twelvesec / Gasmask
Licence: gpl-3.0
Information gathering tool - OSINT
Stars: ✭ 518
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Gasmask
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+554.63%)
Mutual labels: osint, reconnaissance, information-gathering
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+346.33%)
Mutual labels: osint, reconnaissance, information-gathering
Deadtrap
An OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-85.91%)
Mutual labels: osint, reconnaissance, information-gathering
Favfreak
Making Favicon.ico based Recon Great again !
Stars: ✭ 564 (+8.88%)
Mutual labels: osint, reconnaissance, information-gathering
Investigo
🔎 Find usernames and download their data across social media.
Stars: ✭ 168 (-67.57%)
Mutual labels: osint, information-gathering, reconnaissance
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+1228.57%)
Mutual labels: osint, reconnaissance, information-gathering
Phoneinfoga
PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (+1044.21%)
Mutual labels: osint, reconnaissance, information-gathering
Osint Tools
👀 Some of my favorite OSINT tools.
Stars: ✭ 155 (-70.08%)
Mutual labels: osint, reconnaissance, information-gathering
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+563.9%)
Mutual labels: osint, reconnaissance, information-gathering
Pdlist
A passive subdomain finder
Stars: ✭ 204 (-60.62%)
Mutual labels: osint, reconnaissance, information-gathering
Theharvester
E-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+1092.08%)
Mutual labels: osint, reconnaissance, information-gathering
querytool
Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-79.92%)
Mutual labels: osint, information-gathering, reconnaissance
Sherlock
🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+5415.25%)
Mutual labels: osint, reconnaissance, information-gathering
Social Analyzer
API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+1531.08%)
Mutual labels: osint, reconnaissance, information-gathering
Discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+391.89%)
Mutual labels: osint, reconnaissance, information-gathering
sherlock
🔎 Find usernames across social networks
Stars: ✭ 52 (-89.96%)
Mutual labels: osint, information-gathering, reconnaissance
DaProfiler
DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
Stars: ✭ 58 (-88.8%)
Mutual labels: osint, information-gathering, reconnaissance
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-17.57%)
Mutual labels: osint, reconnaissance
ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-83.4%)
Mutual labels: information-gathering, reconnaissance
gasmask
All in one Information gathering tool - OSINT
For a full list of our tools, please visit our website https://www.twelvesec.com/
Written by:
Dependencies
- Python 3.x
- validators
- python-whois
- dnspython
- requests
- shodan
- censys
- mmap
- pprint
Information Gathering
- ask
- bing
- crt
- censys.io
- dns
- dnsdumpster
- dogpile
- github
- googleplus
- netcraft
- pgp
- reverse dns
- shodan
- vhosts
- virustotal
- whois
- yahoo
- yandex
- youtube
- spyse
Dependencies
sudo pip3 install -r requirements.txt
Usage
___________ .__ _________
\__ ___/_ _ __ ____ | |___ __ ____ / _____/ ____ ____
| | \ \/ \/ // __ \| |\ \/ // __ \ \_____ \_/ __ \_/ ___\
| | \ /\ ___/| |_\ /\ ___/ / \ ___/\ \___
|____| \/\_/ \___ >____/\_/ \___ >_______ /\___ >\___ >
\/ \/ \/ \/ \/
GasMasK v. 2.0 - All in one Information gathering tool - OSINT
GasMasK is an open source tool licensed under GPLv3.
Written by: @maldevel, mikismaos, xvass, ndamoulianos, sbrb
https://www.twelvesec.com/
Please visit https://github.com/twelvesec/gasmask for more..
usage: gasmask.py [-h] [-d DOMAIN] [-s NAMESERVER] [-x PROXY] [-l LIMIT]
[-i MODE] [-o BASENAME] [-k API-KEY] [-e SPYSE_API_KEY]
[-m MATCH] [-f FILTER] [--count] [-R REPORT]
[-B REPORT_BUCKET] [-1 CENSYS_API_ID] [-2 CENSYS_API_SECRET]
[-r] [-u] [-a ASN] [-c COUNTRY] [-O CERT_ORG]
[-I CERT_ISSUER] [-z CERT_HOST] [-S HTTP_SERVER]
[-t HTML_TITLE] [-b HTML_BODY] [-T TAGS] [-L LIMIT] [-D]
[-v] [-H]
[arguments [arguments ...]]
positional arguments:
arguments Censys query
optional arguments:
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN
Domain to search.
-s NAMESERVER, --server NAMESERVER
DNS server to use.
-x PROXY, --proxy PROXY
Use a proxy server when retrieving results from search engines (eg. '-x http://127.0.0.1:8080')
-l LIMIT, --limit LIMIT
Limit the number of search engine results (default: 100).
-i MODE, --info MODE Limit information gathering (basic,nongoogle,whois,dns,revdns,vhosts,google,bing,yahoo,ask,dogpile,yandex,linkedin,twitter,youtube,reddit,github,instagram,crt,pgp,netcraft,virustotal,dnsdump,shodan,censys,spyse).
-o BASENAME, --output BASENAME
Output in the four major formats at once (markdown, txt, xml and html).
-k API-KEY, --shodan-key API-KEY
API key to use with Shodan search (MODE="shodan")
-e SPYSE_API_KEY, --spyse-key SPYSE_API_KEY
-m MATCH, --match MATCH
Highlight a string within an existing query result
-f FILTER, --filter FILTER
Filter the JSON keys to display for each result, use value 'help' for interesting fields
--count Print the count result and exit
-R REPORT, --report REPORT
Stats on given field (use value 'help' for listing interesting fields)'
-B REPORT_BUCKET, --report_bucket REPORT_BUCKET
Bucket len in report mode (default: 10)
-1 CENSYS_API_ID, --censys_api_id CENSYS_API_ID
Provide the authentication ID for the censys.io search engine
-2 CENSYS_API_SECRET, --censys_api_secret CENSYS_API_SECRET
Provide the secret hash for the censys.io search engine
-r, --read_api_keys Read the API Keys stored in api_keys.txt file. (e.g. '-i censys -r')
-u, --update_api_keys
Update the API Keys stored in api_keys.txt file. (e.g. '-i censys -u')
-a ASN, --asn ASN Filter with ASN (e.g 5408 for GR-NET AS)
-c COUNTRY, --country COUNTRY
Filter with country
-O CERT_ORG, --cert-org CERT_ORG
Certificate issued to organization
-I CERT_ISSUER, --cert-issuer CERT_ISSUER
Certificate issued by organization
-z CERT_HOST, --cert-host CERT_HOST
hostname Certificate is issued to
-S HTTP_SERVER, --http-server HTTP_SERVER
Server header
-t HTML_TITLE, --html-title HTML_TITLE
Filter on html page title
-b HTML_BODY, --html-body HTML_BODY
Filter on html body content
-T TAGS, --tags TAGS Filter on specific tags. e.g: -T tag1,tag2,... (use keyword 'list' to list usual tags
-L LIMIT, --Limit LIMIT
Limit to N results
-D, --debug Debug information
-v, --verbose Print raw JSON records
-H, --html Renders html elements in a browser
Modes
-
Basic Mode
- Whois lookup
- DNS queries
- Reverse DNS Lookup
- Bing Virtual Hosts
-
Nongoogle Mode
- Whois lookup
- DNS queries
- Reverse DNS Lookup
- Bing Virtual Hosts
- Search in Bing
- Search in Yahoo
- Search in ASK
- Search in Dogpile
- Search in Yandex
- Search in Crt
- Search in DNSdumpster
- Search in Netcraft
- Search in VirusTotal
- Search in Spyse
Usage Examples
python gasmask.py -d example.com -i basic
python gasmask.py -d example.com -i dnsdump
python gasmask.py -d example.com -i shodan -k xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
python gasmask.py -d example.com -i whois,dns,revdns
python gasmask.py -d example.com -i basic,yahoo,github -o myresults/example_com_search_results
censys.io usage examples
python gasmask.py -i censys --Limit 10 nessus
python gasmask.py -i censys -I SAP --report location.country.raw --report_bucket 10
python gasmask.py -i censys --html-title "Hacked By" --Limit 10 --html
python gasmask.py -i censys --tags heartbleed --report location.country.raw
python gasmask.py -i censys -S NGINX --count
python gasmask.py -i censys -d example.com
python gasmask.py -i censys -t "Internal Server Error" -S Apache -m "HTTP 500" --Limit 15
Read the API Keys usage example - e.g in censys.io
python gasmask.py -i censys -r
Update the API Keys usage example - e.g in censys.io
python gasmask.py -i censys -u
Credits
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].