Hawkeye: filesystem analysis tool

HawkEye

Hawkeye

HawkEye is a simple tool to crawl the filesystem or a directory looking for interesting stuff like SSH Keys, Log Files, SQLite Database, password files, etc. Hawkeye uses a fast filesystem crawler to look through files recursively and then sends them for analysis in real time and presents the data in both JSON format and simple console output. The tool is built with a modular approach making it easy to use and easily extensible.

It can be used during pentests as a privilege escalation tool to look through the filesystem finding configuration files or ssh keys sometimes left by the sys-admins.

Features

  • Simple and modular code base making it easy to contribute.
  • Fast And Powerful Directory crawling module doing real-time analysis
  • Easily extensible and vast scanner (Thanks to Gitrob)
  • Outputs in various formats

Installation

go get github.com/Ice3man543/hawkeye

Usage

Hawkeye needs a directory, to begin with. A directory can be supplied with -d flag. For example –

./hawkeye -d <directory>

To run it against my home directory, I can pass /home/ice3man as the argument.

You can use -v flag to show verbose output. You can also get json output using -o flag.

You can list the signatures present in the tool’s database by using -l option.

You can specify the signatures to be used by the tool by passing the –sig flag. It takes a comma-separated list of signatures to be used. You can also specify exclusion of certain signatures using –exclude-sig flag.

Copyright (c) 2018 Nizamul Rana

Source: https://github.com/Ice3man543/