800+ IT
News
als RSS Feed abonnieren๐ Recon Tool: SauronEye
๐ก Newskategorie: Hacking
๐ Quelle: blackhatethicalhacking.com
Recon Tool: SauronEye
Reading Time: 2 Minutes
SauronEye
SauronEye by Vivami is a powerful recon search tool designed for red teams. It allows users to search for specific keywords, such as passwords and secrets, across multiple network drives and within the contents of files, including Microsoft Office files (such as .doc, .docx, .xls, and .xlsx) and even VBA macros in old 2003 .xls and .doc files. The tool leverages multi-threading for improved performance, supports regular expressions in search keywords, and is compatible with Cobalt Strikeโs execute-assembly.
With the capability to search over 50,000 files totaling 1.3 TB on a network drive in under a minute, and a local drive in just 15 seconds, SauronEye is both fast and effective in finding critical information.
See Also: So you want to be a hacker?
Offensive Security Courses
Usage examples
C:\>SauronEye.exe -d C:\Users\vincent\Desktop\ --filetypes .txt .doc .docx .xls --contents --keywords password pass* -v`
=== SauronEye ===
Directories to search: C:\Users\vincent\Desktop\
For file types: .txt, .doc, .docx, .xls
Containing: wacht, pass
Search contents: True
Search Office 2003 files for VBA: True
Max file size: 1000 KB
Search Program Files directories: False
Searching in parallel: C:\Users\vincent\Desktop\
[+] C:\Users\vincent\Desktop\test\wachtwoord - Copy (2).txt
[+] C:\Users\vincent\Desktop\test\wachtwoord - Copy (3).txt
[+] C:\Users\vincent\Desktop\test\wachtwoord - Copy.txt
[+] C:\Users\vincent\Desktop\test\wachtwoord.txt
[+] C:\Users\vincent\Desktop\pass.txt
[*] Done searching file system, now searching contents
[+] C:\Users\vincent\Desktop\pass.txt
...the admin password=admin123...
[+] C:\Users\vincent\Desktop\test.docx:
...this is a testPassword = "welkom12...
Done. Time elapsed = 00:00:01.6656911ย
ย
ย
Trending:ย Recon Tool: ScopeHunter
Trending:ย Offensive Security Tool: Freeze
Search multiple directories, including network drives:
SauronEye.exe --directories C:\ \\SOMENETWORKDRIVE\C$ --filetypes .txt .bat .docx .conf --contents --keywords password pass*
Search paths and shares containing spaces:
SauronEye.exe -d "C:\Users\user\Path with a space" -d "\\SOME NETWORK DRIVE\C$" --filetypes .txt --keywords password pass*
Notes
SauronEye does not search %WINDIR% and %APPDATA%. Use the โsystemdirs flag to search the contents of Program Files*. SauronEye relies on functionality only available from .NET 4.7.2, and so requires >= .NET 4.7.2 to run.
ย
Clone the repo from here: GitHub Link
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!