated")
+                else:
+                    grade = "F"
+                    vulnerabilities.append("Insecure TLS version")
+                # Verifica cipher fraco
+                if cipher_name and ('RC4' in cipher_name or 'DES' in cipher_name):
+                    vulnerabilities.append("Weak cipher detected")
+                    grade = "F"
+                writer.close()
+                await writer.wait_closed()
+                logger.info("email.security.tls_grade.complete", mx_host=mx_host, grade=grade, protocol=protocol)
+                return TLSGrade(
+                    protocol=protocol,
+                    cipher=cipher_name,
+                    grade=grade,
+                    supports_tls13=supports_tls13,
+                    forward_secrecy=forward_secrecy,
+                    vulnerabilities=vulnerabilities,
+                )
+            writer.close()
+            await writer.wait_closed()
+        except Exception as e:
+            logger.warning("email.security.tls_grade.error", mx_host=mx_host, error=str(e))
+        # Fallback: sem TLS
+        return TLSGrade(
+            protocol="None",
+            cipher="",
+            grade="F",
+            supports_tls13=False,
+            forward_secrecy=False,
+            vulnerabilities=["No TLS support detected"],
+        )
+    async def detect_greylisting(self, mx_host: str, sender: str, recipient: str) -> GreylistingStatus:
+        """
+        Detecta se o servidor usa greylisting.
+        Greylisting temporariamente rejeita emails desconhecidos
+        com código 4xx, esperando retry.
+        """
+        logger.info("email.security.greylisting.check", mx_host=mx_host)
+        try:
+            # Faz tentativa SMTP inicial
+            reader, writer = await asyncio.wait_for(
+                asyncio.open_connection(mx_host, 25),
+                timeout=self._timeout
+            )
+            # Lê banner
+            banner = await reader.read(1024)
+            # EHLO
+            writer.write(b"EHLO moriarty.local\r\n")
+            await writer.drain()
+            ehlo_response = await reader.read(1024)
+            # MAIL FROM
+            writer.write(f"MAIL FROM:<{sender}>\r\n".encode())
+            await writer.drain()
+            mail_response = await reader.read(1024)
+            # RCPT TO
+            writer.write(f"RCPT TO:<{recipient}>\r\n".encode())
+            await writer.drain()
+            rcpt_response = await reader.read(1024)
+            writer.write(b"QUIT\r\n")
+            await writer.drain()
+            writer.close()
+            await writer.wait_closed()
+            # Analisa resposta
+            rcpt_str = rcpt_response.decode('utf-8', errors='ignore')
+            # Códigos 4xx indicam erro temporário (greylisting comum)
+            if rcpt_str.startswith('4'):
+                # Extrai código
+                parts = rcpt_str.split()
+                code = int(parts[0]) if parts else 450
+                # Greylisting detectado
+                logger.info("email.security.greylisting.detected", mx_host=mx_host, code=code)
+                return GreylistingStatus(
+                    detected=True,
+                    temp_fail_code=code,
+                    retry_after=300,  # Típico: 5 minutos
+                )
+            logger.info("email.security.greylisting.not_detected", mx_host=mx_host)
+            return GreylistingStatus(detected=False)
+        except Exception as e:
+            logger.warning("email.security.greylisting.error", mx_host=mx_host, error=str(e))
+            return GreylistingStatus(detected=False)
+__all__ = [
+    "EmailSecurityChecker",
+    "TLSARecord",
+    "ARCResult",
+    "TLSGrade",
+    "GreylistingStatus",
+]