Open In App

InfoSploit – Information Gathering Tool in Kali Linux

Improve
Improve
Like Article
Like
Save
Share
Report

InfoSploit is a free and open-source tool available on Github. InfoSploit is used as an information-gathering tool. InfoSploit is used to scan websites for information gathering and finding vulnerabilities in websites and web apps. InfoSploit is one of the easiest and most useful tools for performing reconnaissance on websites and web apps. The InfoSploit tool is also available for Linux, Windows, and Android phones (termux) that are coded in both bash and python languages. InfoSploit interface is very similar to Metasploit 1 and Metasploit. InfoSploit provides a command-line interface that you can run on Kali Linux. This tool can be used to get information about our target(domain). We can target any domain using InfoSploit. The interactive console provides a number of helpful features, such as command completion and contextual help. This tool is written in python language.

You must have python language installed in your Kali Linux to use this tool. InfoSploit can detect WordPress, Drupal, Joomla, and Magento CMS, WordPress sensitive files, and WordPress version-related vulnerabilities. InfoSploit uses different modules for doing all the scanning. The whois data collection gives us information about GeoIP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup. Overall InfoSploit is a vulnerability Scanner. InfoSploit has the following modules DNS Lookup, WHOIS lookup, GEO-Lookup, Subnet lookup, port scanner, Links extractor, etc. InfoSploit can detect closed and open ports of networks. InfoSploit is also called a complete package of Information gathering tools.

Features of InfoSploit :

  • InfoSploit is a free and open-source tool which means you can download and use it free of cost.
  • InfoSploit is a complete package of information-gathering modules.
  • InfoSploit works and acts as a web application/website scanner.
  • InfoSploit is one of the easiest and most useful tools for performing reconnaissance.
  • InfoSploit is written in python language.
  • InfoSploit interface is very similar to metasploitable 1 and metasploitable 2 which makes it easy to use.
  • InfoSploit’s interactive console provides a number of helpful features.
  • InfoSploit is used for information gathering and vulnerability assessment of web applications.
  • InfoSploit can easily find loopholes in the code of web applications and websites.
  • InfoSploit has the following modules Geoip lookup, Banner grabbing, DNS lookup, and port scanning, These modules make this tool so powerful.
  • InfoSploit can target a single domain and can find all the subdomains of that domain which makes work easy for pen-testers.

Uses of InfoSploit Tool :

  • InfoSploit is a complete package of Information gathering tools.
  • InfoSploit can be used to find the IP Addresses of a target.
  • InfoSploit can be used to look for error-based SQL injections.
  • InfoSploit can be used to find sensitive files such as robots.txt.
  • InfoSploit can be used to find information about Geo-IP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, and reverse IP using WHOIS lookup.
  • InfoSploit can be used to detect Content Management Systems (CMS) in the use of a target web application,
  • InfoSploit can be used for  WHOIS data collection, Geo-IP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup
  • InfoSploit is a complete package (TOOL)  for information gathering. This tool is free and Open Source.
  • InfoSploit subdomain finder modules are used to find subdomains of a singer domain.
  • InfoSploit can be used to find the robots.txt file of a website.
  • InfoSploit port scanner modules find closed and open ports which can be used to maintain access to the server.
  • InfoSploit has various modules that can be used to get information about a target.

Github Repository link: https://github.com/CybernetiX-S3C/InfoSploit

Installation and step-by-step tutorial of InfoSploit tool :

Step 1. Open your Kali Linux operating system. Move to desktop. Here you have to create a directory called InfoSploit. In this directory, you have to install the tool. To move to the desktop use the following command.

cd Desktop

moving to desktop

Step 2. Now you are on the desktop. Here you have to create a directory called InfoSploit. To create the InfoSploit directory use the following command.

mkdir InfoSploit

making a new director for infosec

Step 3. You have created a directory. Now use the following command to move into that directory.

cd InfoSploit

Step 4. Now you are in the InfoSploit directory. In this directory you have to download the tool means you have to clone the tool from GitHub. Use the following command to clone the tool from GitHub.

git clone https://github.com/CybernetiX-S3C/InfoSploit

Step 5. The tool has been downloaded in the directory InfoSploit. Now list out the contents of the tool that has been downloaded using the following command.

ls

directory listing in linux

Step 6. When you listed out the contents of the tool you can see that a new directory that has been generated by the tool is InfoSploit. You have to move to this directory to view the contents of the tool. To move in this directory using the following command.

cd InfoSploit

switching directory to infosploit

Step 7. To list out the contents of this directory using the following command.

ls

directory listing for infosploit

Step 8. You can see that so many files are there in this directory. These files are the files of the tool. Now you have to give permission to the tool for execution.

chmod +x install

Step 9. All the process of downloading and installation is completed. Now you have to install the tool to use InfoSploit. To install the tool use the following command.

./install

installing infosploit

Step 10. The tool has been installed now to run the tool using the following command.

Infosploit

running infosploit

Step 11. The tool has finally started and run successfully. You can see a console with so many features. 

infosploit

Working with infosploit :

1. Scan the website scanme.org using InfoSploit to perform DNS Lookup.

To perform DNS Lookup. Choose option 1 as we have chosen. After that, you have to give the website domain as we have given scanme.org. InfoSploit found the DNS Information. This is how you can perform DNS-Lookup using InfoSploit.

1
scanme.org

dnl lookup with infosploit

2. Scan the website scanme.org using Port Scan to find all open and closed ports.

To perform Open and closed Port. Choose option 5 as we have chosen. After that, you have to give the website domain as we have given scanme.org. InfoSploit found the open and closed ports Information. This is how you can perform closed and open ports of a website using InfoSploit.

5
scanme.org

port scanning with infosploit

3. Scan the website scanme.org and extract links.

To Extract links from the domains. Choose option 6 as we have chosen. After that you have to give the website domain as we have given scanme.org. InfoSploit found all the links that are present on that domain. This is how you can extract links from the domain.

6
scanme.org

extracting links using infosploit

4. Scan the website google.com and find robots.txt.

To find robots.txt on google.com. Choose option 12 as we have chosen. After that, you have to give the website domain as we have given here google.com. InfoSploit looks for robots.txt and other files also. Similarly, you can find a robots.txt of any domain.

12
google.com

Conclusion :

These were the examples that we have taken to teach you how you can perform reconnaissance using the InfoSploit tool. It’s very simple and easy to use. You just have to choose options from 1 to 16, and then you have to give the domain name rest of the things will be performed by the InfoSploit tool. InfoSploit is used to scan websites for information gathering and finding vulnerabilities in websites and web apps. InfoSploit is one of the easiest and most useful tools for performing reconnaissance on websites and web apps. The InfoSploit tool is also available for Linux, Windows, and Android phones (termux) that is coded in both bash and python languages. InfoSploit interface is very similar to Metasploit 1 and Metasploit. InfoSploit provides a command-line interface that you can run on Kali Linux. This tool can be used to get information about our target(domain). We can target any domain using InfoSploit. The interactive console provides a number of helpful features, such as command completion and contextual help. This tool is written in python language.



Last Updated : 12 Jul, 2022
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads