yasint 0.3.0__tar.gz

yasint-0.3.0/CHANGELOG.md

@@ -0,0 +1,56 @@
+# Changelog
+
+## 0.3.0
+
+- Fetch profile pictures safely and consistently
+- Better cookie handling
+- Add PyPI build metadata
+- Rename project
+- Update README
+- Sunset pictures/
+
+## 0.2.1
+
+- High-level tests
+- Fix Unicode issue in file put()
+- Make relevant cookie loading status explicit with colourised output.
+- Update README
+- Update .gitignore
+
+## 0.2.0
+
+- Implement a case system utilizing timestamps for reports
+- Fix stale `run.py` wrapper to delegate to the package CLI entrypoint.
+- Make zero-lead results explicit in console, TXT, and CSV reports
+- Save auxiliary TXT and CSV evidence reports inside each session folder
+- Show the full per-session reports path in output
+- Fix HTML metadata handling per encodings.
+- Implement test-driven CI/CD.
+
+## 0.1.0
+
+- Fix Cookie handling
+- Turn into a pip-installable package.
+
+## 0.0.8
+
+- Add per-input UTC-timestamped response sessions
+- Save all attempted HTTP responses to session folders
+- Embed response headers in saved HTML output where possible
+- Save non-HTML responses as raw header-plus-body files
+- Track progress by attempted URL hits per session
+
+## 0.0.4
+
+- Fixes to asyncio usage for Python 3.14 (Python 3.8 or higher), while maintaining backwards compatibility.
+- Fix relative import in `__main__.py`
+- Add URLs and request-method information to the final summary
+- Add missing requirements to `requirements.txt`
+- Fix flimsy packaging entrypoint
+- Misc: Create changelog
+- Misc: Update User-Agent
+- Bump version
+
+## 0.0.3
+
+- ...

yasint-0.3.0/LICENCES/MIT-Soxoj.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Soxoj
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

yasint-0.3.0/MANIFEST.in

@@ -0,0 +1,12 @@
+include CHANGELOG.md
+include MANIFEST.in
+include NOTICE
+include PUBLISHING.md
+include README.md
+include requirements.txt
+include requirements-dev.txt
+include run.py
+recursive-include LICENCES *.txt
+recursive-include tests *.py
+global-exclude __pycache__
+global-exclude *.py[cod]

yasint-0.3.0/NOTICE

@@ -0,0 +1,5 @@
+  This project is derived in part from YaSeeker.
+  Portions copyright (c) 2021 Soxoj.
+  Those portions were originally licensed under the MIT License.
+  The MIT License text is reproduced below / in LICENCES/MIT-Soxoj.txt.
+

