PhoneInfoga – Advanced Information Gathering & OSINT Tool For Phone Numbers

PhoneInfoga is one of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with very good accuracy. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.FeaturesCheck if phone number exists and is possibleGather standard information such as country, line type, and carrierOSINT footprinting using external APIs, Google Hacking, phone books & search enginesCheck for reputation reports, social media, disposable numbers and moreScan several numbers at onceUse custom formatting for more effective OSINT reconnaissanceAutomatic footprinting on several custom formatsDownload PhoneInfoga

Link: http://www.kitploit.com/2019/06/phoneinfoga-advanced-information.html

ReconT – Reconnaisance / Footprinting / Information Disclosure

Recon-Tool made for reconnaissance and information gathering with an emphasis on simplicity.It will do everything from.FeaturesInformation Security HeadersWAF DetectorBanner Grabbing Phone NumberCredit Card NumberEmailUS Social Security NumberUrl Crawl Dom Paramter UrlInternal Dynamic ParamterExternal Dynamic ParamterInternal LinkExternal LinkPort ScannerSubdomain EnumerationRequirementsclickrequestscolorlogbs4tldextractUsage & Installation$ apt-get install python3 nmap$ pip3 install -r requirements.txt$ python3 reconT.py http://target.co.li$ python reconT.py –helpUsage: reconT.py [OPTIONS] TARGETOptions: –timeout INTEGER Seconds to wait before timeout connections –proxy TEXT if Use a proxy ex: 0.0.0.0:8888if with auth 0.0.0.0:8888@user:password –cookies TEXT if use cookie comma separated cookies to add the requestex: PHPSESS:123,kontol=True –help Show this message and exit. InfoSupport For Python Version: 3.xReconT Version: 0.1By: 407 Authentic Exploit Codename: JaxBCDDownload ReconT

Link: http://feedproxy.google.com/~r/PentestTools/~3/cODwkrYCciM/recont-reconnaisance-footprinting.html

Aztarna – A Footprinting Tool For Robots

This repository contains Alias Robotics’ aztarna, a footprinting tool for robots.Alias Robotics supports original robot manufacturers assessing their security and improving their quality of software. By no means we encourage or promote the unauthorized tampering with running robotic systems. This can cause serious human harm and material damages.For ROSA list of the ROS nodes present in the system (Publishers and Subscribers)For each node, the published and subscribed topis including the topic typeFor each node, the ROS services each of the nodes offerA list of all ROS parameters present in the Parameter ServerA list of the active communications running in the system. A single communication includes the involved publiser/subscriber nodes and the topicsFor SROSDetermining if the system is a SROS master.Detecting if demo configuration is in use.A list of the nodes found in the system. (Extended mode)A list of allow/deny policies for each node.Publishable topics.Subscriptable topics.Executable services.Readable parameters.For Industrial routersDetecting eWON, Moxa, Sierra Wireless and Westermo industrial routers.Default credential checking for found routers.InstallingFor productionDirecly from PyPipip3 install aztarnaor from the repository:pip3 install .For developmentpip3 install -e .orpython3 setup.py developPython 3.7 and the setuptools package is required for installation.Install with dockerdocker build -t aztarna_docker .Code usage:usage: aztarna [-h] -t TYPE [-a ADDRESS] [-p PORTS] [-i INPUT_FILE] [-o OUT_FILE] [-e] [-r RATE] [–shodan] [–api-key API_KEY]Aztarnaoptional arguments: -h, –help show this help message and exit -t TYPE, –type TYPE Scan ROS, SROS hosts or Industrial routers -a ADDRESS, –address ADDRESS Single address or network range to scan. -p PORTS, –ports PORTS Ports to scan (format: 13311 or 11111-11155 or 1,2,3,4) -i INPUT_FILE, –input_file INPUT_FILE Input file of addresses to use for scanning -o OUT_FILE, –out_file OUT_FILE Output file for the results -e, –extended Extended scan of the hosts -r RATE, –rate RATE Maximum simultaneous network connections –shodan Use shodan for the scan types that support it. –api-key API_KEY Shodan API KeyRun the code (example input file):aztarna -t ROS -p 11311 -i ros_scan_s20.csvRun the code with Docker (example input file):docker run -v <host_path>:/root -it aztarna_docker -t ROS -p 11311 -i <input_file>Run the code (example single ip address):aztarna -t ROS -p 11311 -a 115.129.241.241Run the code (example subnet):aztarna -t ROS -p 11311 -a 115.129.241.0/24Run the code (example single ip address, port range):aztarna -t ROS -p 11311-11500 -a 115.129.241.241Run the code (example single ip address, port list):aztarna -t ROS -p 11311,11312,11313 -a 115.129.241.241Run the code (example piping directly from zmap):zmap -p 11311 0.0.0.0/0 -q | aztarna -t SROS -p 11311Run the code (example search for industrial routers in shodan)aztarna -t IROUTERS –shodan –api-key <yourshodanapikey>Run the code (example search for industrial routers in shodan, piping to file)aztarna -t IROUTERS –shodan –api-key <yourshodanapikey> -o routers.csvDownload Aztarna

