Locked ꓘamerka GUI | Spy Tool | OSINT

dEEpEst · October 29, 2023

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.

Powered by Shodan - Supported by Binary Edge & WhoisXMLAPI

NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Shodan, Kamerka, are creating a “perfect storm” of

easy access to unsecured assets,
use of common, open-source information about devices, and
an extensive list of exploits deployable via common exploit frameworks (e.g., Metasploit, Core Impact, and Immunity Canvas).

This is the hidden content, please

Usage

Scan for Internet facing Industrial Control Systems, Medical and Internet of Things devices based on country or coordinates.
Gather passive intelligence from WHOISXML, BinaryEdge and Shodan or active by scanning target directly.
Thanks to indicators from devices and google maps, pinpoit device to specific place or facility (hospital, wastewater treatment plant, gas station, university, etc.)
(Optional, not recommended) 4. Guess/Bruteforce or use default password to gain access to the device. Some exploits are implemented for couple specific IoTs.
Report devices in critical infrastructure to your local CERT.

Features

More than 100 ICS devices
Gallery section shows every gathered screenshot in one place
Interactive Google maps
Google street view support
Possibility to implement own exploits or scanning techiques
Support for NMAP scan in xml format as an input
Find the route and change location of device
Statistics for each search
Search Flick photos nearby your device
Position for vessels is scraped from device directly, rather than IP based
Some devices return hints or location in the response. It's parsed and displayed as an indicator that helps to geolocate device.

Installation

Requirements

Make sure your API keys are correct and put them in keys.json in main directory.

Run

This is the hidden content, please

In a new window (in main directory) run celery worker

This is the hidden content, please

For new version of Celery

This is the hidden content, please

In a new window fire up redis

This is the hidden content, please

And server should be available on

This is the hidden content, please

Dashboard

Search

Search for Industrial Control Devices in specific country

All results" checkbox means get all results from Shodan, if it's turned off - only first page (100) results will be downloaded.
"Own database" checkbox does not work but shows that is possible to integrate your own geolocation database.

Search for Internet of things in specific coordinates

Type your coordinates in format "lat,lon", hardcoded radius is 20km.