Overview BloodCat provides a command-line interface for scanning RTSP cameras with weak credentials. The tool supports both single-target scanning and geographical discovery via FoFa integration.
Basic Syntax python3 bloodcat.py [OPTIONS]
Command-Line Arguments Single Target Scanning Specify a single IP address and port to scan in the format IP:PORT. Example: python3 bloodcat.py --ip "80.191.192.230:554"
When this option is provided, BloodCat will scan only the specified target without using FoFa API. Geographical Discovery Your FoFa API key for performing geographical queries. Example: python3 bloodcat.py --country CN --key "your-fofa-api-key"
Required when using geographical discovery mode (—country, —region, or —city).
Filter targets by country code (ISO 3166-1 alpha-2 format). Example: python3 bloodcat.py --country CN --key "your-fofa-api-key"
Common country codes:
CN - ChinaUS - United StatesGB - United KingdomJP - JapanDE - Germany Filter targets by region or state within a country. Example: python3 bloodcat.py --country CN --region HK --key "your-fofa-api-key"
Region names vary by country. Use common abbreviations or full names.
Filter targets by city name. Example: python3 bloodcat.py --country US --city "New York" --key "your-fofa-api-key"
You can combine —region and —city for more precise targeting.
Usage Modes
Single Target Mode Use --ip to scan a specific camera without FoFa integration. python3 bloodcat.py --ip "192.168.1.100:554"
Discovery Mode Use --key with geographical filters to discover multiple targets. python3 bloodcat.py --country CN --region HK --key "YOUR_KEY"
Complete Examples Single IP Scan python3 bloodcat.py --ip "80.191.192.230:554"
This command scans a single RTSP camera at the specified IP and port.
Country-Based Discovery python3 bloodcat.py --country CN --key "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Discovery all RTSP cameras in China using your FoFa API key.
Region-Based Discovery python3 bloodcat.py --country CN --region HK --key "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Discovery RTSP cameras specifically in Hong Kong.
City-Based Discovery python3 bloodcat.py --country US --city "Los Angeles" --key "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Discovery RTSP cameras in Los Angeles, United States.
Combined Filters python3 bloodcat.py --country CN --region HK --city "Kowloon" --key "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Use multiple geographical filters for precise targeting.
Help Command Display all available options:
Output:
usage: bloodcat.py [-h] [--country COUNTRY] [--city CITY] [--region REGION] [--key KEY] [--ip IP] Blood Cat - RTSP Camera Weak Credential Scanner optional arguments: -h, --help show this help message and exit --country COUNTRY Country --city CITY City --region REGION Area --key KEY Fofa API key --ip IP IP:PORT
Argument Parsing Details BloodCat uses Python’s argparse module with the following configuration (from bloodcat.py:50-56):
parser = argparse.ArgumentParser( description = 'Blood Cat - RTSP Camera Weak Credential Scanner' ) parser.add_argument( '--country' , default = '' , type = str , help = 'Country' ) parser.add_argument( '--city' , default = '' , type = str , help = 'City' ) parser.add_argument( '--region' , default = '' , type = str , help = 'Area' ) parser.add_argument( '--key' , default = '' , type = str , help = 'Fofa API key' ) parser.add_argument( '--ip' , default = '' , type = str , help = 'IP:PORT' )
All arguments are optional with empty string defaults, but practical usage requires either --ip or --key with geographical filters.