Skip to content

Latest commit

 

History

History
53 lines (36 loc) · 1.85 KB

README.md

File metadata and controls

53 lines (36 loc) · 1.85 KB
Raw

Orion

                                      ____   ___   ____ ____   _  __
                                     / __ \ / _ \ /  _// __ \ / |/ /
                                    / /_/ // , _/_/ / / /_/ //    / 
                                    \____//_/|_|/___/ \____//_/|_/  
                                                                    
                                                                                
                                   Author: B0lg0r0v
                                   https://arthurminasyan.com

Description

Orion is a TCP/IP forensics tool, written in C, capable of detecting malicious processes / connections by using the VirusTotal API.

Example Output:

ORION v0.1
Author: B0lg0r0v
https://arthurminasyan.com/

PROCESS NAME:   msedge.exe  (PID: 21868)
                Local Port: 57809
                Remote Addr: 20.250.77.142:443 --> [SAFE]

PROCESS NAME:   msedge.exe  (PID: 21868)
                Local Port: 57977
                Remote Addr: 140.82.112.25:443 --> [SAFE]

PROCESS NAME:   firefox.exe  (PID: 7880)
                Local Port: 58050
                Remote Addr: 13.83.65.43:443 --> [SAFE]

PROCESS NAME:   Skype.exe  (PID: 30764)
                Local Port: 58107
                Remote Addr: 162.159.137.232:443 --> [SAFE]

PROCESS NAME:   Discord.exe  (PID: 19732)
                Local Port: 58116
                Remote Addr: 162.159.134.233:443 --> [MALICIOUS]

Features

More Features on its way..

Credits & Disclaimer

This project is heavily inspired and taken from @SaadAhla "IP Hunter".

This tool is primarly created for me as a project to enhance my coding skills and start creating some hacking tools. It is not considered to be the most efficient tool out there.