Scan the TOR Exit Relay using Exitmap

Exitmap is a fast and modular Python-based scanner for Tor exit relays. Exitmap modules implement tasks that are run over (a subset of) all exit relays. If you have a background in functional programming, think of exitmap as a map() interface for Tor exit relays. Modules can perform any TCP-based networking task; fetching a web page, uploading a file, connecting to an SSH server, or joining an IRC channel.
In practice, exitmap is useful to monitor the reliability and trustworthiness of exit relays. Mainly, we use exitmap to check for false negatives on the Tor Project’s check service and to find malicious exit relays. It is easy to develop new modules for exitmap; just have a look at the file HACKING in the doc/ directory, or check out one of the existing modules.
Exitmap uses Stem to create circuits to all given exit relays, and as soon as tor notifies exitmap of an established circuit, a module is invoked for the newly established circuit. Modules can be pure Python scripts or executables. For executables,torsocks is necessary.

Running exitmap

The only argument exitmap requires is the name of a module. For example, you can run exitmap with the checktest module by running:
$ ./bin/exitmap checktest
The command line output will then show you how Tor bootstraps, the output of the checktest module, and a scan summary. If you don’t need three hops and prefer to use two hops with a static first hop, run:
$ ./bin/exitmap --first-hop CCEF02AA454C0AB0FE1AC68304F6D8C4220C1912 checktest
To run the same test over German exit relays only, execute:
$ ./bin/exitmap --country DE --first-hop CCEF02AA454C0AB0FE1AC68304F6D8C4220C1912 checktest
If you want to pause for five seconds in between circuit creations to reduce the load on the Tor network and the scanning destination, run:
$ ./bin/exitmap --build-delay 5 checktest

Learn more about it here.

Irfan Shakeel
Irfan Shakeel, the founder of ehacking project, he also hosts cyber security training classes at EH Academy. He has discovered many vulnerabilities in the famous platforms (like Google, Dailymotion, Harvard University & etc.). He specializes in Network hacking, VoIP pentesting & digital forensics. He is the author of the book title “Hacking from Scratch”.

Most Popular

Why You Need a Disaster Recovery Plan (DRP)

Although an apocalyptic IT network disaster may be unthinkable, a company should plan for its eventual occurrence and remediation. Sooner or later, catastrophe will...

Access Target’s Webcam, Microphone, Device location, and more

Cybercriminals and black hat hackers exploit system vulnerabilities and human weaknesses as well. This hacking tutorial discusses how a malicious actor can access any...

The Benefits of Automated Penetration Testing

Penetration testing has been one of the industries that are relatively slow adopters of automation. As security firms started automating many parts of the...

Wii Features That We Loved The Most and Would Like to See on Other Consoles

The Wii was released in the US on November 19, 2006, for $249 and is the smallest of the 7th generation consoles. Its dimensions...