Skip to content
Related Articles

Related Articles

Improve Article
Gasmask – Information Gathering Tool in Kali Linux
  • Last Updated : 28 Apr, 2021

Gasmask is a free and open-source tool available on Github. Gasmask is an Open Source Intelligence and Information Gathering Tool based on (OSINT). Gasmask is capable of doing everything almost you need for reconnaissance as per your need it can perform reconnaissance easily. Gasmask works as an open-source tool intelligence tool. It integrates with just about every data source available and utilizes a range of methods for data analysis. Gasmask is written in python language. You must have python language installed into your Kali Linux system in order to use the Gasmask tool. This too is used to get various information about our target.  This information includes DNS server information, organization name, address, city, zip, country, email address related to the respective organization, registrars, naming servers, DNS information. The dependencies of the tool include Python 3, x validators, python-whois, dnspython, requests, nmap, shodan, censys, pprint. For information gathering, this tool uses the following modules and information gathering sources virustotal, yahoo, spyse, youtube, yandex, shodan, reverse dns, netcraft, whois, bing, censys.io, dns, github, dnsdumpster,  instagram, crt, ask, dogpile. These were the modules for which the tool uses the publicly available data to get information about the target.

Features of Gasmask:

  • Gasmask is a free and open-source tool available on Github. This means you can download and install this tool freely.
  • Gasmask is an Open Source Intelligence and Information Gathering Tool (OSINT).
  • Gasmask is used for performing reconnaissance.
  • Gasmask works as an open-source tool intelligence tool which means open-source information is used by this tool to perform reconnaissance.
  • Gasmask is written in python language. This means you must download and install python language in your Kali Linux operating system.
  • Gasmask has some dependencies which are Python 3, x validators, python-whois, dnspython, requests, mmap, shodan, censys, pprint.
  • Gasmask uses the following modules to perform reconnaissance dns, netcraft, whois, bing, censys.io, dns, Github, dnsdumpster,  instagram, crt, ask, etc.
  • Gasmask is a free tool. You don’t need to pay any amount to anyone to use this tool as it is an open-source tool.

Uses of Gasmask:

  • Gasmask is used to perform reconnaissance.
  • Gasmask is used for information gathering.
  • Gasmask is used to find DNS information.
  • Gasmask is used to find the names of the owner of the organization and the names of people of the respected domains.
  • Gasmask is used to find the address of the domain organization located.
  • Gasmask is used to find the city of the companies’ office.
  • Gasmask is used to find the email addresses associated with the domain.
  • Gasmask is used to find subdominants of the domain.
  • Gaskmask’s Whois lookup is used to find whois information of the domain.
  • Gasmask’s DNS queries are used to find DNS server information.
  • Gasmask’s Bing Virtual Hosts is used to find hosts of the target.

Installation

Step 1. Open your Kali Linux operating system. Move to desktop. Here you have to create a directory called Gasmask. In this directory, you have to install the tool. To move to desktop use the following command.

cd Desktop

move directory to desktop



Step 2. Now you are on the desktop. Here you have to create a directory Gasmask. To create a Gasmask directory using the following command.

mkdir Gasmask

creating directory for gasmask

Step 3.  Step 3. You have created a directory. Now use the following command to move into that directory.

cd Gasmask

change directory to gasmask

Step 4. Now you are in the Gasmask directory. Now you have to install the tool using the following command. Use the following command to install Gasmask.

git clone https://github.com/twelvesec/gasmask.git

cloning gasmask repository

Step 5. The tool has been downloaded to your system now use the following command to list out the contents of the directory.

ls

directory listing in linux



Step 6. You can see there is a directory called gasmask. Move to this directory using the following command.

cd gasmask

change directory to gasmask

Step 7. Now you are in the directory gasmask. Use the following command to list out the contents of the directory.

ls

directory listing

Step 8. You can see so many files here (api_keys.txt gasmask.py readme.md etc).  Now you have to install the requirements.txt of the tool to download the dependencies of the tool.

pip3 install -r requirements.txt

installing requirements for gasmask

Step 9. All the requirements have been downloaded into the tool. Now you can run the tool using the following command.

python3 gasmask.py

running gasmask

Working with Gasmask

1. To perform reconnaissance on a website.

python3 gasmask.py -d testphp.vulnweb.com -i basic'

Use the above command for basic scanning of the tool.



performing reconnaissance

The details which we got are given below.

