Hawkeye – A Tool To Crawl The Filesystem Or A Directory

HawkEye is a simple tool to crawl the filesystem or a directory looking for interesting stuff like SSH Keys, Log Files, Sqlite Database, password files, etc. Hawkeye uses a fast filesystem crawler to look through files recursively and then sends them for analysis in real time and presents the data in both json format and simple console output. The tool is built with a modular approach making it easy to use and easily extensible.

It can be used during pentests as a privilege escalation tool to look through the filesystem finding configuration files or ssh keys sometimes left by the sys-admins.

Features

  1. Simple and modular code base making it easy to contribute.
  2. Fast And Powerful Directory crawling module doing real-time analysis
  3. Easily extensible and vast scanner (Thanks to Gitrob)
  4. Outputs in various formats

Also Read Maintaining Access to a Linux Machine Using Cymothoa – Post Exploitation

Installation Instructions

The installation is easy. Git clone the repo and run go build.

go get github.com/Ice3man543/hawkeye

Upgrading

If you wish to upgrade the package you can use:

go get -u github.com/Ice3man543/hawkeye

Hawkeye Usage

Hawkeye needs a directory to begin with. A directory can be supplied with -d flag. For example –

./hawkeye -d <directory>

To run it against my home directory, i can pass /home/ice3man as the argument.

./hawkeye -d /home/ice3man

 ✘ ice3man@TheDaemon  ~/tmp  ./hawkeye -d /home/ice3man  

 _  _                _    ___           
| || | __ _ __ __ __| |__| __|_  _  ___ 
| __ |/ _  |\ V  V /| / /| _|| || |/ -_)
|_||_|\__,_| \_/\_/ |_\_\|___|\_, |\___|
                              |__/     
     Analysis v1.0 - by @Ice3man

[13:31:59] HawkEye : An advance filesystem analysis tool
[13:31:59] Written By : @Ice3man
[13:31:59] Github : https://github.com/Ice3man543


[Log file] /home/ice3man/.tplmap/tplmap.log
[Log file] /home/ice3man/burpsuite-master/hs_err_pid3028.log
[Log file] /home/ice3man/.log/jack/jackdbus.log
[Shell command history file] /home/ice3man/oldvps/root/.bash_history
[Shell configuration file] /home/ice3man/oldvps/root/.bashrc

You can use -v flag to show verbose output. You can also get json output using -o flag.

[
    {
        "path": "/home/ice3man/oldvps/root/.bash_history",
        "description": "Shell command history file",
        "comment": ""
    },
    {
        "path": "/home/ice3man/oldvps/root/.profile",
        "description": "Shell profile configuration file",
        "comment": "Shell configuration files can contain passwords, API keys, hostnames and other goodies"
    },
    {
        "path": "/home/ice3man/oldvps/root/.bashrc",
        "description": "Shell configuration file",
        "comment": "Shell configuration files can contain passwords, API keys, hostnames and other goodies"
    },
]

 

R K

Share
Published by
R K
Tags: CrawlDirectoryFilesystemHawkeye
6 years ago

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

21 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

21 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

3 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago