Ashok – Osint Recon Tool in Kali Linux

Ashok is a free and open-source tool available on GitHub. Ashok is used for information gathering. Ashok is used to scan websites for information gathering and finding vulnerabilities in websites and webapps. Ashok is one of the easiest and useful tools for performing reconnaissance on websites and web apps. The Ashok tool is also available for Linux.  That is coded in python language. Ashok interface is very similar to Metasploit 2 and Metasploit. Ashok provides a command-line interface that you can run on Kali Linux. 

This tool can be used to get information about our target(domain). We can target any domain using Ashok. The interactive console provides a number of helpful features, such as command completion and contextual help. A tool for every beginner/pentester in their penetration testing tasks. It contains several features like http-headers extractor, dns-lookup, whois-lookup, nslookup, subdomain-finder, nmap scanning, github,githubrecon, cms-detector, linkextractor, banner-grabbing, subnet-lookup, geoip-lookup.  

This tool is written in python language. You must have python language installed in your Kali Linux to use this tool. Ashok can detect WordPress, Drupal, Joomla, and Magento CMS, WordPress sensitive files, and WordPress version-related vulnerabilities. Ashok uses different modules for doing all the scanning. The whois data collection gives us information about Geoip lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup. Overall Ashok is a vulnerability Scanner. Ashok has the following modules DNS Lookup, WHOIS lookup, GEO-Lookup, Subnet lookup, port scanner, Links extractor, etc. Ashok can detect closed and open ports of networks. Ashok also called as a complete package of Information gathering tools. 

Features of Ashok:

• Ashok is free and open source tool.
• Ashok is a complete package of information gathering modules.
• Ashok works and acts as a web application/website scanner.
• Ashok is one of the easiest and useful tools for performing reconnaissance.
• Ashok is written in python language.
• Ashok interface is very similar to metasploitable and metasploitable 2 that makes it easy to use.
• Ashok’s interactive console provides a number of helpful features.
• Ashok is used for information gathering and vulnerability assessment of web applications.
• Ashok can easily find loopholes in the code of web applications and websites.
• Ashok has the following modules Geoip lookup, Banner grabbing, DNS lookup, port scanning,–headers extractor, dns-lookup, whois-lookup, nslookup, subdomain-finder, nmap scanning, Github, githubrecon, cms-detector, linkextractor, banner-grabbing, subnet-lookup, geoip-lookup. These modules make this tool so powerful.
• Ashok can target a single domain and can find all the subdomains of that domain which makes work easy for pentesters.

Installation of Ashok Tool

Step 1: Open your kali Linux operating system. Move to desktop. Here you have to create a directory called Ashok. In this directory, you have to install the tool.

To move to desktop use the following command.

cd Desktop

Step 2: Now you are on the desktop. Here you have to create a directory called Ashok. To create an Ashok directory using the following command.

mkdir Ashok

Step 3. You have created a directory. Now use the following command to move into that directory.

cd Ashok

Step 4: Now you are in the Ashok directory. In this directory you have to download the tool means you have to clone the tool from GitHub. Use the following command to clone the tool from GitHub.

git clone https://github.com/ankitdobhal/Ashok

Step 5: The tool has been downloaded in the directory Ashok. Now to list out the contents of the tool that has been downloaded use following command.

ls

Step 6: When you listed out the contents of the tool you can see that a new directory has been generated by the tool that is Ashok. You have to move to this directory to view the contents of the tool. To move in this directory using the following command.

cd Ashok

Step 7. To list out the contents of this directory using the following command.

ls

Step 8: Now you can run the tool using the following command.  This command will open the help menu of the tool.

python3 Ashok.py -h

The tool is running successfully now we will see the example of how to use the tool.

Usages:

Example 1: Use the Ashok tool to find headers of a website.

python3 Ashok.py --headers https://hackthebox.eu

These details of the header we got after scanning for the header. Similarly, you can scan for your domain.

Example 2: Use Ashok tools to find subdomains of a target.

python3 Ashok.py --subdomain hackthebox.eu

We scanned for subdomains and we got these subdomains. Along with IP address of the domain

Conclusion:

Similarly, you can find the subdomains of your target also. This is simple as that. This tool can be used to get information about our target(domain). We can target any domain using Ashok. The interactive console provides a number of helpful features, such as command completion and contextual help. A tool for every beginner/pentester in their penetration testing tasks. It contains several features like:  http-headers extractor, dns-lookup, whois-lookup, nslookup, subdomain-finder, nmap scanning, GitHub, githubrecon, cms-detector, linkextractor, banner-grabbing, subnet-lookup, geoip-lookup.  This tool is written in python language. You must have python language installed in your kali linux to use this tool. Ashok can detect WordPress, Drupal, Joomla, and Magento CMS, WordPress sensitive files, and WordPress version-related vulnerabilities. Ashok uses different modules for doing all the scanning The whois data collection gives us information about Geoip lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup.