Nuubi – Tool for Information Gathering, Scanning And Recon
The information gathered or collected in the Reconnaissance phase serves as the milestone for upcoming stages like Scanning, Exploitation, etc. So managing the relevant and sensitive data is always challenging work for every penetration tester. NUBBI is one tool that is used for penetration testing. NUBBI is a Python-language based tool that performs lots of Recon.
NUBBI gathers information like :
- Performing Banner grabbing
- Performing Subnetlookup
- Performing Cms detection
- Performing Certificate Transparency log monitor
- Performing DNS lookup
- Performing Extract links Recon
- Performing GeoIP lookup
- Performing HTTP headers
- Performing Nmap scan
- Performing Subdomain lookup
- Performing Traceroute Scan
- Finding hosts sharing DNS servers
- URL and website scanner for potentially malicious websites, etc.
Gathering this information can ease exploitation and give a better methodology for the penetration tester to perform Security Research.
Installation of Nuubi Tool in Kali Linux OS
Step 1: Open up your Kali Linux terminal and move to Desktop using the following command.
Step 2: You are on Desktop now create a new directory called NUUBI using the following command. In this directory, we will complete the installation of the NUUBI tool.
Step 3:Now switch to NUUBI directory using the following command.
Step 4: Now you have to install the tool. You have to clone the tool from Github.
git clone https://github.com/pikpikcu/nuubi.git
Step 5: The tool has been downloaded successfully in the NUUBI directory. Now list out the contents of the tool by using the below command.
Step 6: You can observe that there is a new directory created of the nuubi tool that has been generated while we were installing the tool. Now move to that directory using the below command:
Step 7: Once again to discover the contents of the tool, use the below command.
Step 8: Download the required packages for running the tool, use the following command.
pip3 install -r requirements.txt
Step 9: Now we are done with our installation, Use the below command to view the help (gives a better understanding of tool) index of the tool.
python3 nuub.py -h
Working with NUUBI Tool:
Example 1: Subnet Lookup of target
In this example, we will be collecting the information about the Subnet lookup on our target which is geeksforgeeks.org. You can see that we have got Address, Network Range, Netmask, Broadcast etc information from subnet lookup.
python3 nuub.py -s geeksforgeeks.org
Example 2: Subdomain lookup of the target domain
In this example, we are collecting the subdomains of our target. For this collection we are using the -S tag followed by the target URL (geeksforgeeks.org).
Example 3: Find hosts sharing DNS servers
In this example, we will gather the host which is sharing the same DNS Server of geeksforgeeks.org. You can see that we have got No DNS Server Records as result, maybe geeksforgeeks.org doesn’t share their DNS Server with other hosts.
Example 4: HTTP Headers of target URL
In this example, we will with intercepting the HTTP Headers for our target. We have got Status code, Server, Location, Connection, etc.
python3 nuub.py -H geeksforgeeks.org
Example 5: Reverse DNS from the target IP address
In this example, we will be performing Reverse DNS from IP address. You can see that we have provided the IP address of our target and we have got the DNS Name of the associated IP address.
python3 nuub.py --revdns 22.214.171.124
Example 6: Cloudflare cookie scraper
In this example, we will scrape the cookies from our Target Domain.
python3 nuub.py --cookie https://geeksforgeeks.org
In the below screenshot, you can see that we have scraped cookies of geeksforgeeks.org.
Example 7: CMS Detection of Target
In this example, we will be collecting CMS (Content Management System) information. In the Results, we have got the server details and more information.
python3 nuub.py -c geeksforgeeks.org
Example 8: URL and website scanner for potentially malicious websites
In this example, we will scanning the target for any vulnerabilities.
python3 nuub.py --url https://geeksforgeeks.org
Example 9: Crawler target URL
In this example, we will be crawling the target’s metadata which can have some sensitive data hidden.
python3 nuub.py -C geeksforgeeks.org
In the below Screenshot, we have crawled some important URLs from geeksforgeeks.org
Example 10: Certificate Transparency log monitor
In this example, we will be collecting the Certificate Transparency logs from our target domain.
python3 nuub.py --cert geeksforgeeks.org
In the below screenshot, you can see that we have got the information about Certificate Transparency. This information consists of Authority, Issuer, ID, etc.