# intelx.py
intelx.py is a Python command-line utility and API wrapper for intelx.io, made
to perform any kind of open-source intelligence.
## Installation
### Python Packaging Index
```bash
pip install intelx
```
```bash
pip install --index-url https://pypi.python.org/simple/ intelx
```
### GitHub
```bash
pip install "intelx @ git+https://github.com/IntelligenceX/SDK#subdirectory=Python"
```
```bash
git clone https://github.com/IntelligenceX/SDK
cd Python
pip3 install -e .
```
## Setup
To specify the API key to use, you can choose one of two options:
* Setting the `INTELX_KEY` environment variable.
* Manually supplying the `-apikey` argument.
You can get your API key [here](https://intelx.io/account?tab=developer)
### Environment Variable
```bash
# create an INTELX_KEY env var with your API key.
export INTELX_KEY=00000000-0000-0000-0000-000000000000
```
### Via the client
```bash
intelx.py -search riseup.net -apikey 00000000-0000-0000-0000-000000000000
```
## Configuration
On windows, we need to manually configure the command prompt/terminal in order
to enable color support. You can do that with the following instructions:
1. Create following file `Enable Color.reg`
```
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Console]
"VirtualTerminalLevel"=dword:00000001
```
2. Right Click `Enable Color.reg` -> Merge
## Usage
### Quick search
```bash
intelx.py -search riseup.net
```
#### Quick search in buckets
```bash
intelx.py -search riseup.net -buckets "pastes, darknet.tor"
```
#### Search with 100 results
```bash
intelx.py -search riseup.net -limit 100
```
#### Download Item
The `-download` argument will set the HTTP request type to a stream,
ultimately returning the raw bytes.
This allows us to download documents such as PDFs, ZIP, Word documents, Excel,
etc.
The `-bucket` argument is also required.
You may set the filename with the `-name` argument.
```bash
# save item as test.pdf
intelx.py -download 29a97791-1138-40b3-8cf1-de1764e9d09c -bucket
leaks.private.general -name test.txt
```
#### View Item
To view the full data of a specific search result, specify the item's ID and
use the `--view` parameter:
```bash
intelx.py -search 3a4d5699-737c-4d22-8dbd-c5391ce805df --view
```
#### Extract Email from Phonebook Search
```bash
intelx.py -search cia.gov --phonebook emails
```
### Identity Portal
#### Export Accounts
```bash
intelx.py -identity riseup.net --exportaccounts
```
#### Data Leaks
```bash
intelx.py -identity riseup.net --dataleaks
```
# Usage as a library
To use IntelX it as a library, all you have to do is import it in your
project, and initialize the class. If you supply an API key, it will use that,
if not, it will automatically select the public API key (limited
functionality).
```python
from intelxapi import intelx
intelx = intelx()
```
Once you have done that, you can use any of the functions defined in the class.
## Quick search
To execute a quick search, we can easily just use the `intelx.search()`
function.
```python
from intelxapi import intelx
intelx = intelx('00000000-0000-0000-0000-000000000000')
results = intelx.search('hackerone.com')
```
### Advanced search
By default, the `maxresults` limit is set to 100 to avoid unnecessarily
overloading the system. This value can be overridden at any time by setting
the maxresults argument. Note that server side limitations might be still
enforced by the API.
```python
from intelxapi import intelx
intelx = intelx('00000000-0000-0000-0000-000000000000')
results = intelx.search('hackerone.com', maxresults=200)
```
The following arguments have default values, but can be overridden to your
choosing:
* maxresults=100
* buckets=[]
* timeout=5
* datefrom=""
* dateto=""
* sort=4
* media=0
* terminate=[]
Timeout is in seconds.
#### Searching in specific Buckets
To search a for a term within specific buckets (leaks & darknet), you can use
the following sample code:
```python
from intelxapi import intelx
b = ['darknet', 'leaks.public', 'leaks.private']
intelx = intelx('00000000-0000-0000-0000-000000000000')
results = intelx.search('hackerone.com', maxresults=200, buckets=b)
```
`results` contains the search results.
