Skip to content

Home

Jump to bottom
Saeed Dehqan edited this page Jun 24, 2022 · 32 revisions

Introduction

Development Guide

Clone this wiki locally

OWASP Maryam

Open-source intelligence(OSINT) uses open-source tools to collect information and analyze them for a specific purpose. OSINT can be very helpful for hackers to use to garner data about particular organizations. Today, using Open sources like bing, google, yahoo, etc, for data gathering, are essential steps for reconnaissance, which is a common task. It should be a tool to automate this routine. One of the best tools in this field is ​The OWASP Maryam.

Introduction

OWASP Maryam is a modular open-source framework based on OSINT and data gathering. It is designed to provide a robust environment to harvest data from open sources and search engines quickly and thoroughly.

Getting Started

Prerequisites

Maryam requires Python 3.8+ and for package installation also uses python package manager PyPI(pip).

Installation

From pip

You can install Maryam by pip:

pip install maryam

From source

The repository can be loaded using the following command:

git clone https://github.com/saeeddhqan/Maryam.git
cd Maryam

The next step is to run the setup:

sudo python setup.py install

The installation is finished and you can run with:

maryam

Update

If it already exists, these commands remove the old version completely and replace it with the new version. From the Maryam install directory:

cd ..
rm -rf maryam
git clone https://github.com/saeeddhqan/maryam.git
cd maryam
python setup.py install
maryam`

And these commands, update the remote URL of the current repository. From the Maryam install directory:

git remote set-url origin https://github.com/saeeddhqan/maryam.git
git reset --hard HEAD~1
git pull

Note: When Maryam runs, it automatically checks the current version with the latest version and notifies that if the current version has not been updated. If you don’t like it, turn it off with the following command:

set update_check false

Modules

Currently, Maryam has three types of modules:

  • Footprint

  • OSINT

  • Search

  • Iris

Footprint

In the section of Footprint, we have modules to Crawl, Identify, Gather, and Analyze.

What can be done with footprint modules?

  • Identify Web Applications, frameworks, plugins, languages, and server operating systems.

  • Search in web pages and find emails, usernames, errors, meta tags, and anything else that interest.

  • Search your regular expression on web content and get the result. It’s very helpful to find interesting things on web content and it’s not limited to one page.

  • Fast brute force attack to identify subdomains, files, directories, and TLDs with thread supporting.

  • Find web entry points like forms, inputs, URLs with params, get requests, and post requests to fuzzing attack.

  • Detect Web Application Firewalls(WAF) with 50 payloads.

OSINT

OSINT modules are used to find emails, documentation, DNS names, and social networks. Almost all of the OSINT modules use search engines except the crawler.

What can be done with OSINT modules?

  • Extracts Emails(with 10 sources to search).

  • Documentations(pdf, csv, txt, xlsx, ..) with more than 10 sources to search.

  • DNS names with more than 25 sources to search(All of the sources are free).

  • Social networks.

  • Extract links(in scope, out scope), comments, CSS and JS files, CDN links, emails, docs, and media files from web pages.

Search

Search modules have been created to reduce the time it takes to search for free resources. Users can search on social networks, certificates, images, news, etc.

What can be done with search modules?

  • Search in the best search engines without API keys.

  • Search in common social networks and find people, hashtags, and status.

  • Search to find images, news, websites, etc.

Iris

This is an experiment section for ML and NLP algorithms.

Quick Guide

Help options

  • help or ?
  • or help <command-name> for help your command

Show modules

  • show modules

Use modules

  • <module-name> --help

Show framework options

  • show options

Set framework options

  • set <option-name> <value>
  • Example set VERBOSITY 2

To get report from modules output

  • Set 'output' option with True: set output True
  • Or use '--output switch': wapps -d domain.com --output
  • And next, use report command: report <format> <file-name-for-output> <module-name>
  • Rxample report <format> pdf_docs osint/docs_search localhost

Modules search

  • search <string>

Run shell command

  • shell <command> or ! <command> or <command>

Update modules

  • update module wikipedia
  • update module * for all modules
  • update check wikipedia check versions

Reload all modules

  • reload

Config the connections

  • See the options show options
  • And set the options set TIMEOUT 2.5

To use random user-agent

  • set RAND_AGENT true

Examples

To search for a RegEx within a web page

maryam

crawl_pages -d example.com -r https?://[A-z0-9\._\/\-?=]+

If you want to crawl in the more pages:-l 2

If you want to get keywords, emails and etc:--more

OR without entering the framework

maryam -e crawl_pages -d domain.tld -r "https?://[A-z0-9\._\/\-?=]+" --limit 2

Find pdf files using search engines

docs_search -q amazon -f pdf -e google,bing,metacrawler --thread 3

DNS brute force

maryam

dnsbrute -d example.com --thread 10 --wordlist mylist.txt

Extract links and save data as a JSON report

maryam -e crawler -d <DOMAIN> --output

maryam -e report json output_file_name osint/crawler