I was reading an interesting Motherboard article, Legal Hacking Tools Can Be Useful for Journalists, Too, that includes reference to one of my all time OSINT favorites, Maltego. Joseph Cox‘s article also mentions Datasploit, a 2016 favorite for fellow tools aficionado, Toolswatch.org, see 2016 Top Security Tools as Voted by ToolsWatch.org Readers. Having not yet explored Datasploit myself, this proved to be a grand case of “no time like the present.”
Datasploit is “an #OSINT Framework to perform various recon techniques, aggregate all the raw data, and give data in multiple formats.” More specifically, as stated on Datasploit documentation page under Why Datasploit, it utilizes various Open Source Intelligence (OSINT) tools and techniques found to be effective, and brings them together to correlate the raw data captured, providing the user relevant information about domains, email address, phone numbers, person data, etc. Datasploit is useful to collect relevant information about target in order to expand your attack and defense surface very quickly.
The feature list includes:
- Automated OSINT on domain / email / username / phone for relevant information from different sources
- Useful for penetration testers, cyber investigators, defensive security professionals, etc.
- Correlates and collaborate results, shows them in a consolidated manner
- Tries to find out credentials, API keys, tokens, sub-domains, domain history, legacy portals, and more as related to the target
- Available as single consolidating tool as well as standalone scripts
- Performs Active Scans on collected data
- Generates HTML, JSON reports along with text files
Second, a few pointers to keep you from losing your mind. This project is very much work in progress, lots of very frustrated users filing bugs and wondering where the support is. The team is doing their best, be patient with them, but read through the Github issues to be sure any bugs you run into haven’t already been addressed.
1) Datasploit does not error gracefully, it just crashes. This can be the result of unmet dependencies or even a missing API key. Do not despair, take note, I’ll talk you through it.
2) I suggest, for ease, and best match to documentation, run Datasploit from an Ubuntu variant. Your best bet is to grab Kali, VM or dedicated and load it up there, as I did.
3) My installation guidance and recommendations should hopefully get you running trouble free, follow it explicitly.
4) Acquire as many API keys as possible, see further detail below.
Installation and preparation
From Kali bash prompt, in this order:
- git clone https://github.com/datasploit/datasploit /etc/datasploit
- apt-get install libxml2-dev libxslt-dev python-dev lib32z1-dev zlib1g-dev
- cd /etc/datasploit
- pip install -r requirements.txt
- mv config_sample.py config.py
- With your preferred editor, open config.py and add API keys for the following at a minimum, they are, for all intents and purposes required, detailed instructions to acquire each are here:
- Shodan API
- Censysio ID and Secret
- Clearbit API
- Emailhunter API
- Fullcontact API
- Google Custom Search Engine API key and CX ID
- Zoomeye Username and Password
|Pastebin and Pastie results|
|Sub-domains and page links|
*** This is a Security Bloggers Network syndicated blog from HolisticInfoSec™ authored by Russ McRee. Read the original post at: http://holisticinfosec.blogspot.com/2017/08/toolsmith-127-osint-with-datasploit.html