CMSeek is a python tool that is used to detect Content Management System (CMS) within a target website, it can extract useful information like CMS version, installed themes, plugins, usernames, CMS files, and looks for possible vulnerabilities for the identified CMS version. CMSeek can detect more than 130 CMS’s. The CMS detection is performed through HTTP […]
Raccoon is an offensive security tool known for reconnaissance and information gathering. The tool can extract useful information about the target host, such as DNS details, DNS mapping, WHOIS record, Port Scanning, TLS data (TLS version, supported ciphers, certificates), URL fuzzing, subdomains enumeration, and Web Application Firewall (WAF) information. Moreover, the tool is capable of […]
Information Gathering tool for a Website or IP address, use some ideas from Devploit. BillCipher can work in any operating system if they have and support Python 2, Python 3, and Ruby. Features DNS Lookup Whois Lookup GeoIP Lookup Subnet Lookup Port Scanner Page Links Zone Transfer HTTP Header Host Finder IP-Locator Find Shared DNS […]
The Operative Framework tool can be used within a red team/social engineering engagement to collect information regarding websites and enterprises. The tool is capable of finding useful information, such as employees, Linkedin profiles, Emails, subdomains, Whois information, reverse ip lookup information, database file information and much more. Furthermore, one can set a fingerprinting campaign for […]
Devploit is a simple python script to Information Gathering. Download: git clone https://github.com/joker25000/Devploit How to use: cd Devploit chmod +x install ./install Run in Terminal Devploit (To run in Android you do not install file Run direct python2 Devploit) Properties: DNS Lookup Whois Lookup GeoIP Lookup Subnet Lookup Port Scanner Extract Links Zone Transfer HTTP […]
Flashlight is an automated information gathering tool that allows you to scan networks and gather information. For more information about using Flashlight, “-h” or “-help” option can be used. Parameters for the usage of this application can be listed below: -h, –help: It shows the information about using the Flashlight application. -p <ProjectName> or –project […]
Tool For Information Gathering. Usage Short Form Long Form Description -i –info Website Information -n –number Phone Number Information -mx –mailserver Find IP Address And E-mail Server -w –whois Domain Whois Lookup -l –location Find Website/IP Address Location -c –cloudflare Bypass CloudFlare -a –age Domain Age Checker -ua –useragent User Agent Info -p –port Check […]
SubDomain Analyzer is a Python-based tool that allows you to gather detailed information about a selected domain. It gathers data from a domain by following these steps: Trying to get the zone transfer file. Gathers all information from DNS records. Analyzing the DNS records (Analyzing all IP’s addresses from DNS records and test class C […]
Snitch is a Python-based tool that allows you to automate information gathering process for a specified domain. Using built-in dorks, this tool can gather specified information domain which can be found using web search engines. It can be quite useful in early phases of penetration testing. Usage: snitch.py [options] Options: -h, –help show this help message […]
Infoga is a tool for gathering e-mail accounts information (ip,hostname,country,…) from different public sources (search engines, pgp key servers). Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet. Requirements: Python <= 2.7 Installation: git clone https://github.com/m4ll0k/Infoga.git […]
gOSINT is a small OSINT framework in golang, it’s actually in development and still not ready for production if you want, feel free to contribute! What gOSINT can do Find mails from git repository Find Dumps for mail address Search for mail address linked to domain/mail address in PGP keyring Retrive Info from domain whois (waiting to […]
XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work? XRay is a very simple tool, it works this way: It’ll bruteforce subdomains using a wordlist and DNS requests. For every subdomain/ip found, it’ll use Shodan […]
Anubis is a subdomain enumeration and information gathering tool. Anubis collates data from a variety of sources, including HackerTarget, DNSDumpster, x509 certs, VirusTotal, Google, Pkey, and NetCraft. Anubis also has a sister project, AnubisDB, which serves as a centralized repository of subdomains. Subdomains are automatically sent to AnubisDB – to disable this functionality, pass the […]
All in one tool for Information Gathering and Vulnerability Scanning RED HAWK : https://github.com/Tuhinshubhra/RED_HAWK Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED Geo-IP Lookup Grab Banners IMPROVED DNS Lookup Subnet Calculator Nmap Port Scan […]
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third […]
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third […]
WIG (WebApp Information Gatherer) is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. The application fingerprinting is based on checksums and string matching of known files for different versions of CMSes. This results in a score being calculated for each detected CMS and its versions. Each […]
The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on […]
Raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. Usage of this is application is pretty simple. It requires at least three parameters. The first one is the company name , the second one is the country initials and the domain name. Please […]
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling. Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator Subdomain Finder Reverse IP Scanner CMS detection For Sites On the same server. […]
The purpose of this program is to collect emails, subdomains, hosts, employee names, open ports and banners from various public sources such as search engines, PGP key servers and black belt base computers. That’s Why theHarvester Tool Used For Information Gathering In Kali Linux. This tool is designed to help penetration testing in the early stages […]