Note that your account must have access to all specified buckets, otherwise
you will receive the HTTP status code `401 Unauthorized`. The "leaks.private"
bucket is only available to certain licenses.
#### Filtering by Date
Results can be filterede by date. When setting the `dateto` and `datefrom`
options, both must be specified. The times have to be included.
```python
from intelxapi import intelx
startdate = "2014-01-01 00:00:00"
enddate = "2014-02-02 23:59:59"
intelx = intelx('00000000-0000-0000-0000-000000000000')
results = intelx.search(
'riseup.net',
maxresults=200,
datefrom=startdate,
dateto=enddate
)
```
#### Filtering by Data Type
We can filter results based on their data type using the `media` argument.
Using the following script, we can filter paste documents dated between
2014-01-01 and 2014-02-02 that have been collected.
You can find a table below with all the media types and their respective IDs.
```python
from intelxapi import intelx
media_type = 1 # Paste document
startdate = "2014-01-01 00:00:00"
enddate = "2014-02-02 23:59:59"
intelx = intelx('00000000-0000-0000-0000-000000000000')
results = intelx.search(
'riseup.net',
maxresults=200,
media=media_type,
datefrom=startdate,
dateto=enddate
)
```
#### Statistics
To collect statistics, use the following code:
```python
from intelxapi import intelx
intelx = intelx('00000000-0000-0000-0000-000000000000')
results = intelx.search(
'riseup.net',
maxresults=1000,
)
stats = intelx.stats(search)
print(stats)
```
### Viewing/reading files
There is one fundamental difference between the `FILE_VIEW` function and
`FILE_READ` function. Viewing is for quickly viewing contents of a file
(generally assumed to be text).
`FILE_READ`, on the other hand, is for direct data download.
This means if the resource is a ZIP/Binary or any other type of file, you can
reliably get the contents without any encoding issues.
#### Viewing
```python
from intelxapi import intelx
intelx = intelx()
results = intelx.search('riseup.net')
# use the first result
result = results['records'][0]
# grab file contents of first search result
contents = intelx.FILE_VIEW(result['type'], result['media'],
result['storageid'], result['bucket'])
print(contents)
```
#### Reading
To download/read a file's raw data, use the `FILE_READ` function. The file in
the below example will be saved as `file.txt`.
```python
from intelxapi import intelx
intelx = intelx()
results = intelx.search('riseup.net')
# save the first search result file as "file.txt"
intelx.FILE_READ(results['records'][0]['systemid'], 0,
results['records'][0]['bucket'], "file.txt")
```
### Other Notes
#### Media Types
Here is a table listing the media types, along with their respective IDs.
| ID | Media Type |
| ------------- | -----------------------------------|
| 0 | All |
| 1 | Paste document |
| 2 | Paste user |
| 3 | Forum |
| 4 | Forum board |
| 5 | Forum thread |
| 6 | Forum post |
| 7 | Forum user |
| 8 | Screenshot of website |
| 9 | HTML copy of website |
| 13 | Tweet |
| 14 | URL |
| 15 | PDF document |
| 16 | Word document |
| 17 | Excel document |
| 18 | Powerpoint document |
| 19 | Picture |
| 20 | Audio file |
| 21 | Video file |
| 22 | Container file (ZIP/RAR/TAR, etc) |
| 23 | HTML file |
| 24 | Text file |
#### Format Types
| ID | Format Type |
|----|-------------------------------------|
| 0 | textview of content |
| 1 | hex view of content |
| 2 | auto detect hex view or text view |
| 3 | picture view |
| 4 | not supported |
| 5 | html inline view (sanitized) |
| 6 | text view of pdf |
| 7 | text view of html |
| 8 | text view of word file |
# Contribute
Please use the [issue tracker](https://github.com/IntelligenceX/Python/issues)
to report any bugs, security vulnerabilities or feature requests.
Includes contributions from [CSIRTAmericas](https://github.com/CSIRTAmericas/pyintelxio)
, [zer0pwn](https://github.com/zeropwn/intelx.py) and
[others](https://github.com/IntelligenceX/SDK/graphs/contributors)
Raw data
{
"_id": null,
"home_page": null,
"name": "intelx",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": null,
"keywords": "IntelligenceX, _IntelligenceX, _intelx, intelligence x, intelx, intelx.io",
"author": null,
"author_email": "\"Kleissner Investments s.r.o./ Dominik Penner\" <info@intelx.io>",
"download_url": "https://files.pythonhosted.org/packages/e2/65/a04efda093eff729494cfb11dd5b3908593b0de036b077cf4c598b8b6ee7/intelx-0.6.3.tar.gz",
"platform": null,
"description": "# intelx.py\n\nintelx.py is a Python command-line utility and API wrapper for intelx.io, made\nto perform any kind of open-source intelligence.\n\n\n\n## Installation\n\n### Python Packaging Index\n\n```bash\npip install intelx\n```\n\n```bash\npip install --index-url https://pypi.python.org/simple/ intelx\n```\n\n### GitHub\n\n```bash\npip install \"intelx @ git+https://github.com/IntelligenceX/SDK#subdirectory=Python\"\n```\n\n```bash\ngit clone https://github.com/IntelligenceX/SDK\ncd Python\npip3 install -e .\n```\n\n## Setup\n\nTo specify the API key to use, you can choose one of two options:\n\n* Setting the `INTELX_KEY` environment variable.\n* Manually supplying the `-apikey` argument.\n\nYou can get your API key [here](https://intelx.io/account?tab=developer)\n\n### Environment Variable\n\n```bash\n# create an INTELX_KEY env var with your API key.\nexport INTELX_KEY=00000000-0000-0000-0000-000000000000\n```\n\n### Via the client\n\n```bash\nintelx.py -search riseup.net -apikey 00000000-0000-0000-0000-000000000000\n```\n\n## Configuration\n\nOn windows, we need to manually configure the command prompt/terminal in order\nto enable color support. You can do that with the following instructions:\n\n1. Create following file `Enable Color.reg`\n\n```\nWindows Registry Editor Version 5.00\n[HKEY_CURRENT_USER\\Console]\n\"VirtualTerminalLevel\"=dword:00000001\n```\n\n2. Right Click `Enable Color.reg` -> Merge\n\n## Usage\n\n### Quick search\n\n```bash\nintelx.py -search riseup.net\n```\n\n#### Quick search in buckets\n\n```bash\nintelx.py -search riseup.net -buckets \"pastes, darknet.tor\"\n```\n\n#### Search with 100 results\n\n```bash\nintelx.py -search riseup.net -limit 100\n```\n\n#### Download Item\n\nThe `-download` argument will set the HTTP request type to a stream,\nultimately returning the raw bytes.\nThis allows us to download documents such as PDFs, ZIP, Word documents, Excel,\netc.\nThe `-bucket` argument is also required.\nYou may set the filename with the `-name` argument.\n\n```bash\n# save item as test.pdf\nintelx.py -download 29a97791-1138-40b3-8cf1-de1764e9d09c -bucket\nleaks.private.general -name test.txt\n```\n\n#### View Item\n\nTo view the full data of a specific search result, specify the item's ID and\nuse the `--view` parameter:\n\n```bash\nintelx.py -search 3a4d5699-737c-4d22-8dbd-c5391ce805df --view\n```\n\n#### Extract Email from Phonebook Search\n\n```bash\nintelx.py -search cia.gov --phonebook emails\n```\n\n### Identity Portal\n\n#### Export Accounts\n\n```bash\nintelx.py -identity riseup.net --exportaccounts\n```\n\n#### Data Leaks\n\n```bash\nintelx.py -identity riseup.net --dataleaks\n```\n\n# Usage as a library\n\nTo use IntelX it as a library, all you have to do is import it in your\nproject, and initialize the class. If you supply an API key, it will use that,\nif not, it will automatically select the public API key (limited\nfunctionality).\n\n```python\nfrom intelxapi import intelx\nintelx = intelx()\n```\n\nOnce you have done that, you can use any of the functions defined in the class.\n\n## Quick search\n\nTo execute a quick search, we can easily just use the `intelx.search()`\nfunction.\n\n```python\nfrom intelxapi import intelx\n\nintelx = intelx('00000000-0000-0000-0000-000000000000')\nresults = intelx.search('hackerone.com')\n```\n\n### Advanced search\n\nBy default, the `maxresults` limit is set to 100 to avoid unnecessarily\noverloading the system. This value can be overridden at any time by setting\nthe maxresults argument. Note that server side limitations might be still\nenforced by the API.\n\n```python\nfrom intelxapi import intelx\n\nintelx = intelx('00000000-0000-0000-0000-000000000000')\nresults = intelx.search('hackerone.com', maxresults=200)\n```\n\nThe following arguments have default values, but can be overridden to your\nchoosing:\n\n* maxresults=100\n* buckets=[]\n* timeout=5\n* datefrom=\"\"\n* dateto=\"\"\n* sort=4\n* media=0\n* terminate=[]\n\nTimeout is in seconds.\n\n#### Searching in specific Buckets\n\nTo search a for a term within specific buckets (leaks & darknet), you can use\nthe following sample code:\n\n```python\nfrom intelxapi import intelx\n\nb = ['darknet', 'leaks.public', 'leaks.private']\n\nintelx = intelx('00000000-0000-0000-0000-000000000000')\nresults = intelx.search('hackerone.com', maxresults=200, buckets=b)\n```\n\n`results` contains the search results.\n\nNote that your account must have access to all specified buckets, otherwise\nyou will receive the HTTP status code `401 Unauthorized`. The \"leaks.private\"\nbucket is only available to certain licenses.\n\n#### Filtering by Date\n\nResults can be filterede by date. When setting the `dateto` and `datefrom`\noptions, both must be specified. The times have to be included.\n\n```python\nfrom intelxapi import intelx\n\nstartdate = \"2014-01-01 00:00:00\"\nenddate = \"2014-02-02 23:59:59\"\n\nintelx = intelx('00000000-0000-0000-0000-000000000000')\n\nresults = intelx.search(\n 'riseup.net',\n maxresults=200,\n datefrom=startdate,\n dateto=enddate\n)\n```\n\n#### Filtering by Data Type\n\nWe can filter results based on their data type using the `media` argument.\n\nUsing the following script, we can filter paste documents dated between\n2014-01-01 and 2014-02-02 that have been collected.\n\nYou can find a table below with all the media types and their respective IDs.\n\n```python\nfrom intelxapi import intelx\n\nmedia_type = 1 # Paste document\nstartdate = \"2014-01-01 00:00:00\"\nenddate = \"2014-02-02 23:59:59\"\n\nintelx = intelx('00000000-0000-0000-0000-000000000000')\n\nresults = intelx.search(\n 'riseup.net',\n maxresults=200,\n media=media_type,\n datefrom=startdate,\n dateto=enddate\n)\n```\n\n#### Statistics\n\nTo collect statistics, use the following code:\n\n```python\nfrom intelxapi import intelx\n\nintelx = intelx('00000000-0000-0000-0000-000000000000')\n\nresults = intelx.search(\n 'riseup.net',\n maxresults=1000,\n)\n\nstats = intelx.stats(search)\nprint(stats)\n```\n\n### Viewing/reading files\n\nThere is one fundamental difference between the `FILE_VIEW` function and\n`FILE_READ` function. Viewing is for quickly viewing contents of a file\n(generally assumed to be text).\n\n`FILE_READ`, on the other hand, is for direct data download.\n\nThis means if the resource is a ZIP/Binary or any other type of file, you can\nreliably get the contents without any encoding issues.\n\n#### Viewing\n\n```python\nfrom intelxapi import intelx\n\nintelx = intelx()\nresults = intelx.search('riseup.net')\n\n# use the first result\nresult = results['records'][0]\n\n# grab file contents of first search result\ncontents = intelx.FILE_VIEW(result['type'], result['media'],\n result['storageid'], result['bucket'])\n\nprint(contents)\n```\n\n#### Reading\n\nTo download/read a file's raw data, use the `FILE_READ` function. The file in\nthe below example will be saved as `file.txt`.