Cyber security

Chiasmodon : The Next-Level OSINT Tool For Comprehensive Digital Investigations

Chiasmodon is an OSINT (Open Source Intelligence) tool designed to assist in the process of gathering information about target domain.

Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials (usernames and passwords), CIDRs (Classless Inter-Domain Routing), ASNs (Autonomous System Numbers), and subdomains.

The tool allows users to search by domain, CIDR, ASN, email, username, password, or Google Play application ID.

Features

  • Domain: Conduct targeted searches by specifying a domain name to gather relevant information related to the domain.
  • Google Play Application: Search for information related to a specific application on the Google Play Store by providing the application ID.
  • CIDR and ASN: Explore CIDR blocks and Autonomous System Numbers (ASNs) associated with the target domain to gain insights into network infrastructure and potential vulnerabilities.
  • Email, Username, Password: Conduct searches based on email, username, or password to identify potential security risks or compromised credentials.
  • Country: Sort and filter search results by country to gain insights into the geographic distribution of the identified information.
  • Output Customization: Choose the desired output format (text, JSON, or CSV) and specify the filename to save the search results.
  • Additional Options: The tool offers various additional options, such as viewing different result types (credentials, URLs, subdomains, emails, passwords, usernames, or applications), setting API tokens, specifying timeouts, limiting results, and more.

Comming Soon

  • Phone: Get ready to uncover even more valuable data by searching for information associated with phone numbers.
    • Whether you’re investigating a particular individual or looking for connections between phone numbers and other entities, this new feature will provide you with valuable insights.
  • Company Name: We understand the importance of comprehensive company research. In our upcoming release, you’ll be able to search by company name and access a wide range of documents associated with that company.
    • This feature will provide you with a convenient and efficient way to gather crucial information, such as legal documents, financial reports, and other relevant records.
  • Face (Photo): Visual data is a powerful tool, and we are excited to introduce our advanced facial recognition feature.
    • With “Search by Face (Photo),” you can upload an image containing a face and leverage cutting-edge technology to identify and match individuals across various data sources.
      • This will allow you to gather valuable information, such as social media profiles, online presence, and potential connections, all through the power of facial recognition.

Usage

Chiasmodon provides a flexible and user-friendly command-line interface and python library. Here are some examples to demonstrate its usage:

usage: chiasmodon_cli.py [-h] [-d DOMAIN] [-a APP] [-c CIDR] [-s ASN] [-e EMAIL] [-u USERNAME] [-p PASSWORD] [-C COUNTRY]
                         [-vt {cred,url,subdomain,email,password,username,app}] [-o OUTPUT] [-ot {text,json,csv}] [--init INIT] [-A] [-de] [-T TIMEOUT] [-L LIMIT]
                         [-v]

Chiasmodon CLI

options:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
                        Search by domain.
  -a APP, --app APP     Search by google play applciton id.
  -c CIDR, --cidr CIDR  Search by CIDR.
  -s ASN, --asn ASN     Search by ASN.
  -e EMAIL, --email EMAIL
                        Search by email, only pro, only pro account.
  -u USERNAME, --username USERNAME
                        Search by username, only pro account.
  -p PASSWORD, --password PASSWORD
                        Search by password, only pro account.
  -C COUNTRY, --country COUNTRY
                        sort result by country code default is all
  -vt {cred,url,subdomain,email,password,username,app}, --view-type {cred,url,subdomain,email,password,username,app}
                        type view the result default is "cred".
  -o OUTPUT, --output OUTPUT
                        filename to save the result
  -ot {text,json,csv}, --output-type {text,json,csv}
                        output format default is "text".
  --init INIT           set the api token.
  -A, --all             view all result using "like",this option work only with (-d or --domain , -a or --app),default is False
  -de, --domain-emails  only result for company domain, this option work only with -d or --domain, default is False
  -T TIMEOUT, --timeout TIMEOUT
                        request timeout default is 60.
  -L LIMIT, --limit LIMIT
                        limit results default is 10000.
  -v, --version         version.

Examples:

    # Search for target domain, you will see the result for only this "example.com"
    chiasmodon_cli.py --domain example.com

    # Search for target subdomains
    chiasmodon_cli.py --domain example.com --all

    # Search for target domain, you will see the result for only this "example.com" on United States
    chiasmodon_cli.py --domain example.com --country US

    # search for target app id
    chiasmodon_cli.py --app com.example

    # Search for target asn
    chiasmodon_cli.py --asn AS123 --type-view cred

    # Search for target username
    chiasmodon_cli.py --username someone --country CA

    # Search for target password
    chiasmodon_cli.py --password example@123

    # Search for target cidr
    chiasmodon_cli.py --cidr x.x.x.x/24

    # Search for target creds by domain emsils
    chiasmodon_cli.py --domain example.com --domain-emails
    chiasmodon_cli.py --domain example.com --domain-emails --output example-creds.json --output-type json
    chiasmodon_cli.py --domain example.com --domain-emails --view-type email --output example-emails.txt --output-type text

    # Search for target subdomain
    chiasmodon_cli.py --domain company.com --view-type subdomain

    # Search for target email
    chiasmodon_cli.py --email someone@example.com
    chiasmodon_cli.py --email someone@example.com --view-type url

    # search for multiple targets:
    chiasmodon_cli.py --domain targets.txt --output example-creds.txt
    chiasmodon_cli.py --domain targets.txt --view-type url --output example-urls.txt

For more information click here.

Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Varshini
Tags: Chiasmodoncybersecurityinformationsecuritykalilinuxkalilinuxtools
9 months ago

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

2 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

2 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

4 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

7 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago