Cyber security

Chiasmodon : The Next-Level OSINT Tool For Comprehensive Digital Investigations

Chiasmodon is an OSINT (Open Source Intelligence) tool designed to assist in the process of gathering information about target domain.

Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials (usernames and passwords), CIDRs (Classless Inter-Domain Routing), ASNs (Autonomous System Numbers), and subdomains.

The tool allows users to search by domain, CIDR, ASN, email, username, password, or Google Play application ID.

Features

  • Domain: Conduct targeted searches by specifying a domain name to gather relevant information related to the domain.
  • Google Play Application: Search for information related to a specific application on the Google Play Store by providing the application ID.
  • CIDR and ASN: Explore CIDR blocks and Autonomous System Numbers (ASNs) associated with the target domain to gain insights into network infrastructure and potential vulnerabilities.
  • Email, Username, Password: Conduct searches based on email, username, or password to identify potential security risks or compromised credentials.
  • Country: Sort and filter search results by country to gain insights into the geographic distribution of the identified information.
  • Output Customization: Choose the desired output format (text, JSON, or CSV) and specify the filename to save the search results.
  • Additional Options: The tool offers various additional options, such as viewing different result types (credentials, URLs, subdomains, emails, passwords, usernames, or applications), setting API tokens, specifying timeouts, limiting results, and more.

Comming Soon

  • Phone: Get ready to uncover even more valuable data by searching for information associated with phone numbers.
    • Whether you’re investigating a particular individual or looking for connections between phone numbers and other entities, this new feature will provide you with valuable insights.
  • Company Name: We understand the importance of comprehensive company research. In our upcoming release, you’ll be able to search by company name and access a wide range of documents associated with that company.
    • This feature will provide you with a convenient and efficient way to gather crucial information, such as legal documents, financial reports, and other relevant records.
  • Face (Photo): Visual data is a powerful tool, and we are excited to introduce our advanced facial recognition feature.
    • With “Search by Face (Photo),” you can upload an image containing a face and leverage cutting-edge technology to identify and match individuals across various data sources.
      • This will allow you to gather valuable information, such as social media profiles, online presence, and potential connections, all through the power of facial recognition.

Usage

Chiasmodon provides a flexible and user-friendly command-line interface and python library. Here are some examples to demonstrate its usage:

usage: chiasmodon_cli.py [-h] [-d DOMAIN] [-a APP] [-c CIDR] [-s ASN] [-e EMAIL] [-u USERNAME] [-p PASSWORD] [-C COUNTRY]
                         [-vt {cred,url,subdomain,email,password,username,app}] [-o OUTPUT] [-ot {text,json,csv}] [--init INIT] [-A] [-de] [-T TIMEOUT] [-L LIMIT]
                         [-v]

Chiasmodon CLI

options:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
                        Search by domain.
  -a APP, --app APP     Search by google play applciton id.
  -c CIDR, --cidr CIDR  Search by CIDR.
  -s ASN, --asn ASN     Search by ASN.
  -e EMAIL, --email EMAIL
                        Search by email, only pro, only pro account.
  -u USERNAME, --username USERNAME
                        Search by username, only pro account.
  -p PASSWORD, --password PASSWORD
                        Search by password, only pro account.
  -C COUNTRY, --country COUNTRY
                        sort result by country code default is all
  -vt {cred,url,subdomain,email,password,username,app}, --view-type {cred,url,subdomain,email,password,username,app}
                        type view the result default is "cred".
  -o OUTPUT, --output OUTPUT
                        filename to save the result
  -ot {text,json,csv}, --output-type {text,json,csv}
                        output format default is "text".
  --init INIT           set the api token.
  -A, --all             view all result using "like",this option work only with (-d or --domain , -a or --app),default is False
  -de, --domain-emails  only result for company domain, this option work only with -d or --domain, default is False
  -T TIMEOUT, --timeout TIMEOUT
                        request timeout default is 60.
  -L LIMIT, --limit LIMIT
                        limit results default is 10000.
  -v, --version         version.

Examples:

    # Search for target domain, you will see the result for only this "example.com"
    chiasmodon_cli.py --domain example.com

    # Search for target subdomains
    chiasmodon_cli.py --domain example.com --all

    # Search for target domain, you will see the result for only this "example.com" on United States
    chiasmodon_cli.py --domain example.com --country US

    # search for target app id
    chiasmodon_cli.py --app com.example

    # Search for target asn
    chiasmodon_cli.py --asn AS123 --type-view cred

    # Search for target username
    chiasmodon_cli.py --username someone --country CA

    # Search for target password
    chiasmodon_cli.py --password example@123

    # Search for target cidr
    chiasmodon_cli.py --cidr x.x.x.x/24

    # Search for target creds by domain emsils
    chiasmodon_cli.py --domain example.com --domain-emails
    chiasmodon_cli.py --domain example.com --domain-emails --output example-creds.json --output-type json
    chiasmodon_cli.py --domain example.com --domain-emails --view-type email --output example-emails.txt --output-type text

    # Search for target subdomain
    chiasmodon_cli.py --domain company.com --view-type subdomain

    # Search for target email
    chiasmodon_cli.py --email someone@example.com
    chiasmodon_cli.py --email someone@example.com --view-type url

    # search for multiple targets:
    chiasmodon_cli.py --domain targets.txt --output example-creds.txt
    chiasmodon_cli.py --domain targets.txt --view-type url --output example-urls.txt

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: Chiasmodoncybersecurityinformationsecuritykalilinuxkalilinuxtools
1 year ago

Recent Posts

Comments in Bash Scripts

What Are Bash Comments? In Bash scripting, comments are notes in your code that the…

3 days ago

Shebang (#!) in Bash Script

When you write a Bash script in Linux, you want it to run correctly every…

4 days ago

Bash String Concatenation – Bash Scripting

Introduction If you’re new to Bash scripting, one of the first skills you’ll need is…

4 days ago

Learn Bash Scripting: How to Create and Run Shell Scripts for Beginners

What is Bash Scripting? Bash scripting allows you to save multiple Linux commands in a file and…

5 days ago

Bash if…else Statement – Bash Scripting

When it comes to automating tasks on Linux, Bash scripting is an essential skill for both beginners…

5 days ago

Bash Functions Explained: Syntax, Examples, and Best Practices

Learn how to create and use Bash functions with this complete tutorial. Includes syntax, arguments,…

1 week ago