/Google-Indicator-Search

Programmatically find relationships between a list of strings using Google.

Primary LanguagePythonMIT LicenseMIT

[Google Indicator Search]

Programmatically find relationships between a list of strings using Google.

Use Cases

  • Detect signs of potential threats in public places

    • Add list of public place to static_strings
    • Add list of trigger/angry words/phrases to list_to_check_against
    • Run python3 googleIndicatorSearch.py to find possible relationships

  • Detected defaced websites along with threat actor names

    • Add name of the threat actor to static_strings
    • Add list of keywords to list_to_check_against
    • Run python3 googleIndicatorSearch.py to find possible relationships

  • Detected publicly accessible webshells

    • Add name of the webshell to static_strings
    • Add list of keywords to list_to_check_against
    • Run python3 googleIndicatorSearch.py to find possible relationships

Prerequisities

  • Ubuntu 18.04 (should work on other Linux distros)
  • Python 3.7.3
  • Python 3 Pip
  • DEB Packages:
    • gcc

Setup

Run the following command to install Pip packages:

pip3 install -r requirements.txt

Usage

  • Add static strings to the static_string list
  • Add all other strings to the list_to_check_against list
  • Run:
python3 googleIndicatorSearch.py

Things to know

  • Be responsible!!!
  • This program is only as strong as the yaml lists
  • Using a Python virtual environment is highly recommended
  • Too many requests will result in a urllib.error.HTTPError: HTTP Error 429: Too Many Requests error

Please fork, create merge requests, and help make this better.