Facebook Twitter Vimeo VKontakte Youtube
Sign in
Sign in
Welcome!Log into your account
Forgot your password?
Password recovery
Recover your password
Search
  • Sign in / Join
  • Kali Linux
  • Cyber security
  • Hacking Tools
  • Pentesting Tools
  • Exploitation Tools
  • TECH
  • Vulnerability Analysis
  • software
  • Uncategorized
  • Information Gathering
  • Security Hacker
  • Web Application Security
  • Tutorials
  • Forensics
  • Blog
  • Malware
  • Windows
  • Database Assessment
  • Post Exploitation
  • Android Security
  • Bash Scripting
  • Phishing
  • Password Attacks
  • OSINT
  • VPN
  • Wireless Attacks
  • Stress Testing
  • Sniffing/Spoofing
Facebook Twitter Vimeo VKontakte Youtube
Sign in
Welcome! Log into your account
Forgot your password? Get help
Password recovery
Recover your password
A password will be e-mailed to you.
Kali Linux Tutorials Kali Linux Tutorials
Kali Linux Tutorials Kali Linux Tutorials
Home Kali Linux Just-Metadata : Tool That Gathers & Analyzes Metadata About IP Addresses
  • Kali Linux

Just-Metadata : Tool That Gathers & Analyzes Metadata About IP Addresses

By
R K
-
April 2, 2019

Just-Metadata is a tool that can be used to gather intelligence information passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen.

Just-Metadata has “gather” modules which are used to gather metadata about IPs loaded into the framework across multiple resources on the internet. Just-Metadata also has “analysis” modules.

These are used to analyze the data loaded Just-Metadata and perform various operations that can identify potential relationships between the loaded systems.

Just-Metadata will allow you to quickly find the Top “X” number of states, cities, timezones, etc. that the loaded IP addresses are located in. It will allow you to search for IP addresses by country.

You can search all IPs to find which ones are used in callbacks as identified by VirusTotal. Want to see if any IPs loaded have been documented as taking part of attacks via the Animus Project, Just-Metadata can do it.

Additionally, it is easy to create new analysis modules to let people find other relationships between IPs loaded based on the available data. New intel gathering modules can be easily added in just as easily!

Also Read – Droidefense : Advance Android Malware Analysis Framework

Usage

As of now, Just metadata is designed to read in a single text file containing IPs, each on their own new line. Create this file from any source (C2 callback IPs, web server logs, etc.). Once you have this file, start Just-Metadata by calling it:

./Just-Metadata.py

Commands

help – Once in the framework, to see a listing of available commands and a description of what they do, type the “help” command.

load <filename> – The load command takes an extra parameter, the file name that you (the user) want Just-Metadata to load IP addresses from. This command will open, and load all IPs within the file to the framework.

Ex: load ipaddresses.txt

save – The save command can be used to save the current working state of Just-Metadata. This is helpful in multiple cases, such as after gathering information about IPs, and wanting to save the state off to disk to be able to work on them at a later point in time. Simply typing “save” will result in Just-Metadata saving the state to disk, and displaying the filename of the saved state.

import <statefile> – The import command can be used to load a previously saved Just-Metadata state into the framework. It will load all IPs that were saved, and all information gathered about the IP addresses. This command will require an extra parameter, the name of the state file that you want Just-Metadata to load.

Ex: import goodfile.state

list <module type> – The list command can be used to list the different types of modules loaded into Just-Metadata. This command will take an extra parameter, either “analysis” or “gather”. Just-Metadata will display all mofules of the type that the user requests is listed.

Ex: list analysis
Ex: list gather

gather <gather module name> – The gather command tells Just-Metadata to run the module specified and gather information from that source. This can be used to gather geographical information, Virustotal, whois, and more. It’s all based on the module. The data gathered will be stored within the framework in memory and can also be saved to disk with the “save” command.

