Xiom is a powerful command-line OSINT reconnaissance tool for website and server fingerprinting. Extract sensitive infrastructure details, server types, SSL certificates, DNS records, and technology stacks from any target URL in seconds.
Perfect for security researchers, penetration testers, IT security professionals, and threat intelligence analysts.
π§ Server Identification
- Detect web server type, version, and configuration
- Identify CMS platforms (WordPress, Drupal, Joomla, etc.)
- Recognize web frameworks (Express, Django, Rails, Laravel, etc.)
π SSL/TLS Intelligence
- Certificate details, issuers, and expiration dates
- Cipher suite and protocol version info
- Certificate chain analysis
π‘ DNS & Network Reconnaissance
- A, AAAA, MX, NS, CNAME, TXT, SOA records
- IP address resolution and reverse lookups
- Nameserver detection
π HTTP Fingerprinting
- Server headers and banner grabbing
- Technology stack detection
- Response metadata analysis
π Multiple Output Formats
- Beautiful colored terminal output (default)
- JSON export for automation and integration
- Detailed text reports
βοΈ Extensible Configuration
- API key support for enhanced data sources (VirusTotal, Shodan, AbuseIPDB)
- Custom timeout and retry settings
- Configurable port scanning
- Python 3.7+
- pip (Python package manager)
- 5 minutes to set up
-
Clone the repository:
git clone https://github.com/xdrew87/Xiom.git cd Xiom -
Install dependencies:
pip install -r requirements.txt
-
Copy config template (optional):
cp config.json.template config.json # Edit config.json to add API keys for enhanced features -
Run your first scan:
python3 xiom.py https://example.com
Done! π
The simplest way to fingerprint a target:
python3 xiom.py https://example.comGet JSON output for scripting/automation:
python3 xiom.py https://example.com --json > results.jsonVerbose mode for debugging issues:
python3 xiom.py https://example.com --verboseCustom config file:
python3 xiom.py https://example.com --config custom_config.jsonBoth HTTP and HTTPS versions:
python3 xiom.py example.com # Auto-detects https
python3 xiom.py http://example.com # Force httpββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β XIOM FINGERPRINT REPORT β
β https://example.com β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
[β] SERVER INFORMATION
Server: nginx/1.21.0
Operating System: Linux
IP Address: 93.184.216.34
[β] WEB FRAMEWORK
Framework: Express.js 4.17.1
Runtime: Node.js
Language: JavaScript
[β] SSL/TLS CERTIFICATE
Issuer: Let's Encrypt Authority X3
Valid From: 2023-01-15
Valid Until: 2024-01-15
Cipher Suite: TLS 1.3
[β] DNS RECORDS
A Records: 93.184.216.34
MX Records: mail.example.com (priority: 10)
NS Records: ns1.example.com, ns2.example.com
[β] OPEN PORTS
80/tcp (HTTP) - Open
443/tcp (HTTPS) - Open
22/tcp (SSH) - Closed
Copy the template and edit with your settings:
cp config.json.template config.json
# Edit config.json{
"timeout": 10,
"verify_ssl": true,
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
"api_keys": {
"virustotal": "YOUR_API_KEY_HERE",
"shodan": "YOUR_API_KEY_HERE"
},
"ports_to_scan": [80, 443, 22, 21, 8080, 8443, 3306, 5432],
"max_retries": 3,
"retry_delay": 2
}To unlock enhanced features, add API keys to config.json:
| Service | Features | How to Get |
|---|---|---|
| VirusTotal | Malware/phishing detection, domain reputation | virustotal.com/gui |
| Shodan | Open port enumeration, service version details | shodan.io |
| AbuseIPDB | IP reputation and threat data | abuseipdb.com |
Security Best Practice: Never commit config.json with real API keys!
# Use environment variables instead
export VIRUSTOTAL_API_KEY="your_key_here"
export SHODAN_API_KEY="your_key_here"Add config.json to .gitignore (already done).
- β Only scan systems you own or have written permission to test
- β Respect rate limits and API quotas
- β Use for legitimate security research and IT operations
- β Document and log all scanning activities
- β Never scan third-party infrastructure without authorization
- β Never use for malicious purposes
Legal Warning: Unauthorized computer access is illegal in most jurisdictions. Violators may face criminal prosecution and civil liability.
For security issues, see SECURITY.md.
# 1. Scan a website
python3 xiom.py https://github.com --json > github_scan.json
# 2. View results
cat github_scan.json | jq .
# 3. Extract specific data
cat github_scan.json | jq '.http.server'
# 4. Process results in your security tool
# (Post to Slack, log to SIEM, store in database, etc.)We love contributions! See CONTRIBUTING.md for:
- How to report bugs
- How to suggest features
- Development setup guide
- Pull request guidelines
- Code style conventions
Quick start contributing:
# 1. Fork the repo on GitHub
# 2. Create a branch for your feature
git checkout -b feature/your-feature
# 3. Make changes and test
python3 xiom.py https://example.com
# 4. Push and open a pull request
git push origin feature/your-featureThis project is licensed under the MIT License β see LICENSE for full details.
TL;DR: Free to use, modify, and distribute. Include the license in your project.
- Bug Reports: GitHub Issues
- Feature Requests: GitHub Issues - Feature Label
- Security Vulnerabilities: See SECURITY.md for responsible disclosure
- Questions? Open an issue with the
questionlabel
- Batch mode (scan multiple URLs from file)
- Export to PDF/HTML reports
- GUI version (PYQT6)
- Automated scanning schedules
- Custom fingerprint rules
- REST API for integration
- Subdomain enumeration
- Technology database updates
- GitHub: https://github.com/xdrew87/Xiom
- Author: @xdrew87
- Issues: Report a bug
- License: MIT
Built with β€οΈ for security researchers, penetration testers, and IT professionals.
Stay curious. Stay ethical. Happy hunting! π