OSINT Framework
After doing manually reconnaissance on our target we will see how to use framework that automatize all these techniques
OSINT Framework
Spiderfoot
SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.
SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It's written in Python 3 and GPL-licensed.
Installation
Running a scan
We run a scan against our target: breachdefs.com
Results
Once finish we can visualize our results as a graph.
From it we can see that:
there is an exchange server running on 192.168.42.11
a webserver at https://www.breachdefs.com
we also get an email: david_lightman@breachdefs.com
Amass
The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
Installation
Running a scan
Results
Once finish we get two subdomains: www.breachdefs.com and owa.breachdefs.com
Last updated