Sometime early last month, I made a post about OSRFramework which was version 0.16.8. A new version of this open sources research framework was released at the recently concluded BlackHat 2017 conference held in Vegas. To be precise, it was released on Wednesday, July 26 in the OSINT Arsenal category and was versioned as OSRFramework 0.17.0.
What is OSRFramework?
OSRFramework is an open source GNU AGPLv3+ set of libraries modularly developed by Yaiza Rubio and Félix Brezo to perform Open Source Intelligence tasks. In the framework, the authors include a series of applications related to username checking, DNS lookups, social media research, regular expressions extraction and many others. At the same time, by means of ad-hoc Maltego transforms, OSRFramework provides a way of making these queries graphically as well as including other interfaces to interact with it using the command line and a web server.
OSRFramework 0.17.0 changelog:
- Multiple wrappers mentioned in the pending section were cleaned. To be precise, the wrappers are – artbreak.py, artician.py, bookmarky.py, evilzone.py, fanbitcoin.py, flavors.py, gitorious.py, gytorrents.py, plancast.py, retailmenot.py, seatwish.py, stuff.py, unsystem.py, xtube.py
- Add feature #267: Add a leaked email search using HaveIBeenPwned.
- Add feature #168: Add Get as a new platform
- Add feature: Add Seatwish usufy wrapper
- Add feature: Add Xtube usufy wrapper
- Add feature: Add coloured output in usufy, mailfy, searchfy, phonefy, entify, osrfconsole and domainfy
- Add feature: Add colorama utils to general
- Fix issue #278: Remove bladna.nl usufy wrapper
- Fix issue #276: Fix trip.com usufy wrapper
- Fix issue #275: Remove Travian forum usufy wrapper
- Fix issue #274: Remove Carder usufy wrapper
- Update the print functions
- Fix some issues regarding to the display of the license
- Patch issue #277: Fix creativemarket usufy wrapper
- General update of the way in which functions in
osrframework.utils.generalare documented as well as removal of unneeded functions.
- Remove a hack in the export function to set the encoding that implied setting the default encoding using
sys.setdefaultencoding()and resetting it back after the export.
Download OSRFramework 0.17.0:
As always, get the updated OSRFramework 0.17.0 version, by checking out the GIT repository.
My initial post about this advanced XSS detection and exploitation suite was almost an year ago! Three days ago, an update – XSStrike 3.1.2 was released. This is a post that documents these changes. What is XSStrike? XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator,