<p align="center"> <img alt="sarenka-logo" src="https://raw.githubusercontent.com/pawlaczyk/sarenka/master/logo.png"> </p>

♥ Free Software, requires only free accounts to third part services ♥

Lack of knowledge ... that is the problem.

[William Edwards Deming]

SARENKA is an Open Source Intelligence (OSINT) tool that helps you in obtaining and understanding Attack Surface.

The main goal is gathering information from search engines for Internet-connected devices (https://censys.io/, https://www.shodan.io/, https://www.criminalip.io/ko). It scrapes data about Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and also has a database where CVEs are mapped to CWE.

It returns data about the local machine - local installed software (from Windows Registry), local network information (python libraries, popular cmd commads).

For now, the application also has simple tools like a hash calculator, shannon entropy calculator and very simple port scanner. More cryptography-math tools and reconnaissance scripts are planned.

The app is alive and has been rewritten from scratch on branch develop.

Contributors

SARENKA was mentioned here:

• ncybersec
• llllap3xllll
• securityonline.info
• haxf4rall.com
• hackdig.com
• findglocal.com
• 台灣數位國土安全部 - DDHS
• laptrinhx.com
• kitploit.com
• attackware.com
• hacking.land
• cyberfishnews.com
• modernnetsec.io
• spywarenews.com
• cert.europa.eu
• dfir.pro
• iransec.net
• hacker-gadgets.com
• vulners.com
• redpacketsecurity.com
• kali-linuxtr.net
• anonymousmedia.org
• pentesttools.net
• wangshit.xyz
• geekychild.com
• hacker.observer
• nuomiphp.com
• danielonsecurity.com
• haktechs
• cybeseclabs.com
• vk.com
• hacking.reviews
• thehacker.co
• iguru.gr
• en.iguru.gr
• rucore.net
• hackerzzz.com
• my.oschina.net
• kalilinuxtutorials.com
• pintait.com
• osintbrasil.blogspot.com
• wenyanet.com
• federatica.space
• giters.com
• redhotcyber.com
• haktechs.com
• hakin9.org
• www.libhunt.com
• cybersec365.org
• reddit.com user mikeis075
• blackhatethicalhacking.com

Features

• get data from https://censys.io/ by ip
• get data from https://www.shodan.io/ by ip
• get data from https://www.criminalip.io/ by ip
• get DNS data
• get WHOIS data
• banner grabbing
• find CVEs by CWE
• generate pdf report

You can also:

• calculate hashes based on user string
• calculate shannon entropy based on user string
• check is port open|closed (instead always use nmap if you can - it is slow)

Installation

Our team tests the application on Windows 10 and Kali Linux with Python 3.8.

SARENKA requires:

• Python

Clone repository

$ git clone https://github.com/pawlaczyk/sarenka.git

Go to application directory

$ cd ./sarenka

Create venv

$ python3 -m venv env

Activate venv

Powershell

$ ./env/Scripts/Activate.ps1

cmd

$ ./env/Scripts/activate.bat

Install requirements

$ pip3 install -r ./requirements.txt

Build application with sarenka.py script

$ python ./sarenka/sarenka.py

Getting started

####Please create accounts on services:

• https://account.shodan.io/register
• https://censys.io/register

Application - default http://localhost:8000/

# go to sarenka/sarenka
$ python backend/manage.py runserver

#####Add user credentials at "Settings" <img alt="sarenka-cwe" src="https://raw.githubusercontent.com/pawlaczyk/sarenka/master/readmeStatic/screenshot-2021-01-08-213602.png">

Screenshots

<img alt="sarenka-main-harwdare" src="https://raw.githubusercontent.com/pawlaczyk/sarenka/master/readmeStatic/screenshot-2021-01-07-234911.png"> <img alt="sarenka-cve" src="https://raw.githubusercontent.com/pawlaczyk/sarenka/master/readmeStatic/screenshot-2021-01-07-235528.png"> <img alt="sarenka-windows-registry" src="https://raw.githubusercontent.com/pawlaczyk/sarenka/master/readmeStatic/screenshot-2021-01-07-235615.png">

<img alt="sarenka-censys" src="https://raw.githubusercontent.com/pawlaczyk/sarenka/master/readmeStatic/screenshot-