Red Hawk is a free and open-source tool available on GitHub. Red Hawk is used to scanning websites for information gathering and finding vulnerabilities. Red Hawk is written in PHP. It uses PHP script to do reconnaissance. Red Hawk is so powerful that it can detect content management system while scanning, it can detect IP address, it can detect webserver record, it can detect Cloudflare information, and can detect robots.txt. Red Hawk can detect WordPress, Drupal, Joomla, and Magento CMS. Red Hawk looks for error-based SQL injections, WordPress sensitive files, and WordPress version-related vulnerabilities. RedHawk uses different modules for doing all the scannings. WHOIS data collection gives us information about Geo-IP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup. Overall RedHawk is a vulnerability Scanner.
Uses of Red Hawk :
- Red Hawk can be used as a vulnerability Scanner.
- Red Hawk can be used to find IP Addresses of the target.
- Red Hawk can be used to look for error based SQL injections
- Red Hawk can be used to find sensitive files
- Red Hawk can be used to find information about Geo-IP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP using WHOIS lookup.
- Red Hawk can be used to detect Content Management Systems (CMS) in use of a target web application,
- Red Hawk can be used for WHOIS data collection, Geo-IP lookup, Banner grabbing, DNS lookup, port scanning, sub-domain information, reverse IP, and MX records lookup
- Red Hawk is a complete package (TOOL) for information gathering .its free and Open Source.
Installation of Red Hawk :
Step 1: Turn on your Kali Linux operating system and Move to the Desktop using the following command.
Step 2: Create a new directory on Desktop and name it redhawk.
Step 3: Now move to redhawk directory.
Step 4: Now within this directory you have to download the RedHawk tool, or You have to simply git clone from Github.
git clone https://github.com/Tuhinshubhra/RED_HAWK
Step 5: As you can see Now you have downloaded Redhawk from GitHub using the git clone command. Now you have to move on RED_HAWK directory using the following command.
Step 6: Now you are under RED_HAWK directory where you have to run the tool. Now to list out the content of the tool type following command
Step 7: You can see many files here such as config.php, Dockerfile, LICENSE, rhawk.php, var.php these files are the main files of the tool.
Now run the tool type following command and press enter.
Step 8: Now you have to choose between HTTP and HTTPS.
Step 9: Now you will a screen like this is the screen of the tool after setting domain google.com.
Step 10: Now you can see scanning is completed.
Scanning is completed we have scanned google.com and we found IP address 18.104.22.168, and we found web server gws, similarly, we can run the tool again and again and can find out many vulnerabilities and options. So this is the full approach for scanning using RED HAWK.
Step 10: Now choose the options according to your requirements just like if you want to choose option 0 so type 0.
Now you can choose options from here according to your requirements. There are various options here such as whois lookup, subdomain scanner, crawler, geo-ip lookup, nmap port scan, mx-lookup, etc. choose options from here and stay connected with the internet while running the tool and you will get the desired result according to the option that you have chosen. For example, if you have chosen option 7. So type 7, and you will get all the subdomain of the domain that you have provided.