yasint-0.3.0/PKG-INFO

@@ -0,0 +1,177 @@
+Metadata-Version: 2.4
+Name: yasint
+Version: 0.3.0
+Summary: Yandex profile OSINT tool
+Home-page: https://github.com/TAbdiukov/YaSINT
+Author: Tim Abdiukov
+Project-URL: Source, https://github.com/TAbdiukov/YaSINT
+Project-URL: Issues, https://github.com/TAbdiukov/YaSINT/issues
+Project-URL: Changelog, https://github.com/TAbdiukov/YaSINT/blob/main/CHANGELOG.md
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Information Technology
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Security
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: NOTICE
+License-File: LICENCES/MIT-Soxoj.txt
+Requires-Dist: socid-extractor>=0.0.8
+Requires-Dist: aiohttp>=3.8.0
+Requires-Dist: requests>=2.0.0
+Requires-Dist: charset-normalizer>=2.0.0
+Requires-Dist: termcolor
+Requires-Dist: colorama
+Requires-Dist: tqdm
+Requires-Dist: aiohttp-socks>=0.11.0
+Dynamic: author
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: license-file
+Dynamic: project-url
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+
+# YaSINT
+
+[![GitHub](https://img.shields.io/badge/GitHub-TAbdiukov/YaSINT-black?logo=github)](https://github.com/TAbdiukov/YaSINT)
+[![PyPI Version](https://img.shields.io/pypi/v/YaSINT.svg)](https://pypi.org/project/YaSINT) 
+![License](https://img.shields.io/github/license/TAbdiukov/YaSINT)
+
+[![buymeacoffee](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/tabdiukov)
+
+YaSINT is a command line OSINT ttolkit for looking up public Yandex account information by username, email address, or Yandex public ID.
+
+It is a greatly updated package based on the original YaSeeker project. YaSINT is now intended to be installed as a Python package and run with a command, although it can still be run directly from a source checkout.
+
+## Artifacts
+
+Depending on what public Yandex pages and APIs return, YaSINT may find:
+
+* full name;
+* profile photo or other possible avatar URLs;
+* gender;
+* Yandex UID;
+* Yandex public ID;
+* linked social accounts;
+* public activity information;
+* account flags, such as verified, banned, deleted, restricted, or business status.
+
+Some services return useful information only when valid Yandex cookies are
+provided. See [Cookies](#cookies).
+
+## Installation
+
+Python 3.8 or newer is required.
+
+Install from PyPI:
+
+```bash
+python -m pip install yasint
+```
+
+If you already downloaded the source code, install it from the project directory:
+
+```bash
+python -m pip install .
+```
+
+After installation, the `yasint` command should be available:
+
+```bash
+yasint --version
+```
+
+If you do not want to install the package, you can run it from the source
+directory instead:
+
+```bash
+python -m pip install -r requirements.txt
+python -m yasint login
+```
+
+## Usage
+
+Give YaSINT one or more targets:
+
+```bash
+yasint TARGET
+```
+
+Examples:
+
+```bash
+yasint login
+yasint login@yandex.ru
+yasint c48fhxw0qppa50289r5c9ku4k4
+```
+
+The tool recognises the target type automatically. Email addresses
+are supported. A 26-character value is treated as a Yandex public ID.
+
+For many targets, put one target per line in a text file:
+
+```bash
+yasint --target-list targets.txt
+```
+
+## Results
+
+For every target, YaSINT creates a per-session folder under `reports/`.
+The folder name contains a UTC timestamp and the target value.
+
+```text
+reports/20260101T120000Z_login/
+```
+
+The session folder keeps the evidence collected during the run, including saved
+responses where possible and auxiliary TXT/CSV reports. The console output gives
+you the human-readable summary.
+
+You can also write your own report files:
+
+```bash
+yasint login -oT report.txt -oC report.csv
+```
+
+A `No leads found` result means the checked sources did not return useful
+profile data for that target. It does not prove that the account does not exist.
+
+## Cookies
+
+Some Yandex services require cookies before they return useful API responses.
+YaSINT can read browser cookies exported in Netscape `cookies.txt` format.
+
+1. Log in to Yandex in your browser.
+2. Export your Yandex cookies as `cookies.txt`  ([Chrome](https://chromewebstore.google.com/detail/get-cookiestxt-locally/cclelndahbckbenkjhflpdbgdldlbecc), [Firefox](https://addons.mozilla.org/en-US/firefox/addon/cookies-txt/)).
+3. Put `cookies.txt` in the directory where you run YaSINT.
+4. Run YaSINT normally.
+
+You can also pass a custom cookie file path:
+
+```bash
+yasint login --cookie-jar-file /path/to/cookies.txt
+```
+
+When cookies are loaded, YaSINT prints whether any of them match the
+Yandex domains queried by the tool.
+
+## SOWEL classification
+
+This tool uses the following OSINT techniques:
+
+* [SOTL-1.4. Analyze Internal Identifiers](https://sowel.soxoj.com/internal-identifiers)
+* [SOTL-2.2. Search For Accounts On Other Platforms](https://sowel.soxoj.com/other-platform-accounts)
+* [SOTL-6.1. Check Logins Reuse To Find Another Account](https://sowel.soxoj.com/logins-reuse)
+* [SOTL-6.2. Check Nicknames Reuse To Find Another Account](https://sowel.soxoj.com/nicknames-reuse)

yasint-0.3.0/README.md

@@ -0,0 +1,132 @@
+# YaSINT
+
+[![GitHub](https://img.shields.io/badge/GitHub-TAbdiukov/YaSINT-black?logo=github)](https://github.com/TAbdiukov/YaSINT)
+[![PyPI Version](https://img.shields.io/pypi/v/YaSINT.svg)](https://pypi.org/project/YaSINT) 
+![License](https://img.shields.io/github/license/TAbdiukov/YaSINT)
+
+[![buymeacoffee](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/tabdiukov)
+
+YaSINT is a command line OSINT ttolkit for looking up public Yandex account information by username, email address, or Yandex public ID.
+
+It is a greatly updated package based on the original YaSeeker project. YaSINT is now intended to be installed as a Python package and run with a command, although it can still be run directly from a source checkout.
+
+## Artifacts
+
+Depending on what public Yandex pages and APIs return, YaSINT may find:
+
+* full name;
+* profile photo or other possible avatar URLs;
+* gender;
+* Yandex UID;
+* Yandex public ID;
+* linked social accounts;
+* public activity information;
+* account flags, such as verified, banned, deleted, restricted, or business status.
+
+Some services return useful information only when valid Yandex cookies are
+provided. See [Cookies](#cookies).
+
+## Installation
+
+Python 3.8 or newer is required.
+
+Install from PyPI:
+
+```bash
+python -m pip install yasint
+```
+
+If you already downloaded the source code, install it from the project directory:
+
+```bash
+python -m pip install .
+```
+
+After installation, the `yasint` command should be available:
+
+```bash
+yasint --version
+```
+
+If you do not want to install the package, you can run it from the source
+directory instead:
+
+```bash
+python -m pip install -r requirements.txt
+python -m yasint login
+```
+
+## Usage
+
+Give YaSINT one or more targets:
+
+```bash
+yasint TARGET
+```
+
+Examples:
+
+```bash
+yasint login
+yasint login@yandex.ru
+yasint c48fhxw0qppa50289r5c9ku4k4
+```
+
+The tool recognises the target type automatically. Email addresses
+are supported. A 26-character value is treated as a Yandex public ID.
+
+For many targets, put one target per line in a text file:
+
+```bash
+yasint --target-list targets.txt
+```
+
+## Results
+
+For every target, YaSINT creates a per-session folder under `reports/`.
+The folder name contains a UTC timestamp and the target value.
+
+```text
+reports/20260101T120000Z_login/
+```
+
+The session folder keeps the evidence collected during the run, including saved
+responses where possible and auxiliary TXT/CSV reports. The console output gives
+you the human-readable summary.
+
+You can also write your own report files:
+
+```bash
+yasint login -oT report.txt -oC report.csv
+```
+
+A `No leads found` result means the checked sources did not return useful
+profile data for that target. It does not prove that the account does not exist.
+
+## Cookies
+
+Some Yandex services require cookies before they return useful API responses.
+YaSINT can read browser cookies exported in Netscape `cookies.txt` format.
+
+1. Log in to Yandex in your browser.
+2. Export your Yandex cookies as `cookies.txt`  ([Chrome](https://chromewebstore.google.com/detail/get-cookiestxt-locally/cclelndahbckbenkjhflpdbgdldlbecc), [Firefox](https://addons.mozilla.org/en-US/firefox/addon/cookies-txt/)).
+3. Put `cookies.txt` in the directory where you run YaSINT.
+4. Run YaSINT normally.
+
+You can also pass a custom cookie file path:
+
+```bash
+yasint login --cookie-jar-file /path/to/cookies.txt
+```
+
+When cookies are loaded, YaSINT prints whether any of them match the
+Yandex domains queried by the tool.
+
+## SOWEL classification
+
+This tool uses the following OSINT techniques:
+
+* [SOTL-1.4. Analyze Internal Identifiers](https://sowel.soxoj.com/internal-identifiers)
+* [SOTL-2.2. Search For Accounts On Other Platforms](https://sowel.soxoj.com/other-platform-accounts)
+* [SOTL-6.1. Check Logins Reuse To Find Another Account](https://sowel.soxoj.com/logins-reuse)
+* [SOTL-6.2. Check Nicknames Reuse To Find Another Account](https://sowel.soxoj.com/nicknames-reuse)

yasint-0.3.0/pyproject.toml

@@ -0,0 +1,3 @@
+[build-system]
+requires = ["setuptools>=61", "wheel"]
+build-backend = "setuptools.build_meta"

yasint-0.3.0/requirements-dev.txt

@@ -0,0 +1,9 @@
+-r requirements.txt
+
+black
+build
+coverage
+flake8
+mypy
+pytest
+twine

yasint-0.3.0/requirements.txt

@@ -0,0 +1,8 @@
+socid-extractor>=0.0.8
+aiohttp>=3.8.0
+requests>=2.0.0
+charset-normalizer>=2.0.0
+termcolor
+colorama
+tqdm
+aiohttp-socks>=0.11.0

