Grim is a free and open-source tool available on GitHub. Grim is used to scanning websites for information gathering and finding vulnerabilities. Grim is written in PHP. It uses PHP script to do reconnaissance. Grim is so powerful that it can detect content management systems while scanning, it can detect IP addresses, it can detect webserver records, it can detect cloud flare information, and can detect robots.txt. Grim can detect WordPress, Drupal, Joomla, and Magento CMS. Grim looks for error-based SQL injections, WordPress sensitive files, and WordPress version-related vulnerabilities. Grim uses different modules for doing all the scanners.  WHOIS data collection gives us information about Geo-IP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup.

Installation of Grim tool

Step 1: Use the following command to install the tool from GitHub.

git clone https://github.com/nandydark/grim.git

Step 2: Now move in the directory of the tool using the following command.

cd grim

Step 3: Now the tool has been downloaded successfully use the following command to run the tool.

php grim.php

The tool is running successfully. Now the tool is asking for a website to set a target now we will see some examples to use the tool.

Usage

Example : Use the grim tool to find information about a domain.

php grim.php 

We have given google.com as a domain to the tool. Now the tool will start scanning the domain and will give you all the information about the domain.

The tool found many subdomains of the domain and also the IP address of associated with the domain address.

The tool is finding for SQL injection vulnerability. One by One the tool will gather as much as information available publicly of the domain that you provided. This tool is very helpful in the initial phases of security researchers.