Cyber security

Chiasmodon : The Next-Level OSINT Tool For Comprehensive Digital Investigations

Chiasmodon is an OSINT (Open Source Intelligence) tool designed to assist in the process of gathering information about target domain.

Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials (usernames and passwords), CIDRs (Classless Inter-Domain Routing), ASNs (Autonomous System Numbers), and subdomains.

The tool allows users to search by domain, CIDR, ASN, email, username, password, or Google Play application ID.

Features

  • Domain: Conduct targeted searches by specifying a domain name to gather relevant information related to the domain.
  • Google Play Application: Search for information related to a specific application on the Google Play Store by providing the application ID.
  • CIDR and ASN: Explore CIDR blocks and Autonomous System Numbers (ASNs) associated with the target domain to gain insights into network infrastructure and potential vulnerabilities.
  • Email, Username, Password: Conduct searches based on email, username, or password to identify potential security risks or compromised credentials.
  • Country: Sort and filter search results by country to gain insights into the geographic distribution of the identified information.
  • Output Customization: Choose the desired output format (text, JSON, or CSV) and specify the filename to save the search results.
  • Additional Options: The tool offers various additional options, such as viewing different result types (credentials, URLs, subdomains, emails, passwords, usernames, or applications), setting API tokens, specifying timeouts, limiting results, and more.

Comming Soon

  • Phone: Get ready to uncover even more valuable data by searching for information associated with phone numbers.
    • Whether you’re investigating a particular individual or looking for connections between phone numbers and other entities, this new feature will provide you with valuable insights.
  • Company Name: We understand the importance of comprehensive company research. In our upcoming release, you’ll be able to search by company name and access a wide range of documents associated with that company.
    • This feature will provide you with a convenient and efficient way to gather crucial information, such as legal documents, financial reports, and other relevant records.
  • Face (Photo): Visual data is a powerful tool, and we are excited to introduce our advanced facial recognition feature.
    • With “Search by Face (Photo),” you can upload an image containing a face and leverage cutting-edge technology to identify and match individuals across various data sources.
      • This will allow you to gather valuable information, such as social media profiles, online presence, and potential connections, all through the power of facial recognition.

Usage

Chiasmodon provides a flexible and user-friendly command-line interface and python library. Here are some examples to demonstrate its usage:

usage: chiasmodon_cli.py [-h] [-d DOMAIN] [-a APP] [-c CIDR] [-s ASN] [-e EMAIL] [-u USERNAME] [-p PASSWORD] [-C COUNTRY]
                         [-vt {cred,url,subdomain,email,password,username,app}] [-o OUTPUT] [-ot {text,json,csv}] [--init INIT] [-A] [-de] [-T TIMEOUT] [-L LIMIT]
                         [-v]

Chiasmodon CLI

options:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
                        Search by domain.
  -a APP, --app APP     Search by google play applciton id.
  -c CIDR, --cidr CIDR  Search by CIDR.
  -s ASN, --asn ASN     Search by ASN.
  -e EMAIL, --email EMAIL
                        Search by email, only pro, only pro account.
  -u USERNAME, --username USERNAME
                        Search by username, only pro account.
  -p PASSWORD, --password PASSWORD
                        Search by password, only pro account.
  -C COUNTRY, --country COUNTRY
                        sort result by country code default is all
  -vt {cred,url,subdomain,email,password,username,app}, --view-type {cred,url,subdomain,email,password,username,app}
                        type view the result default is "cred".
  -o OUTPUT, --output OUTPUT
                        filename to save the result
  -ot {text,json,csv}, --output-type {text,json,csv}
                        output format default is "text".
  --init INIT           set the api token.
  -A, --all             view all result using "like",this option work only with (-d or --domain , -a or --app),default is False
  -de, --domain-emails  only result for company domain, this option work only with -d or --domain, default is False
  -T TIMEOUT, --timeout TIMEOUT
                        request timeout default is 60.
  -L LIMIT, --limit LIMIT
                        limit results default is 10000.
  -v, --version         version.

Examples:

    # Search for target domain, you will see the result for only this "example.com"
    chiasmodon_cli.py --domain example.com

    # Search for target subdomains
    chiasmodon_cli.py --domain example.com --all

    # Search for target domain, you will see the result for only this "example.com" on United States
    chiasmodon_cli.py --domain example.com --country US

    # search for target app id
    chiasmodon_cli.py --app com.example

    # Search for target asn
    chiasmodon_cli.py --asn AS123 --type-view cred

    # Search for target username
    chiasmodon_cli.py --username someone --country CA

    # Search for target password
    chiasmodon_cli.py --password example@123

    # Search for target cidr
    chiasmodon_cli.py --cidr x.x.x.x/24

    # Search for target creds by domain emsils
    chiasmodon_cli.py --domain example.com --domain-emails
    chiasmodon_cli.py --domain example.com --domain-emails --output example-creds.json --output-type json
    chiasmodon_cli.py --domain example.com --domain-emails --view-type email --output example-emails.txt --output-type text

    # Search for target subdomain
    chiasmodon_cli.py --domain company.com --view-type subdomain

    # Search for target email
    chiasmodon_cli.py --email someone@example.com
    chiasmodon_cli.py --email someone@example.com --view-type url

    # search for multiple targets:
    chiasmodon_cli.py --domain targets.txt --output example-creds.txt
    chiasmodon_cli.py --domain targets.txt --view-type url --output example-urls.txt

For more information click here.

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Tamil S
Tags: Chiasmodoncybersecurityinformationsecuritykalilinuxkalilinuxtools
8 months ago

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

8 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

8 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

2 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

3 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago