QuickTrack is a cross-platform GUI and CLI based tool that helps you to monitor your IP addresses, identify the services running on the open ports as well as help discover any security vulnerabilities in them. It consumes the InternetDB API of Shodan for the scanning phase.
QuickTrack offers a web-based platform which you can try by visiting quicktrack.dev. The website has 2 main functionalities, either the user can explicitly provide an IP address which they would like us to scan or let the platform fetch the user's IP address automatically. Apart from this, the user also has to provide us with an email address where QuickTrack can send an auto-generated report regarding the findings. The IP addresses and emails are automatically saved in our database and will be scanned every week to send fresh reports to the users.
Currently, we offer to monitor only IPv4 addresses and we scan for stuff such as:
- Hostnames
- Open Ports (Only top 1500)
- Services Running on These Ports
- Publicly Known Vulnerabilities Related to Service Versions
- We also allocate tags to the target IP based on services identified
An auto-generated report which is sent to the user after the first scan and then every consecutive week, would look like this.
The database from where we pull the data is updated on a weekly basis so you might not see immediate results for your IP address and you'd have to wait for the recently opened/closed ports to be updated. Same goes for IP addresses of mobile phones / routers. You might not see open ports/services in your report sometimes and the reason is that the crawler only looks for the top 1500 ports (mostly used ones) and rest of them might get ignored.
In order to run QuickTrack locally on your machine either in CLI or GUI mode, you should first meet these requirements:
-
In order to compile the tool/backend, you will have to make sure that you have Go installed on your system. You can head over to their website for the same. At the time of development, our Go version was: go1.13.8 linux/amd64.
-
Our web dashboard works on PHP, so you need to make sure that you have installed PHP on your local system or is used by your local web server before you serve the front-end. Setting up PHP on Linux is relatively easy (sudo apt install php), but for Windows and Mac OS you can refer to their website.
-
The next thing you require is web server software for serving your frontend. For Linux, you can check out Apache (sudo apt install apache2) since we used it a LOT during the development phase. But for Windows and Mac OS, you can check out XAMPP.
-
We require a database for saving the email and IP addresses for future scans. Make sure that you create a table having 2 columns which shall be:
- Email [VARCHAR(50)]
- IP [VARCHAR(16)]
-
The next thing you are required to do is set up an email account through which the reports would be sent by the tool. We are using Gmail for our website and so far it works perfectly!
The only file which would require manual configuration is main.go.
-
You have to edit line no. 64, which contains the SMTP configuration for the email.
Example Config:
d := gomail.NewDialer("smtp.gmail.com", 587, "[email protected]", "secretpassword123")
-
You have to edit line no. 172 and line no. 207 that stores the SQL DB configuration for the tool's database.
Example Config:
db, err := sql.Open("mysql", "root:mydbpassword@tcp(127.0.0.1:3306)/mydatabase")
-
And finally, you are supposed to compile the backend/tool! You can do so by navigating to the backend directory and running:
go build
and you will finally see a binary/executable file in the backend directory named quicktrack.
Once you have edited and compiled the code into a binary/executable, it becomes relatively easy to run QuickTrack in a CLI mode without having to configure any web-related stuff.
Windows | Linux | Mac | Termux |
---|---|---|---|
✔ | ✔ | ✔ | ✔ |
✔ - Tested ❔ - Not tested
Right now we cover 2 scan modes for the users,
-
This is where you provide QuickTrack with an email address (to send the report to) and an IP address (the one to be scanned). This has to be done with the help of flags when running the binary/executable.
-
./quicktrack.exe -ip=<ip-address> -email=<email-address> Example: ./quicktrack.exe -ip=127.0.0.1 [email protected]
-
./quicktrack -ip=<ip-address> -email=<email-address> Example: ./quicktrack -ip=127.0.0.1 [email protected]
Note: In both of the cases, the entries will be saved into the database that you had configured earlier.
-
-
This is where you let QuickTrack pull all the email and IP addresses from the configured database and run scans on all of the entries one by one. Reports will be sent as soon as the scan for the specific entry is finished.
-
./quicktrack.exe -ip=full
-
./quicktrack -ip=full
-
You can make a contribution to this repo by creating a pull request! Make sure you include the following details:
- Feature introduced
- What does the feature do?
- List of External Modules/Packages if used
You can reach us out at [email protected] for any queries, complaints, sugestions/feedbacks etc.
The information provided by QuickTrack on our website or through Github is for general informational purposes only. All information is provided in good faith, regarding the accuracy, adequacy, validity, reliability, availability or completeness of any information on the Site. Under no circumstance shall we have any liability to you for any loss or damage of any kind incurred as a result of the use of the website/tool or reliance on any information provided on the aforementioned. Your use of the platform or tool and your reliance on any information on them is solely at your own risk. QuickTrack takes no responsibility for any intentional misuse of our products and will be willing to share any form of log data if required by the court of law or any law enforcement body.