Link: http://feedproxy.google.com/~r/PentestTools/~3/Q9CYfShlqRA/aztarna-footprinting-tool-for-robots.html

R3Con1Z3R – A Lightweight Web Information Gathering Tool With An Intuitive Features (OSINT)

R3con1z3r is a lightweight Web information gathering tool with an intuitive features written in python. it provides a powerful environment in which open source intelligence (OSINT) web-based footprinting can be conducted quickly and thoroughly.Footprinting is the first phase of ethical hacking, its the collection of every possible information regarding the target. R3con1z3r is a passive reconnaissance tool with built-in functionalities which includes: HTTP header flag, Traceroute, Whois Footprinting, DNS information, Site on same server, Nmap port scanner, Reverse Target and hyperlinks on a webpage. The tool, after being provided with necessary inputs generates an output in HTML format.ScreenshotsInstallationr3con1z3r supports Python 2 and Python 3.$ git clone https://github.com/abdulgaphy/r3con1z3r.git$ cd r3con1z3r$ pip install -r requirements.txtOptional for Linux users$ sudo chmod +x r3con1z3r.pyModuldesr3con1z3r depends only on the sys and the requests python modules.Python 3: $ pip3 install -r requirements.txtFor Coloring on Windows: pip install win_unicode_console coloramaUsagepython3 r3con1z3r.py [domain.com]ExamplesTo run on all Operating Systems (Linux, Windows, Mac OS X, Android e.t.c) i.e Python 2 environmentpython r3con1z3r.py google.comTo run on python3 environment:python3 r3con1z3r.py facebook.comTo run as executable Unix only./r3con1z3r.py google.comDownload R3Con1Z3R

Link: http://feedproxy.google.com/~r/PentestTools/~3/xpd1vC23W3c/r3con1z3r-lightweight-web-information.html

SpiderFoot – The Most Complete OSINT Collection And Reconnaissance Tool

SpiderFoot is an open source intelligence (OSINT) automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN or person’s name.SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you.What is SpiderFoot?SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more. You simply specify the target you want to investigate, pick which modules to enable and then SpiderFoot will collect data to build up an understanding of all the entities and how they relate to each other.What is OSINT?OSINT (Open Source Intelligence) is data available in the public domain which might reveal interesting information about your target. This includes DNS, Whois, Web pages, passive DNS, spam blacklists, file meta data, threat intelligence lists as well as services like SHODAN, HaveIBeenPwned? and more. See the full list of data sources SpiderFoot utilises.What can I do with SpiderFoot?The data returned from a SpiderFoot scan will reveal a lot of information about your target, providing insight into possible data leaks, vulnerabilities or other sensitive information that can be leveraged during a penetration test, red team exercise or for threat intelligence. Try it out against your own network to see what you might have exposed!Read more at the project website: http://www.spiderfoot.netDownload Spiderfoot

Link: http://www.kitploit.com/2018/12/spiderfoot-most-complete-osint.html

SpiderFoot 2.12 – Automates OSINT to find out everything possible about your target

SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more. You simply specify the target you want to investigate, pick which modules to enable and then SpiderFoot will collect data to build up an understanding of all the entities and how they relate to each other.What is OSINT?OSINT (Open Source Intelligence) is data available in the public domain which might reveal interesting information about your target. This includes DNS, Whois, Web pages, passive DNS, spam blacklists, file meta data, threat intelligence lists as well as services like SHODAN, HaveIBeenPwned? and more. See the full list of data sources SpiderFoot utilises. What can I do with SpiderFoot?The data returned from a SpiderFoot scan will reveal a lot of information about your target, providing insight into possible data leaks, vulnerabilities or other sensitive information that can be leveraged during a penetration test, red team exercise or for threat intelligence. Try it out against your own network to see what you might have exposed!New ModulesThe growing numbrs of OSINT sources out there is mind-boggling, and most remain free or at least provide API keys free of charge for low query volumes. In this release, eight new modules have been introduced: SecurityTrails (sfp_securitytrails): One of my favourite recent discoveries, SecurityTrails has truly a shedload of DNS and Whois data that any threat intelligence analyst, security analyst or investigator should look into. This module will query their API for IP addresses, domain names, e-mail addresses and owned netblocks to identify co-hosted sites, domains registered under the same e-mail address and more. An API key is required, however limited free usage is provided. Check out their blog post about the integration. FullContact.com (sfp_fullcontact): FullContact.com has loads of data about people and companies. This module uses their API (API key required) to look up domain names, e-mail addresses and names in an attempt to identify further e-mail addresses and names, but also physical locations and phone numbers. ARIN (sfp_arin): ARIN (American Registry for Internet Numbers) is similar to RIPE (for which SpiderFoot already has a module – sfp_ripe) in that they provide an API to query information about network ranges. But more interestingly from an OSINT perspective, you can query by first and last name, and likewise query by domain name to get affiliated names. This module will take any identified domain name and return a list of human names and ARIN registry data, which will then be scanned by other modules to idenify potential e-mail addresses and hostnames. It will also look up any names to identify potential relevant data. Hacked-Emails.com (sfp_hackedemails): Similar to haveibeenpwned.com, hacked-emails.com provides a free service to identify e-mail addresses mentioned in data leaks. This module will query their API for any e-mail address identified during a scan. Citadel.pw (sfp_citadel): As above, citadel.pw provides a way to search a large number of leaks for mention of an e-mail address, which is what this module will do. Thanks to citadel.pw – at – protonmail.com for this contribution and for providing a public API key free of charge! CIRCL.LU (sfp_circllu): CIRCL.LU (Computer Incident Response Center, Luxembourg) provide a free, however upon-request API to query their rich database of historical SSL and DNS data. This module will take hostnames, owned netblocks, IP addresses and domain names and identify further IP addresses and hostnames, plus SSL certificates and co-hosts related to your target. Quad9.net (sfp_quad9): Quad9.net aggregate a number of threat intelligence data sources and integrate them into their resolver, which anyone can point to (9.9.9.9). The resolver will not resolve anything malicious according to the data feeds they have integrated. This module will attempt to resolve identified hostnames, affiliates and co-hosts using 9.9.9.9, and if they fail to resolve there but do resolve using the configured resolver, will report them as malicious. RiskIQ / PassiveTotal (sfp_riskiq): RiskIQ provide a threat intelligence platform with an API (API key required) to query their passive DNS and other data. This module will query their API for any hostname, IP address, domain name or e-mail address identified, and return owned netblocks, further IP addresses, co-hosted sites and domain names also registered by the provided e-mail address (reverse Whois).ImprovementsDockerfile is now using the Alpine Linux base image, plus some other improvements to bring the image down from about 500MB to 90MB. See this tutorial to try it out.Stopped reporting IPv6 addresses from the sfp_ripe module, as it made the malicious modules spin forever on the huge IPv6 address spaces identified. This will be re-visited sometime when IPv6 sees wider adoption.Updated the sfp_robtex module to honor throttling and be more configurable.Improved sfp_ripe’s ability to identify netblocks possibly owned by the target.Handle re-directions when looking for S3 buckets, which will result in many more being found as Amazon returns 30x in many cases, which before was being ignored by SpiderFoot.sfp_whois will now perform Whois lookups for affiliate domains and co-hosted sites.sfp_onioncity updated to use onion.link.Enhancements / Bug fixesMisc. minor bug fixes, performance improvements and tweaks.Download SpiderFoot 2.12

Link: http://feedproxy.google.com/~r/PentestTools/~3/HtlpkzzNsqM/spiderfoot-212-automates-osint-to-find.html

Beginner Guide to Website Footprinting

In our previous article we have discussed a brief introduction of footprinting for gathering information related to the specific person. As we had discussed that there are so many type of footprinting and today we are going to talk about DNS footprinting, website footprinting and whois footprinting. Browsing the target Website may Providing Whos is… Continue reading →
The post Beginner Guide to Website Footprinting appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/beginner-guide-website-footprinting/

5 ways to Banner Grabbing

Banner are refers as text message that received from host. Banners usually contain information about a service, such as the version number. From Wikipedia Banner grabbing is a process to collect details regarding any remote PC on a network and the services running on its open ports. An attacker can make use of banner grabbing in… Continue reading →
The post 5 ways to Banner Grabbing appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/5-ways-banner-grabbing/