Skip to content

NCRIF/exploiter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

exploiter

  ___          _     _ _           
 | __|_ ___ __| |___(_) |_ ___ _ _ 
 | _|\ \ / '_ \ / _ \ |  _/ -_) '_|
 |___/_\_\ .__/_\___/_|\__\___|_|  
         |_|                       

Mass exploitation tool. Queries Shodan's public facet endpoint by any dork field, pulls facet data, filters by country, and writes results to disk. No API key needed.

Features

flag what it does
-d any shodan dork (http.title, org, ssl, port, city, ...)
-f facet to extract: 15 types: ip, country, asn, org, port, os, product, device, city, isp, domain, http.title, http.waf, ssl.version, vuln
-c country code filter, prefix matching (-c U lists UA UG UM US UY UZ)
-o write results to file (-o results.txt)
-C load config profile from ~/.config/exploiter/ (-C MyCfg)
--make-cfg interactive config generator
IPv4 validation baked into the parser. malformed addresses get dropped
UPX compression on every build

Dependencies

# Debian/Ubuntu
sudo apt install libcurl4-openssl-dev upx-ucl

# Fedora
sudo dnf install libcurl-devel upx

# Arch
sudo pacman -S curl upx

# macOS
brew install curl upx

UPX is optional. install it for a compressed binary; the build skips it if not found.

Install

git clone https://github.com/NCRIF/exploiter.git
cd exploiter
./install.sh

This builds the binary and interactively creates ~/.config/exploiter/default.

Or just build without installing:

make

Usage

exploiter <query> [-C <profile>] [-d <dork>] [-f <facet>] [-c <cc>] [-o <file>]

Only the query is required. everything else falls back to config defaults or built-in defaults (dork=http.title, facet=ip).

exploiter IPCam                      # http.title:IPCam, ip facet, all countries
exploiter IPCam -f org -c US         # same query, org facet, US only
exploiter IPCam -d ssl -f ip -c DE   # ssl dork, ip facet, germany
exploiter IPCam -C cams              # loads ~/.config/exploiter/cams

Country prefix matching:

$ exploiter IPCam -c U
cc 'U' matches:
  UA
  UG
  UM
  US
  UY
  UZ
$ exploiter IPCam -c US   # exact match, runs normally

Configs:

$ exploiter --make-cfg myprofile
dork [http.title]:
facet [ip]: org
country (optional) []: US
query (optional) []:
wrote /home/cran/.config/exploiter/myprofile

$ exploiter -C myprofile IPCam    # uses the profile's defaults

Output

Results are one per line to stdout. -o <file> writes to a file instead. Stderr gets the result count and parse time.

Project structure

exploiter.c               entry point, arg parsing, usage
helpers/
  common.h / common.c     ccodes, ftypes, validators, prefix matching
  fetch.h / fetch.c       HTTP fetch, HTML parse, URL encoding, IPv4 validation
  config.h / config.c     config paths, load/save, interactive template generator
Makefile                  build, upx, clean
install.sh                build + setup default config

License

AGPLv3. Copyright (C) 2026 NCRIF.

About

A raw Shodan dork scraper to harvest mass target lists. Built in C, zero API keys required.

Topics

Resources

License

Contributing

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors