SpYder version2 - Walkthrough

Vlad
Nov 25, 2017
3 min read

Updated: Nov 26, 2017

With the recent patch released, I'll discuss new features and cool functionalities. Walkthrough will be discuss.

On the previous post, I have given the application's improvement and a bit discussion of some new features. In this post, it is time to show you the functionalities and how we apply it on our work. spd>Commands

This version is a lot different from its beta release. One big difference is the replacement of menu options, would it be so cool to have a kali or metasploit feel with it, in a way that every time a user use the application he/she will feel like a legit hacker :). Below are the commands used for operation, to access this, you can type in help on the spd prompt.

spd>Nightcrawler

After fixing some bugs regarding this module, below's the before and after look.

Before

After

Beta version prints out some javascript syntax. Already got rid of this in version 2. Also the later is much more neat than the first, providing us the data we only need. Links are not duplicated and well ordered. And as usual, results are printed on Nightcrawler.txt.

spd>Ctrl+f

In this version I got rid of the duplicate results. This is to avoid ambiguity and redundancies. I made this possible by adding each results in a list. Before preceding in a loop, it will first check if a certain match does not exist on newurlArray(name of the list). If it does not it wont proceed with the condition. Here's the code:

spd>IsitDwn

Here are the changes for this module.

Did add some status codes for site status validation.
Obviously can now be executed by using the defined command line
Can now check the status of just a single site.(remember in the previous version it only check sites in the input file)

spd>VT

This module is somehow, the thing I'll brag about on this version. Virustotal has become an essential threat intel site we check to validate threat's reputation and infos. So I managed to have this as the automated version. In this section, I'll discuss just its brief details. In the future I'll elaborate the functionalities.

*vt [-url]

This is to execute url evaluation of a single or multiple websites.

a. vt -url –-input → this evaluate sites that are in vt_input_url.txt.

URLs are identified below.

Result will display engine detection ratio, date first analyzed and date last analyzed, thus below's the result.

Output will be on output3.txt

This is also capable of single URL check.

b. vt -hash –-input

This checks if a certain hash is malicious or not. Input will be written on vt_input_other.txt.Again, I did not set limit for the input, so you can input unlimited amount of hashes.

Executing the command, below's the result.

Below's for the the single input

As usual output will be displayed on output.txt.

spd>Whois -ip –-i

This module is to evaluate given IP address, and apply whois method to such.

Input will be on ip-whois.txt

Applying the complete command , below will be the output.

Output would be saved in output file.

Can also be good with just single IP check.

spd>whois -rep ipvoid [ipaddress]

With command whois -rep ipvoid [ipaddress], would output results coming from ipvoid threat intel site.

Just like the previous modules, evaluation from file input has no limit.

Here's the output.

In text file:

In cmd

IP could also be checked in single input

spd>Snip

This module take a snapshot with the site without the aid of a browser with the help of webdriver.phantomJS module.

snip/sc http://www.hacking-tutorial.com/hacking-tutorial/code-your-first-simple-sql-injection-checking-vulnerability-with-python/#sthash.g4OMpVWk.kpVcI755.dpbs

Below is the result

Image was saved on C: drive

And we have the screenshot of the site

spd>mail

Decided to have a little collaboration with the app user. That is why I put an email section where user can contact me and provide me feedback regarding my app.