yasint-0.3.0/run.py

@@ -0,0 +1,5 @@
+#! /usr/bin/env python3
+from yasint.cli import run
+
+if __name__ == "__main__":
+    run()

yasint-0.3.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

yasint-0.3.0/setup.py

@@ -0,0 +1,49 @@
+from setuptools import setup, find_packages
+
+exec(open('yasint/_version.py', encoding='utf-8').read())
+
+with open('requirements.txt', encoding='utf-8') as rf:
+    requires = [
+        line.strip()
+        for line in rf
+        if line.strip() and not line.lstrip().startswith('#')
+    ]
+
+with open('README.md', encoding='utf-8') as fh:
+    long_description = fh.read()
+
+setup(
+    name="yasint",
+    version=__version__,
+    description="Yandex profile OSINT tool",
+    long_description=long_description,
+    long_description_content_type="text/markdown",
+    url="https://github.com/TAbdiukov/YaSINT",
+    author="Tim Abdiukov",
+    entry_points={'console_scripts': ['yasint = yasint.cli:run']},
+    packages=find_packages(),
+    include_package_data=True,
+    install_requires=requires,
+    python_requires=">=3.8",
+    license_files=["NOTICE", "LICENCES/MIT-Soxoj.txt"],
+    project_urls={
+        "Source": "https://github.com/TAbdiukov/YaSINT",
+        "Issues": "https://github.com/TAbdiukov/YaSINT/issues",
+        "Changelog": "https://github.com/TAbdiukov/YaSINT/blob/main/CHANGELOG.md",
+    },
+    classifiers=[
+        "Environment :: Console",
+        'Intended Audience :: Information Technology',
+        "Operating System :: OS Independent",
+        "Programming Language :: Python :: 3",
+        "Programming Language :: Python :: 3 :: Only",
+        "Programming Language :: Python :: 3.8",
+        "Programming Language :: Python :: 3.9",
+        "Programming Language :: Python :: 3.10",
+        "Programming Language :: Python :: 3.11",
+        "Programming Language :: Python :: 3.12",
+        "Programming Language :: Python :: 3.13",
+        "Programming Language :: Python :: 3.14",
+        "Topic :: Security",
+    ],
+)

