Doxtool is a Python tool made by Cutypie, This tool gives you the ability to reverse phone number lookups. The tool sending multiple caller id request to their databases using encrypt and decrypt request body technology that include more then 4 Layers of encryptions.
- Gets information about phone numbers from 5 different databases
- Shows names, pictures, and locations connected to the number
- Checks if the number is used for spam
- Shows social media profiles if available
- Profile Picture
- First Name, Last Name
- Location Address
- Email Address
- Facebook Profile Data
- Facebook Profile Link
- Is a Spammer (True, False)
- Country
- Description
- Business Website
- Opening Hours Business
- Street
- City
- Area
- Jobs
- Google Map Places Coords
- Region
- Report count
- Old phone number
- Phone type
- Etc...
- MD5 hash for security
- Base64 encoding
- Custom text shifting
- GZIP compression
- AES encryption (128 bit)
- RSA encryption for keys
- Random IV generation
- PKCS7 padding
Sync.ME also have a website you can use with limited search (https://sync.me/)
- hashing
- URL Encoding
- GZIP compression
- auth keys header hashing
- URL Encoding
- GZIP compression
- auth token header generation
- URL Encoding
- GZIP compression
Truecaller also have a website you can use with limited search (https://www.truecaller.com/)
- I analyzed their API request to understand how the security work and how the data sent (Headers, stamp, base64 phone number format, etc...)
- I used ADB to dump the app, then found an encryption native library ".so" file exstention.
- I used IDA to reverse the native library and found the encryption process the app is using
- Using jadx-gui + Frida to hook another encryption layer function of the request body data that using shifting algorithm to make it harder to reverse
- Made a full python script that Decrypt all of this process and get the clear decoded data from the database.
- I analyzed their API request also to understand the request format and the security usage.
- Found that thet using multiple of layers encryptions using Frida tool such us:
- AES-128: for the request body encryption
- RSA: for the AES key
- Custom request Stamping algorithm
- GZIP compression: for large requests
- Made a full python script that Decrypt all of this process and get the clear decoded data from the database.
- This databases added in the new version (23/01/2025) by Me
- I Found the request format + hooked the functions for auth headers, hashing and more to make the script work
- Clone this repository
- Install requirements:
pip install -r requirements.txt