Tag: footprinting

Enumeration, Footprinting

Enumerate subdomains through a wordlist

Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. Usage knockpy [-h] [-v] [-w WORDLIST] [-r] [-z] domain   positional arguments: domain specific target domain, like domain.com   optional arguments: -h, –help show this help message and exit -v, –version show program’s version number and exit -w WORDLIST …

Footprinting, Penetration Testing

EmailHarvester 1.2.6

EmailHarvester is a tool to retrieve Domain email addresses from Search Engines. Requirements * Python 3.x * termcolor * colorama * requests Features * Retrieve Domain email addresses from Search Engines (Google, Bing, Yahoo, ASK). * Export results to txt and xml files. * Limit search results. * Define your own User-Agent string. * Use …

Brute-force, Enumeration, Information Gathering

SubBrute – fast subdomain enumeration tool

SubBrute is a DNS meta-query spider tool that enumerates DNS records, and subdomains. SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting. This design …

Hacking

Automated basic digital reconnaissance

InstaRecon is an automated basic digital reconnaissance tool, great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS lookups (A, PTR, MX, NS) DNS lookups recursively on all hosts discovered Whois (on domain and IP) lookups Google dorks looking for subdomains and URLs Shodan lookups Reverse DNS lookups …

Footprinting, Penetration Testing, Reconnaissance

IPGeoLocation 1.5 released

IPGeoLocation A tool to retrieve IP Geolocation information from ip-api.com. Github Requirements Python 3.x Features Retrieve Geolocation of IP or Domain. Run program with no arguments to get your IP Geolocation. Retrieve Geolocation of multiple IPs or Domains loaded from file. Each target in new line. Define your own custom User Agent string. Proxy support. …

Footprinting, Penetration Testing

Collect email addresses from multiple search engines

Let’s see how can we collect a company’s email addresses from multiple search engines using Kali Linux and Metasploit. 1. Run your Kali Linux distribution 2. Open a terminal 3. Run Metasploit msfconsolemsfconsole 4. Select email collector module use auxiliary/gather/search_email_collectoruse auxiliary/gather/search_email_collector 5. Set target domain name set domain example.comset domain example.com 6. Type exploitexploit and …

Footprinting, Reconnaissance

SSL Protocol Scanner – Reconnaissance

sslscan – queries SSL/TLS enabled services, such as HTTPS, to discover supported cipher suites. The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats. Usage: sslscan [Options] [host:port | host]sslscan [Options] [host:port | host] Options: –targets=<file> A file containing a list of hosts to check. Hosts can …

Footprinting, Penetration Testing, Reconnaissance

Gathering information – Reconnaissance

DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more. The following is a list of the current …

Linux, Penetration Testing

Reconnaissance – FootPrinting – Information Gathering

The first step for a successful penetration test is reconnaissance, also known as footprinting or information gathering. The main objective of this step is to gather information about the target system. Footprinting can be achieved through steps such as social engineering or by probing and enumerating the network. Information gathering is the most critical. In …