\n\n```python\nfrom intelxapi import intelx\n\nintelx = intelx()\nresults = intelx.search('riseup.net')\n\n# save the first search result file as \"file.txt\"\nintelx.FILE_READ(results['records'][0]['systemid'], 0,\n results['records'][0]['bucket'], \"file.txt\")\n```\n\n### Other Notes\n\n#### Media Types\n\nHere is a table listing the media types, along with their respective IDs.\n\n| ID | Media Type |\n| ------------- | -----------------------------------|\n| 0 | All |\n| 1 | Paste document |\n| 2 | Paste user |\n| 3 | Forum |\n| 4 | Forum board |\n| 5 | Forum thread |\n| 6 | Forum post |\n| 7 | Forum user |\n| 8 | Screenshot of website |\n| 9 | HTML copy of website |\n| 13 | Tweet |\n| 14 | URL |\n| 15 | PDF document |\n| 16 | Word document |\n| 17 | Excel document |\n| 18 | Powerpoint document |\n| 19 | Picture |\n| 20 | Audio file |\n| 21 | Video file |\n| 22 | Container file (ZIP/RAR/TAR, etc) |\n| 23 | HTML file |\n| 24 | Text file |\n\n#### Format Types\n\n| ID | Format Type |\n|----|-------------------------------------|\n| 0 | textview of content |\n| 1 | hex view of content |\n| 2 | auto detect hex view or text view |\n| 3 | picture view |\n| 4 | not supported |\n| 5 | html inline view (sanitized) |\n| 6 | text view of pdf |\n| 7 | text view of html |\n| 8 | text view of word file |\n\n# Contribute\n\nPlease use the [issue tracker](https://github.com/IntelligenceX/Python/issues)\nto report any bugs, security vulnerabilities or feature requests.\n\nIncludes contributions from [CSIRTAmericas](https://github.com/CSIRTAmericas/pyintelxio)\n, [zer0pwn](https://github.com/zeropwn/intelx.py) and\n[others](https://github.com/IntelligenceX/SDK/graphs/contributors)\n",
"bugtrack_url": null,
"license": null,
"summary": "IntelX is a Python command-line utility and API wrapper for intelx.io, made to perform any kind of open-source intelligence.",
"version": "0.6.3",
"project_urls": {
"Bug Tracker": "https://github.com/IntelligenceX/SDK/issues",
"Homepage": "https://github.com/IntelligenceX/SDK/tree/master/Python"
},
"split_keywords": [
"intelligencex",
" _intelligencex",
" _intelx",
" intelligence x",
" intelx",
" intelx.io"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "67e57777f95d802b20a7afcbd76b5d27b6079ea7f7a2f9b53518d74b93521334",
"md5": "2f07fd0544634a355d6daaaa45710798",
"sha256": "45e44d7af00c201afd13f453057cdbb7666a7654866417907846078b8e683422"
},
"downloads": -1,
"filename": "intelx-0.6.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2f07fd0544634a355d6daaaa45710798",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 13365,
"upload_time": "2025-01-02T02:37:16",
"upload_time_iso_8601": "2025-01-02T02:37:16.073902Z",
"url": "https://files.pythonhosted.org/packages/67/e5/7777f95d802b20a7afcbd76b5d27b6079ea7f7a2f9b53518d74b93521334/intelx-0.6.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "e265a04efda093eff729494cfb11dd5b3908593b0de036b077cf4c598b8b6ee7",
"md5": "0009b85db2aad6a850dab08e95d5b3bb",
"sha256": "ca2743e9e78674ceeca2dd2f44eb0e72dc647cfb0e81c9bbfccf0809afd44443"
},
"downloads": -1,
"filename": "intelx-0.6.3.tar.gz",
"has_sig": false,
"md5_digest": "0009b85db2aad6a850dab08e95d5b3bb",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 12557,
"upload_time": "2025-01-02T02:37:17",
"upload_time_iso_8601": "2025-01-02T02:37:17.642333Z",
"url": "https://files.pythonhosted.org/packages/e2/65/a04efda093eff729494cfb11dd5b3908593b0de036b077cf4c598b8b6ee7/intelx-0.6.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-01-02 02:37:17",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "IntelligenceX",
"github_project": "SDK",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "intelx"
}
JSON
