Giters

LuD1161 / upi-recon

A command line tool for UPI payment address discovery and reconnaissance

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

upi-recon

screenshot of upi-recon

A command line tool for UPI payment address discovery and reconnaissance.

Requirements

pip install -r requirements.txt

Configuration

You can use the following command to add an API key ID to the configuration file.

upi-recon.py <phone_number> --api_key_id <api_key_id>

Please refer to the documentation provided by Razorpay in order to generate valid API credentials.

Note: Razorpay does not seem to consider an API key ID as being sensitive information. Further, while the process of arbitrarily discovering the API key ID for a Razorpay merchant is fairly straightforward, it is beyond the scope of the repository and will thus not be covered. It is suggested that you generate your own Razorpay API credentials for use with upi-recon.

Usage

Query all possible UPI addresses for the provided phone number

upi-recon.py -p <phone_number>

Query all possible UPI addresses for the provided phone number using a specified number of threads

upi-recon.py -p <phone_number> -t 5

Query a single UPI address for the provided VPA

upi-recon.py -v <single_vpa>

Query all possible UPI addresses for the provided Gmail address

upi-recon.py -g <gmail_username>

Query all possible FASTag addresses for a vehicle registration number

upi-recon.py -f <vehicle_number>

Query all possible UPI addresses for a given term

upi-recon.py -w <word>

Contributions

Contributions are welcome. Feature wishlist:

  • Introduce support for more API providers
  • Introduce support for wordlist based address discovery
  • Refactor for release as Python module
  • Introduce support for FASTag addresses
  • Introduce support for Google Pay addresses
  • Improve argument parsing code

Disclaimer

Note: Unified Payment Interface ("UPI") Virtual Payment Addresses ("VPAs") do not carry a data security classification by virtue of their usage in practice, and should as such be considered to be public information, similar to how email addresses may be considered to be public information.

This tool allows users to 1) check the existence of UPI payment addresses, and 2) fetch associated information about the account holder, in an automated manner based on provided input. This functionality is already available (however, not in an automated fashion) through most UPI payment applications available on the Android and/or iOS platforms.

This tool is provided "AS IS" without any warranty of any kind, either expressed, implied, or statutory, to the extent permitted by applicable law.

About

A command line tool for UPI payment address discovery and reconnaissance

License:GNU General Public License v3.0

Languages

Language:Python 100.0%