• Skip to content
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Google Dorks
  • Shodan Queries
  • Malware Sources

PenTestIT

Your source for all things Information Security!

You are here: Home / OSINT / [SHORT POST] cignotrack: A Simple Metadata Analyzer!

[SHORT POST] cignotrack: A Simple Metadata Analyzer!

Posted: 10 months ago by @pentestit 2165 views

This short post is about a simple tool named cignotrack, which comes close on the heels of my older posts about tools such as Belati, DataSploit and PowerMeta. This open source script helps you test a domains privacy settings and track their social media presence.

Cignotrack

What is cignotrack?

Cignotrack is an open source bash script that helps you get whois information, metadata from documents and social media presence of the targeted domain. The script starts by running a whois query for the domain while saving it to the drive and then grepping output such as the domain registrant name, email, city, address and phone number. It then launches a Google site search for .pdf files and while saving that data in textual format in the “analysis” directory. This document is then processed with the exiftool to get information such as the camera model name, make, serial number, make, latitude and longitude data, software, etc. This text data is then converted to PDF using the pdftotext tool for finding email addresses and IP address information. Another wget request is sent this time for image files, which are then processed for the metadata they hold leveraging the links2 tool. This data is then grepped for links to sites such as Twitter, Facebook, LinkedIn, etc. and if any related data is found another Google request is fired to find social media accounts related to the domain.
There is a lot that can be done to develop this tool further as in my analysis, the tool went into a loop searching for images. Secondly the EXIF information functionality does not work. Hope the author implements a “depth” functionality and improves this simple script!

Installing cignotrack:

Since this is a bash script, it works only on *NIX systems. Installation is pretty simple and can be begun by installing the tool dependencies mentioned above –

sudo apt-get install links2 whois libimage-exiftool-perl poppler-utils

Post this step, all that remains is getting cignotrack v1.0.2 from the GIT repository from here to run:

bash cignotrack.sh
Share this post on:
witteracebookhatsAppoogle+ufferLinkedin It

Related Posts on PenTestIT:

  • List of Adversary Emulation Tools
  • cFirecFire: IP Discovery for Domains behind Cloudflare
  • MBRFilter-Not-InstalledHow to: Uninstall MBRFilter?
  • Automated Penetration Testing Toolkit UPDATE: APT2 v1.0-20170613!Automated Penetration Testing Toolkit UPDATE: APT2 v1.0-20170613!

Filed Under: Open Source, OSINT Tagged With: Bash, Belati, cignotrack, DataSploit, ExifTool, LinkedIn, Metadata, OSINT, PowerMeta, Prowl, Short Post

Reader Interactions

Primary Sidebar

Recent Posts

  • List of Adversary Emulation Tools
  • UPDATE: OWASP Dependency-Check 3.1.2
  • AutoSploit = Shodan/Censys/Zoomeye + Metasploit
  • Apache JMeter RMI Code Execution PoC (CVE-2018-1297)
  • UPDATE: Prowler 2.0 Beta

Featured Post

List of Adversary Emulation Tools

List of Adversary Emulation Tools

April 15, 2018 By Black Leave a Comment

Every once in a while, the security industry brings forth a new buzz word and introduces terminologies that sound über cool and generate lot’s of interest. One such word going around now-a-days is automated “adversary emulation“. Let’s first understand what this really means. Adversary emulation/simulation offers a method to test a network’s resilience against anRead more about List of Adversary Emulation Tools

Secondary Sidebar

Categories

  • Docker Security
  • Fuzzing
  • Malware Analysis
  • Open Source
  • OSINT
  • Penetration Testing
  • Reverse Engineering
  • Site News
  • Tool Updates
  • Tools
  • Vulnerability Assessment
  • Web Application Security
  • Wireless

Archives

  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017

Tags

Anchore APT2 Brute Force CloudFlare Cross-Site Scripting Cuckoo Sandbox DataSploit docker dockerscan docker scan FOCA Kali Linux Local File Inclusion malware malware analysis man-in-the-middle Metadata Metasploit Microsoft Windows MicroSploit Nmap open source OSINT OSRFramework OWASP OWASP Dependency-Check penetration testing penetration testing toolkit PowerMeta PowerShell PowerSploit python Raspberry Pi RedSnarf reverse engineering Short Post software composition analysis SQL injection Sysdig Falco vulnerability assessment Web Application Security WiFi Wireshark WordPress WPXF

Copyright © 2018 - PenTestIT | Information shared to be used for LEGAL purposes only!