\__    _/_  _  _ __ |  |_  _ __  /   __/ __   ___  
 |    |  \ \/ \/ // _ \|  |\  \/ // _ \ \___  \_/ _ \/ _\
 |    |   \     /\  _/|  |\   /\  _/ /        \  _/\  \__
 |_|    \/\/  \__  >_/\_/  \__  >__  /\__  >\__  >
                      \/               \/        \/     \/     \/
GasMasK v. 2.0 - All in one Information gathering tool - OSINT
GasMasK is an open source tool licensed under GPLv3.
Written by: @maldevel, mikismaos, xvass, ndamoulianos, sbrb
https://www.twelvesec.com/
Please visit https://github.com/twelvesec/gasmask for more..
[+] Information gathering: ['basic']
[+] Looking into first 100 search engines results
[+] Using DNS server: 8.8.8.8
[+] Target: testphp.vulnhub.com:False
[+] User-agent strings: 76
[+] Whois lookup
----------------
Name: REDACTED FOR PRIVACY
Organization: Offensive Security
Address: REDACTED FOR PRIVACY
City: REDACTED FOR PRIVACY
Zip code: REDACTED FOR PRIVACY
Country: GI
Emails:
abuse@support.gandi.net
00f473073623a6d885a6693334a8c413-15095153@contact.gandi.net
39d0803179f546cd0d04749b02bf7a96-15095389@contact.gandi.net
ea4bb56fd04f9305960dbf95649f3840-15094593@contact.gandi.net
Registrar: GANDI SAS
Whois Server: whois.gandi.net
Updated Date:
2020-08-25 02:15:10
2020-08-25 04:15:12
Expiration Date: 2021-09-12 23:36:17
Creation Date: 2012-09-12 23:36:17
Name Servers:
ERIC.NS.CLOUDFLARE.COM:173.245.59.112
JEAN.NS.CLOUDFLARE.COM:108.162.192.121
[+] DNS queries
---------------
gasmask.py:580: DeprecationWarning: please use dns.resolver.Resolver.resolve() instead
 answers = myresolver.query(value, record)
A DNS record: -
CNAME DNS record: -
HINFO DNS record: -
MX DNS record: -
NS DNS record: -
PTR DNS record: -
SOA DNS record: -
TXT DNS record: -
SPF DNS record: -
SRV DNS record: -
RP DNS record: -
[+] Reverse DNS Lookup
----------------------
'bool' object has no attribute 'encode'
[+] Bing Virtual Hosts
----------------------
can only concatenate str (not "bool") to str
can only concatenate str (not "bool") to str
can only concatenate str (not "bool") to str
[+] Search engines results - Final Report
-----------------------------------------

These details we got after scanning the website. By scanning the above website we got DNS information. Email addresses associated with the website. We got domain details.

2. To perform whois lookup on a website.

python3 gasmask.py -d testphp.vulnweb.com -i whois

whois lookup using gasmask

The details we get after scanning are:

____              ._                ___              
\__    _/_  _  _ __ |  |_  _ __  /   __/ __   ___  
 |    |  \ \/ \/ // _ \|  |\  \/ // _ \ \___  \_/ _ \/ _\
 |    |   \     /\  _/|  |\   /\  _/ /        \  _/\  \__
 |_|    \/\/  \__  >_/\_/  \__  >__  /\__  >\__  >
                      \/               \/        \/     \/     \/
GasMasK v. 2.0 - All in one Information gathering tool - OSINT
GasMasK is an open source tool licensed under GPLv3.
Written by: @maldevel, mikismaos, xvass, ndamoulianos, sbrb
https://www.twelvesec.com/
Please visit https://github.com/twelvesec/gasmask for more..
[+] Information gathering: ['whois']
[+] Looking into first 100 search engines results
[+] Using DNS server: 8.8.8.8
[+] Target: testphp.vulnweb.com:18.192.172.30
[+] User-agent strings: 76
[+] Whois lookup
----------------
Name: Acunetix Acunetix
Organization: Acunetix Ltd
Address: 3rd Floor,, J&C Building,, Road Town
City: Tortola
Zip code: VG1110
Country: VG
Emails:
legal@eurodns.com
legalservices@eurodns.com
administrator@acunetix.com
Registrar: Eurodns S.A.
Whois Server: whois.eurodns.com
Updated Date:
2020-06-08 03:22:51
2020-06-08 05:48:32
Expiration Date:
2021-06-14 07:50:29
2021-06-13 00:00:00
Creation Date:
2010-06-14 07:50:29
2010-06-14 00:00:00
Name Servers:
NS1.EURODNS.COM:8.20.241.107
NS2.EURODNS.COM:8.20.243.107
NS3.EURODNS.COM:8.20.241.108
NS4.EURODNS.COM:8.20.243.108
ns1.eurodns.com:8.20.241.107
ns2.eurodns.com:8.20.243.107
ns3.eurodns.com:8.20.241.108
ns4.eurodns.com:8.20.243.108
[+] Search engines results - Final Report
-----------------------------------------

Conclusion: These are the example that how you can get information about the target using Gasmask tool. It’s very easy to perform reconnaissance using the Gasmask tool.  Gasmask is capable of doing everything almost you need for reconnaissance as per your need it can perform reconnaissance easily. Gasmask works as an open-source tool intelligence tool. It integrates with just about every data source available and utilizes a range of methods for data analysis.




My Personal Notes arrow_drop_up
Recommended Articles
Page :