tapir | Cybersecurity | Scoop.it


Tapir is a framework designed to make it easy to discover interesting data about entities - organizations, users, computers, and networks - on the web, using common (and not so common) OSINT techniques.

At the core of Tapir are entities (implemented and database-backed with Mongoid) and the tasks (implemented as small, structured ruby scripts like Metasploit modules) to modify and create entities. Tapir entities are real-world objects that we want to discover more information about.

Tapir tasks are the code that operate on the entities to create findings, new entities, or modify existing entities. Tasks are simple to create, have just enough structure, and harness the power of Ruby to extend the framework in useful ways. Have a look at the existing tasks in the lib/tapir/tasks directory.

Tapir keeps track of entities generated by each task for you. For example, if you add a host entity, and run a 'geolocate_host' task, you'll find that the physical address generated by the task is now a child of that host (and the host is now a parent of that physical address). You can view, modify, and programmatically query and inspect these relationships.

Via Luc Chauvin