Metadata-Version: 2.1
Name: kitintel
Version: 2.7
Summary: The phishing Kit Intelligence Tracker (KIT) APIs are a set of static analysis tools for investigating and comparing phishing kit content within single or multiple kits.
Home-page: https://github.com/JCyberSec/KIT
Author: Jake
Author-email: api-info@wmcglobal.com
License: UNKNOWN
Project-URL: Bug Tracker, https://github.com/JCyberSec/KIT/issues
Platform: UNKNOWN
Classifier: Programming Language :: Python :: 3
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.6
Description-Content-Type: text/markdown
License-File: LICENSE

# KIT Intel Wrapper 


The phishing Kit Intelligence Tracker (KIT) APIs are a set of static analysis tools for investigating and comparing phishing kit content within single or multiple kits. It can search file hashes, search file content, retrieve content, and submit kits to KIT for cross-analysis.

A phishing kit is a package of software tools, often in the form of a compressed file, that makes it easier to launch phishing attacks and exploits. Phishing kits allow attackers to deploy and redeploy phishing infrastructure before and during an attack rapidly. There are various types of phishing kits, from those targeting consumers, employees, financial institutions, marketplaces, and many more. Kits can deploy malware, collect credentials, detect bots, block IP ranges, generate QR codes, and update dynamically. Use KIT to ingestigate and compare phishing kits, discover evidence about attackers and kit publishers, identify evasion techniques, and find new exploits.

# Contents
- [Features](#features) <br/>
- [Set API as environment variable](#apikey) <br/>
- [Flags](#flags) <br/>
- [Technical Usage](#technical) <br/>
- [Sample Usage](#sample) <br/>



## Features <a name="features"></a>
Search KIT Intel <br/>
Download content <br/>
Define time parameters <br/>
Define result count <br/>
Automatically extract fields <br/>

## Set API as environment variable <a name="apikey"></a>

This script uses Environment Variables to get your API key.

Windows (cmd)
```
$ setx KITAPI "APIKEY"
```

Unix  
```
$ export KITAPI="APIKEY"
```

## Flags <a name="flags"></a>
Search
  - -s / --search :: The search term
  - -f / --filter :: Filter return keys. Split multiple keys with a comma
  - -n / --number :: Number of items to return (Default=100)
  - -d / --date :: Date range to search - 24h, 30d, 90d etc. (Default=24h)

Content
  - -u / --uuid :: UUID(s) to retrieve content for - Can submit multiple either comma or space separated 
  - -d / --download :: Download content to file
  - -j / --json :: Print return JSON 

Submit
  - -f / --file :: Submit a phishing kit for analysis. Submit a single file, multiple files, or a directory

# Technical Usage <a name="technical"></a>
```
usage: KIT.py [-h] {search,content,submit} ...

Wrapper for KIT Intel's API

positional arguments:
  {search,content,submit}
                        commands
    search              Search KIT Intel
    content             Download file content
    submit              Submit a phishing kit for analysis. Submit a single file, multiple files, or a directory

optional arguments:
  -h, --help            show this help message and exit
```
---
```
usage: mainV2.3.py search [-h] -s SEARCH [-f FILTER] [-n NUMBER] [-d DATE]

optional arguments:
  -h, --help            show this help message and exit
  -s SEARCH, --search SEARCH
                        Search term
  -f FILTER, --filter FILTER
                        Filter return keys. Split multiple keys with a comma
  -n NUMBER, --number NUMBER
                        Number of items to return - Default 100
  -d DATE, --date DATE  Date range to search - 24h, 30d, 90d etc.
```
---
```
usage: mainV2.3.py content [-h] -u UUID [UUID ...] [-d] [-j]

optional arguments:
  -h, --help            show this help message and exit
  -u UUID [UUID ...], --uuid UUID [UUID ...]
                        UUID(s) to retrieve scans for
  -d, --download        Download content to file
  -j, --json            Print JSON data
```
---
```
usage: KIT.py submit [-h] -f FILE [FILE ...]

optional arguments:
  -h, --help            show this help message and exit
  -f FILE [FILE ...], --file FILE [FILE ...]
                        Zip file(s) to submit
```
---
# Sample Usage <a name="sample"></a>
```
$ python3 KIT.py search -s 'content:google, filetype: php' -d 3d -f 'kit.UUID, filename' -n 3
$ python3 KIT.py content -u 2e517c8f-9375-4f55-a503-ca5bbd4d4a5b
$ python3 KIT.py submit -f ./16shop_V8.1_CRACKED.zip
```


