Open In App

OSRFramework – Open Source Research Framework on Linux

Improve
Improve
Like Article
Like
Save
Share
Report

OSINT is the most common method or technique for collecting information about the target domain or employee of the organization from open-source or publicly available data. Mostly malicious hackers use this technique in the attacks of Social Engineering, Phishing, etc. But on the good side, We can use this OSINT technique or understanding the scope and getting familiar with our target domain. OSRFramework is an automated tool designed in the Python language, which is open-source and free to use. OSRFramework is the collection of various sub tools that can help the tester get information about the target domain or victim person. OSRFramework consists of :

  1. Domainfy – Used to get the information about the target domain.
  2. Usufy – Looks for registered accounts with given nicknames.
  3. Mailfy – Gets information about email accounts.
  4. Searchfy – Performs queries on several platforms.
  5. Phonefy – Looks for information linked to spam practices by a phone number.
  6. Alias_Generator – Generates a list of candidate usernames based on available information.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of OSRFramework on Kali Linux

Step 1: Check whether Python Environment is Established or not, use the following command.

python3

Step 2: Update Your System using the following command.

sudo apt update -y

Step 3: Install the essential setup tools, use the following command.

sudo apt install python3-pip python-setuptools

Step 4: Now we are ready to install OSRFramework. To install it we run the following command on our terminal:

sudo pip3 install osrframework

Step 5: Check the help Section of the tool for better understanding, use the following command.

osrf --help

Working with OSRFramework on Kali Linux

Example 1: Domainfy

1. In this example, We will be using the Domainfy sub-command to get information about the target domain (geeksforgeeks.org).

domainfy.py --whois -n geeksforgeeks.org

2. In the below Screenshot, We have got the Whois Data of our target domain geeksforgeeks.org

Example 2: Usufy

1. In this example, We will be using the Usufy sub-command for getting information about the victim user. 

2. In the below Screenshot, We have got the various platform links which are associated with our victim user.

Example 3: Mailfy

1. In this example, We will be using the Mailfy sub-command for discovering email addresses that contain the “geeksforgeeks.org” string

2. In the below Screenshot, We have got the results of our scan.

Example 4: Searchfy

1. In this example, We will be using the Searchfy sub-command for getting the information about the victim user.

2. In the below Screenshot, We have got similar user Facebook profile links that can be used in the Social Engineering attacks.

Example 5: Phonefy

1. In this example, We will be using the Phonefy sub-command to get the information about the phone number. In this example, We have provided the phone number of GeeksforGeeks Contact Number.

2. In the below Screenshot, We have got the links associated with the phone number.

Example 6: Alias_Generator

1. In this example, We will be using the sub-command alias_generator for generating the alias names from basic information.

2. In the below Screenshot, We have provided some basic information about the user with the name, place, year of birth etc.

3. In the below Screenshot, We have got the list of alias generated using the above basic information. This alias can be used in brute-forcing attacks.


Last Updated : 08 Nov, 2021
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads