What is Information Gathering ?
Information gathering is the process of collecting as much information as possible about a target network, for identifying varioius ways to intrude a network or system. Information gathering is the first step of any attack on information systems. Here are the Top 10 powerfull information gathering tools available for multi platforms(Windows / Linux / Mac OS X).
Objectives of Information Gathering
Collect Network Information
- Domain Name
- Internal Domain Names
- Network Blocks
- IP address of the reachable systems
- Rogue websites/private websites
- TCP and UDP service running
- Networking Protocols
- IdSes running
- System enumeration
Collect System Information
- User and group names
- System banners
- Routing Tables
- SNMP information
- System information
- Remote system type
- System names
Top 10 Advanced Information Gathering Tools
Disclaimer : All articles on our website are only for Educational/Informational purposes only. The author is not responsile for any illegal activity. TheHackerStuff does not promote any malicious activites.
1. Nmap – The Network Mapper
Nmap, the Network mapper, is a free, open-source tool for vulnerability scanning and network discovery. The tool uses raw ip packets in novel ways that to see what hosts are available on the network, what services (application name and version) those hosts are providing, what operative systems (and OS versions) they’re running, what kind of packet filters/firewalls are in use, and dozens of different characteristics. it was designed to quickly scan massive networks, however works fine against single hosts.
Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are obtainable and the services they provide, finding open ports and detecting security risks. Nmap is accessible for Linux, Windows, and mac OS X.
Th3inspector is an powerfull open source information gathering tool available on Github through which you can easily find much information about the target such as server details, whois lookup, target IP location, phone number, email address, sub-domains etc. The tool has many options to enumerate website information.
Download the tool from the download link.
3. Red Hawk
Red Hawk is another open source information gathering tool available on github. It supports many scans & features like basic scan, web server detection, cms detection, whois lookup, geo-ip lookup, grab banners, dns lookup, subnet calculatorsub-domain scanner, reverse ip lookup & CMS detection. RedHawk also supports Vulnerability scanning and crawling.
RedHawk – A must have tool for all penetration testers.
Raccoon is a widespread tool created for reconnaissance and information gathering with an emphasis on simplicity. it will do everything from gathering DNS records, retrieving WHOIS info, getting TLS information, sleuthing WAF presence and up to threaded dir busting and subdomain enumeration. each scan outputs to a corresponding file.
As most of Raccoon’s scans are independent and do not rely on every other’s results, it utilizes Python’s asyncio to run most scans asynchronously. Raccoon supports Tor/proxy for anonymous routing.
5. BadKarma – Advance Network Reconnaissance Toolkit
BadKarma is a python3 GTK+ toolkit that aims to help penetration testers throughout all the network infrastructure penetration testing activity phases. It permits testers to save lots of time by having point-and-click access to their toolkits, launch them against single or multiple targets and interact with them through simplified GUIs or Terminals.
Every task’s output is logged beneath a session file in order to assist throughout reporting phase or in a possible incident response scenario. it is additionally accessible a proxychains switch that permit everything go through proxies, and last but not least, each command may be adjusted before the execution by disabling the “auto-execute” checkbox.
Sandmap is a open source tool which supports network and system reconnaissance using the massive Nmap engine. It provides a easy user-friendly interface, automates and accelerates scanning and permits you to simply use several advanced scanning techniques. Key Features of Sandmap are –
- simple CLI with the flexibility to run pure Nmap engine
- predefined scans enclosed in the modules
- support Nmap Scripting Engine (NSE) with scripts arguments
- TOR support (with proxychains)
- multiple scans at just once.
SPARTA is graphical user interface application developed with python and inbuild Network Penetration Testing Kali Linux tool. It simplifies scanning and enumeration phase with quicker results. It permits the tester to save lots of time by having point-and-click access to his toolkit and by displaying all tool output in an exceedingly convenient manner. If very little time is spent setting up commands and tools, more time may be spent focusing on analysing results. Despite the automation capabilities, the commands and tools used are totally customizable as every tester has his own strategies, habits and preferences.
Don't Miss : How To Exploit Android Devices using Metasploit
8. DMitry – Deepmagic Information Gathering Tool
DMitry (Deepmagic information gathering Tool) is a UNIX/(GNU)Linux command line program coded purely in C with the flexibility to collect as much info as attainable about a host. the application is considered a tool to help in informa- tion gathering when info is required quickly by removing the need to enter multiple commands and the timely process of searching through information from multiple sources. DMitry contains a base functionality with the flexibility to add new functions. Basic functionality of DMitry permits for data to be gathered about a target host from a sim- ple whois search on the target to uptime reports and tcp portscans. The tool is accessible in Kali Linux. Features –
- Performs a whois search.
- Retrieve attainable uptime information, system and server information.
- SubDomain search on a target host.
E-Mail address search on a target host.
tcp Portscan on the host target.
- SubDomain search on a target host.
- A standard program permitting user specified modules.
9. Devploit – Information Gathering Tool
Devploit is a simple python script to Information Gathering. Features of devploit are DNS lookup, Whois lookup, Geo-IP lookup, subnet lookup, Port scanner, Extract links, Zone transfer, HTTP header, Host finder, IP-locator, Traceroute, host DNS finder, reverse IP lookup, Subdomain finder.
Zenmap is the official GUI version of Nmap scanner. It is a multi-platform free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users.
Disclaimer This article is only for an Educational purpose. Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and www.thehackerstuff.com will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
Do you want to write for TheHackerStuff ? If you have an interesting and intelligent topic you think we would like to publish, send it to email@example.com
Akshay Sharma is a Cyber Security Analyst. He is a CCNA certified and owner of TheHackerStuff.