Metabigor : Command Line Search Engines Without Any API Key

Metabigor allows you do query from command line to awesome Search Engines (like Shodan, Censys, Fofa, etc) without any API key.

But Why ?

  • Don’t use your API key so you don’t have to worry about litmit of API quotation.
  • Do query from command line without Premium account.
  • Get more result without Premium account.
  • But I have an Premium account why do I need this shit?
    • Again it will not lose your API quotation.
    • Your query will optimized so you gonna get more result than using it by hand or API key.
    • Never get duplicate result.

Also Read – PhoneSploit : Using Open ADB Ports We Can Exploit A Android Device

How it works?

It gonna use your cookie or not to simulate search from browser and optimize the query to get more result.

Search Engine currently supported

  • Shodan.
  • Censys.
  • Fofa Pro.

Installation

git clone https://github.com/j3ssie/Metabigor
cd Metabigor
pip3 install -r requirements.txt

Demo

How to use

Basic Usage

./metabigor.py -s -q ‘‘ [options]

Check out the Advanced Usage to explore some awesome options

Example commands

Note: Fill your credentials or your sessions on config.conf if you want to get more results.

./metabigor.py -s fofa -q ‘title=”Dashboard – Confluence” && body=”.org”‘

./metabigor.py -s fofa -q ‘title=”Dashboard – Confluence” && body=”.org”‘ -b –disable_pages

./metabigor.py -s shodan -q ‘port:”3389″ os:”Windows”‘ –debug

Options

[*] Setup session

Do command below or direct modify config.conf file
./metabigor.py -s shodan –cookies=
./metabigor.py -s censys –cookies=
./metabigor.py -s fofa –cookies=

[*] Basic Usage
./metabigor.py -s -q ” [options]

[*] More Options
-d OUTDIR, –outdir OUTDIR
Directory output
-o OUTPUT, –output OUTPUT
Output file name
–raw RAW Directory to store raw query
–proxy PROXY Proxy for doing request to search engine e.g:
http://127.0.0.1:8080
-b Auto brute force the country code
–disable_pages Don’t loop though the pages
–store_content Store the raw HTML souce or not
–hh Print this message
–debug Print debug output

[*] Example commands
./metabigor.py -s fofa -q ‘title=”Dashboard – Confluence” && body=”.org”‘ -b
./metabigor.py -s fofa -q ‘title=”Dashboard – Confluence” && body=”.org”‘ -b –disable_pages
./metabigor.py -s shodan -q ‘port:”3389″ os:”Windows”‘ –debug
./metabigor.py -s shodan -Q list_of_query.txt –debug -o rdp.txt
./metabigor.py -s censys -q ‘(scada) AND protocols: “502/modbus”‘ -o something –debug –proxy socks4://127.0.0.1:9050

Disclaimer

This tool is for educational purposes only. You are responsible for your own actions. If you mess something up or break any laws while using this software, it’s your fault, and your fault only.

Credit: Vitaly Gorbachev and Picascii

Download
R K

Share
Published by
R K
Tags: API KeyMetabigorSearch Engines
5 years ago

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

1 day ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

1 day ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

3 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

4 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago