Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked Kamerka GUI

0x1

By INACTIVE 0x1
in Pentesting

 Share

Recommended Posts

0x1 Little Hacker

INACTIVE 0x1

Posted
Posted

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.

This is the hidden content, please

Requirements

  • beautiful soup
  • python3
  • django
  • pynmea2
  • celery
  • redis
  • Shodan
  • BinaryEdge
  • WHOISXMLAPI
  • Flickr
  • Google Maps API

pip3 install -r requirements.txt

Make sure your API keys are correct and put them in keys.json in main directory.

Run

This is the hidden content, please

In a new window (in main directory) run celery worker celery worker -A kamerka --loglevel=info

In a new window fire up redis redis-server

And server should be available on hxxps://localhost:8000/

Search

Search for Industrial Control Devices in specific country

  • "All results" checkbox means get all results from Shodan, if it's turned off - only first page (100) results will be downloaded.
  • "Own database" checkbox does not work but shows that is possible to integrate your own geolocation database. Let me know if you have access to better than Shodan's default one.

Search for Internet of things in specific coordinates

Type your coordinates in format "lat,lon", hardcoded radius is 20km.

This is the hidden content, please

Dashboard


Maps
Los Angeles map


Industrial Control Systems in Canada


 Device map & details


 Full list of supported devices with corresponding queries
Spoiler
This is the hidden content, please

 

Known bugs:

  • It's version 1.0 so please raise an issue if you think you found any bug or have an idea to make it better.
  • Sometimes search page keeps the last values, so please use ctrl+shift+R to refresh the main search page
  • Debug info is left on purpose for raising an issues
  • still some problems with getting cves from shodan search results
  • Flickr infowindow size

Contribution

I really care about feedback from you. If you have any idea how to make tool better, I'm more than happy to hear it. It's also possible to upload and host the tool online, if you want to help, dm me.

TODO

  • Live monitoring
  • Offensive capabilities
  • More devices
  • More sources (Instagram?, Youtube?)
  • Integration with Nmap and plcscan
  • Extensive error checking/debugging
  • Cleanup code, delete legacy/unused dependencies js, css files
  • Keeping keys in db
  • Your ideas

More info && Download && Demo 






	
		

			
This is the hidden content, please
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.