Ex: gather geoinfo
Ex: gather virustotal

analyze <analysis module name> – The analyze command tells Metadata to run an analysis module against the data loaded into the framework. These modules can be used to find IP addresses that share the same SSH keys or SSL Public Key certificates, or certificate chains. They can also be used to find IP addresses used in the same callbacks by malicious executables.

ip_info <IP Address> – This command is used to dump all information about a specific IP address. This is currently being used after having run analysis modules. For example, after identifying IP addresses that share the same SSH keys, I can dump all information about those IPs. I will see if they have been used by malware, where they are located, etc.

Cexport – The export command will have Just-Metadata dump all information that’s been gathered about all IP addresses currently loaded into the framework to CSV.

Credit: Justin Warner

Download

Related

  • TAGS
  • IP
  • Just-Metadata
  • Metadata
Facebook
Twitter
Pinterest
WhatsApp
    Previous articlePHPMussel : Anti-Virus Anti-Trojan Anti-Malware Solution
    Next articleHow to Write a Dissertation in Less Time Than You Plan
    R K
    R K

    RELATED ARTICLESMORE FROM AUTHOR

    Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell
    Kali Linux

    Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

    CVE-Search
    Kali Linux

    CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

    ROADTools : The Azure AD Exploration Framework
    Kali Linux

    ROADTools: The Modern Azure AD Exploration Framework

    cp command

    cp Command: Copy Files and Directories in Linux

    0xSnow - September 20, 2025 0
    The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether making a backup, organizing a project, or moving content, cp allows...
    image osint

    Image OSINT

    0xSnow - September 20, 2025 0
    Introduction In digital investigations, images often hold more information than meets the eye. With the right tools and techniques, analysts can uncover hidden metadata, find...
    cat Command

    cat Command: Read and Combine File Contents in Linux

    0xSnow - September 20, 2025 0
    The cat command short for concatenate, It is a fast and versatile tool for viewing and merging file contents directly from the Linux terminal. Whether you're...
    ports in networking

    Port In Networking

    Tamilselvan S - September 20, 2025 0
    What is a Port? A port in networking acts like a gateway that directs data to the right program on a device. An IP address...
    ls command

    ls Command: List Directory Contents in Linux

    0xSnow - September 20, 2025 0
    The ls command is fundamental for anyone working with Linux. It’s used to display the files and directories in your current location, helping you stay organized...
    KALI LINUX TUTORIALS
    Contact us: admin@kalilinuxtutorials.com
    Facebook Twitter Vimeo VKontakte Youtube

    EVEN MORE NEWS

    cp command

    cp Command: Copy Files and Directories in Linux

    September 20, 2025
    image osint

    Image OSINT

    September 20, 2025
    cat Command

    cat Command: Read and Combine File Contents in Linux

    September 20, 2025

    POPULAR CATEGORY

    • Kali Linux2931
    • Cyber security912
    • Hacking Tools300
    • Pentesting Tools197
    • Exploitation Tools144
    • TECH134
    • Vulnerability Analysis116
    • Kali Linux
    • Cyber security
    • Hacking Tools
    • Pentesting Tools
    • Exploitation Tools
    • TECH
    • Vulnerability Analysis
    • software
    • Uncategorized
    • Information Gathering
    • Security Hacker
    • Web Application Security
    • Tutorials
    • Forensics
    • Blog
    • Malware
    • Windows
    • Database Assessment
    • Post Exploitation
    • Android Security
    • Bash Scripting
    • Phishing
    • Password Attacks
    • OSINT
    • VPN
    • Wireless Attacks
    • Stress Testing
    • Sniffing/Spoofing
    © Kalilinuxtutorials.com 2025
    MORE STORIES

    BadOutlook : Malicious Outlook Reader

    April 7, 2021

    BinAbsInspector : Vulnerability Scanner For Binaries

    July 7, 2022

    DIE : Program For Determining Types Of Files For Windows, Linux...

    July 21, 2019