bevigil-cli provides a unified command line interface and python library for using BeVigil OSINT API. BeVigil CLI provides an efficient command line interface and Python library for interacting with the BeVigil OSINT API.

This article offers a detailed guide on installing, configuring, and utilizing BeVigil CLI to harness the power of OSINT for cybersecurity.

Explore the diverse commands available to extract valuable data assets quickly and effectively.

Getting Started

Installation

The easiest way to install the BeVigil OSINT CLI is to use pip:

$ pip3 install bevigil-cli

If you already have the bevigil-cli package installed and want to upgrade to the latest version, you can run:

$ pip3 install --upgrade bevigil-cli

This will install the bevigil-cli package as well as all dependencies.

Usage

Initialization

Before using the bevigil-cli to extract assets, you need to configure your api key. You can do this using the init command:

$ bevigil-cli init --api-key <API_KEY>

To get an API key, you can register at BeVigil’s website

Enumeration

Once the API key is configured, you can request BeVigil’s OSINT API for different types of assets.

The enum command consists of subcommands to enumerate different assets collected by BeVigil OSINT API. Following are all the supported subcommands under enum group including their options.

  Enumerate assets using BeVigil OSINT API

Options:
  -h, --help  Show this message and exit.

Commands:
  hosts       Request hosts present in an android package
  packages    Request packages associated associated with a domain/subdomain
  params      Request params associated with an android package
  s3          Request S3 buckets associated with a package or a keyword
  subdomains  Request subdomains associated with a domain
  urls        Request URLs associated with a domain
  wordlist    Request a wordlist for a package

Commands Examples

wordlist

To request a wordlist crafted from an android pacakge:

$ bevigil-cli enum wordlist --package "com.whatsapp"
{
   "package_id": "com.whatsapp",
   "raw_wordlist": [
      "header.json",
      "content.json",
      "change_number_contacts.json",
      "manifest.json",
      "client_search.php",
      "metadata.json",
      "verification.php",
      "debuginfo.json",
      "payments_error_map.json",
      "ephemeral_settings_lottie_animation.json",
      "/DCIM/Camera",
      "/native-libs/",
      "/timer/stop:",
      "/cgroup",
      "/bg_non_interactive",
      "/dev/null",
   ]
}

For more information click here.

Published by Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a comment

Your email address will not be published. Required fields are marked *