yasint-0.3.0/tests/test_cli_hilevel.py

@@ -0,0 +1,195 @@
+import csv
+import io
+import sys
+
+import pytest
+
+import yasint.cli as cli
+
+
+PUBLIC_ID = 'c48fhxw0qppa50289r5c9ku4k4'
+
+
+def _no_lead_results(input_data):
+    return [
+        cli.OutputDataList(
+            item,
+            [cli.OutputData(item.value, {'platform': 'Music'}, None)],
+            session_dir='',
+        )
+        for item in input_data
+    ]
+
+
+def _lead_results(input_data, session_dir=''):
+    return [
+        cli.OutputDataList(
+            item,
+            [cli.OutputData(item.value, {'platform': 'Music', 'username': item.value}, None)],
+            session_dir=session_dir,
+        )
+        for item in input_data
+    ]
+
+
+class FakeProcessor:
+    instances = []
+    result_builder = _no_lead_results
+
+    def __init__(self, *args, **kwargs):
+        self.args = args
+        self.kwargs = kwargs
+        self.input_data = None
+        self.closed = False
+        type(self).instances.append(self)
+
+    async def process(self, input_data):
+        self.input_data = input_data
+        return type(self).result_builder(input_data)
+
+    async def close(self):
+        self.closed = True
+
+
+@pytest.fixture()
+def fake_processor(monkeypatch):
+    FakeProcessor.instances = []
+    FakeProcessor.result_builder = _no_lead_results
+    monkeypatch.setattr(cli, 'Processor', FakeProcessor)
+    return FakeProcessor
+
+
+def test_run_exits_without_targets(monkeypatch, capsys, fake_processor):
+    monkeypatch.setattr(sys, 'argv', ['yasint'])
+
+    with pytest.raises(SystemExit) as exc_info:
+        cli.run()
+
+    assert exc_info.value.code == 1
+    assert fake_processor.instances == []
+    assert 'There are no targets to check!' in capsys.readouterr().out
+
+
+def test_run_processes_positional_targets_and_closes_processor(monkeypatch, capsys, fake_processor):
+    monkeypatch.setattr(
+        sys,
+        'argv',
+        [
+            'yasint',
+            '--no-progressbar',
+            '--no-color',
+            '--proxy',
+            'socks5://127.0.0.1:1080',
+            '--cookie-jar-file',
+            'cookies.txt',
+            'login',
+            PUBLIC_ID,
+        ],
+    )
+
+    cli.run()
+
+    assert len(fake_processor.instances) == 1
+    processor = fake_processor.instances[0]
+    assert processor.kwargs == {
+        'no_progressbar': True,
+        'no_color': True,
+        'proxy': 'socks5://127.0.0.1:1080',
+        'cookie_file': 'cookies.txt',
+    }
+    assert [(i.value, i.identifier_type) for i in processor.input_data] == [
+        ('login', 'username'),
+        (PUBLIC_ID, 'yandex_public_id'),
+    ]
+    assert processor.closed is True
+
+    out = capsys.readouterr().out
+    assert 'Target: login (username)' in out
+    assert f'Target: {PUBLIC_ID} (yandex_public_id)' in out
+    assert out.count('Leads found: 0') == 2
+    assert 'Total leads found: 0' in out
+
+
+def test_run_reads_targets_from_stdin(monkeypatch, fake_processor):
+    monkeypatch.setattr(sys, 'argv', ['yasint', '--targets-from-stdin', '--silent', '--no-progressbar'])
+    monkeypatch.setattr(sys, 'stdin', io.StringIO('alpha\nbeta@yandex.ru\n'))
+
+    cli.run()
+
+    processor = fake_processor.instances[0]
+    assert [(i.value, i.identifier_type) for i in processor.input_data] == [
+        ('alpha', 'username'),
+        ('beta', 'username'),
+    ]
+    assert processor.closed is True
+
+
+def test_run_reads_target_list_and_writes_requested_reports(monkeypatch, capsys, tmp_path, fake_processor):
+    target_file = tmp_path / 'targets.txt'
+    txt_file = tmp_path / 'report.txt'
+    csv_file = tmp_path / 'report.csv'
+    target_file.write_text('login\nperson@yandex.ru\n', encoding='utf-8')
+    fake_processor.result_builder = _lead_results
+    monkeypatch.setattr(
+        sys,
+        'argv',
+        [
+            'yasint',
+            '--target-list',
+            str(target_file),
+            '--silent',
+            '--no-progressbar',
+            '-oT',
+            str(txt_file),
+            '-oC',
+            str(csv_file),
+        ],
+    )
+
+    cli.run()
+
+    processor = fake_processor.instances[0]
+    assert [i.value for i in processor.input_data] == ['login', 'person']
+
+    out = capsys.readouterr().out
+    assert 'Target:' not in out
+    assert f'Results were saved to file {csv_file}' in out
+    assert f'Results were saved to file {txt_file}' in out
+
+    text = txt_file.read_text()
+    assert 'Target: login (username)' in text
+    assert 'Target: person (username)' in text
+    assert 'Leads found: 1' in text
+    assert 'Requests:' in text
+    assert 'Music: GET https://music.yandex.ru/handlers/library.jsx?owner=login' in text
+
+    with csv_file.open(newline='') as f:
+        rows = list(csv.DictReader(f))
+
+    assert [row['Target'] for row in rows] == ['login (username)', 'person (username)']
+    assert [row['Leads Found'] for row in rows] == ['Yes', 'Yes']
+    assert [row['Username'] for row in rows] == ['login', 'person']
+
+
+def test_run_writes_auxiliary_reports_for_session_outputs(monkeypatch, capsys, tmp_path, fake_processor):
+    session_dir = tmp_path / 'reports' / 'session'
+    session_dir.mkdir(parents=True)
+
+    def session_results(input_data):
+        return _lead_results(input_data, session_dir=str(session_dir))
+
+    fake_processor.result_builder = session_results
+    monkeypatch.setattr(sys, 'argv', ['yasint', '--no-progressbar', '--no-color', 'login'])
+
+    cli.run()
+
+    aux_txt = session_dir / 'auxiliary_report.txt'
+    aux_csv = session_dir / 'auxiliary_report.csv'
+    assert aux_txt.exists()
+    assert aux_csv.exists()
+    assert f'Reports session: {session_dir}' in aux_txt.read_text()
+
+    out = capsys.readouterr().out
+    assert f'Reports session: {session_dir}' in out
+    assert f'Results were saved to file {aux_txt}' in out
+    assert f'Results were saved to file {aux_csv}' in out