Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

Nuubi – Tool for Information Gathering, Scanning And Recon

  • Last Updated : 23 Aug, 2021

The information gathered or collected in the Reconnaissance phase serves as the milestone for upcoming stages like Scanning, Exploitation, etc. So managing the relevant and sensitive data is always challenging work for every penetration tester. NUBBI is one tool that is used for penetration testing. NUBBI is a Python-language based tool that performs lots of Recon. 

NUBBI gathers information like :

  1. Performing Banner grabbing
  2. Performing Subnetlookup
  3. Performing Cms detection
  4. Performing Certificate Transparency log monitor
  5. Performing  DNS lookup
  6. Performing Extract links Recon
  7. Performing GeoIP lookup
  8. Performing HTTP headers
  9. Performing Nmap scan
  10. Performing Subdomain lookup
  11. Performing Traceroute Scan
  12. Finding hosts sharing DNS servers
  13. URL and website scanner for potentially malicious websites, etc.

Gathering this information can ease exploitation and give a better methodology for the penetration tester to perform Security Research.

Installation of Nuubi Tool in Kali Linux OS

Step 1: Open up your Kali Linux terminal and move to Desktop using the following command.

cd Desktop

Step 2: You are on Desktop now create a new directory called NUUBI using the following command. In this directory, we will complete the installation of the NUUBI tool.



mkdir NUUBI

Step 3:Now switch to NUUBI directory using the following command.

cd NUUBI

Step 4: Now you have to install the tool. You have to clone the tool from Github.

git clone https://github.com/pikpikcu/nuubi.git

Step 5: The tool has been downloaded successfully in the NUUBI directory. Now list out the contents of the tool by using the below command.

ls

Step 6: You can observe that there is a new directory created of the nuubi tool that has been generated while we were installing the tool. Now move to that directory using the below command:



cd nuubi

Step 7: Once again to discover the contents of the tool, use the below command.

ls

Step 8: Download the required packages for running the tool, use the following command.

pip3 install -r requirements.txt

Step 9: Now we are done with our installation, Use the below command to view the help (gives a better understanding of tool) index of the tool.

python3 nuub.py -h

Working with NUUBI Tool:

Example 1: Subnet Lookup of target    

In this example, we will be collecting the information about the Subnet lookup on our target which is geeksforgeeks.org. You can see that we have got Address, Network Range, Netmask, Broadcast etc information from subnet lookup.

python3 nuub.py -s geeksforgeeks.org

Example 2: Subdomain lookup of the target domain

In this example, we are collecting the subdomains of our target. For this collection we are using the -S tag followed by the target URL (geeksforgeeks.org).



Example 3: Find hosts sharing DNS servers

In this example, we will gather the host which is sharing the same DNS Server of geeksforgeeks.org. You can see that we have got No DNS Server Records as result, maybe geeksforgeeks.org doesn’t share their DNS Server with other hosts.

Example 4: HTTP Headers of target URL

In this example, we will with intercepting the HTTP Headers for our target. We have got Status code, Server, Location, Connection, etc.

python3 nuub.py -H geeksforgeeks.org

Example 5: Reverse DNS from the target IP address

In this example, we will be performing Reverse DNS from IP address. You can see that we have provided the IP address of our target and we have got the DNS Name of the associated IP address.

python3 nuub.py --revdns 34.218.62.116

Example 6: Cloudflare cookie scraper

In this example, we will scrape the cookies from our Target Domain.

python3 nuub.py --cookie https://geeksforgeeks.org

In the below screenshot, you can see that we have scraped cookies of geeksforgeeks.org.



Example 7: CMS Detection of Target

In this example, we will be collecting CMS (Content Management System) information. In the Results, we have got the server details and more information.

python3 nuub.py -c geeksforgeeks.org

Example 8: URL and website scanner for potentially malicious websites

In this example, we will scanning the target for any vulnerabilities.

python3 nuub.py --url https://geeksforgeeks.org

Example 9: Crawler target URL

In this example, we will be crawling the target’s metadata which can have some sensitive data hidden.

python3 nuub.py -C geeksforgeeks.org

In the below Screenshot, we have crawled some important URLs from geeksforgeeks.org

Example 10: Certificate Transparency log monitor

In this example, we will be collecting the Certificate Transparency logs from our target domain.

python3 nuub.py --cert geeksforgeeks.org

In the below screenshot, you can see that we have got the information about Certificate Transparency. This information consists of Authority, Issuer, ID, etc.




My Personal Notes arrow_drop_up
Recommended Articles
Page :