Open In App

Reporting Tools in Kali Linux

Last Updated : 30 Dec, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

Reporting is one of the very important means in Ethical hacking or pen-testing, you must have heard the term called POC which is proof of concept. when a hacker or pen tester checks a system for loopholes or vulnerabilities then they need to provide an end report to the organization which consists of all the processes of discovering a vulnerability and also fixing it. These reports include all the information about the testing process, Vulnerabilities discovered in the network or system, and with that countermeasures to make it secure/unreachable. reporting is the last step of the ethical hacking process. Linux offers multiple Reporting Tools which helps pen tester to make these reports and process all the steps for making a good pen test report. Tools like Dradis, Pipal, and Metagoofil. let’s understand each of these in detail below.

Reporting Tools in Linux:

  • Tool 1: Dradis Reporting Tool
  • Tool 2: Pipal Reporting Tool
  • Tool 3: Metagoofil Reporting Tool

Tool 1: Dradis Reporting Tool

It is a tool that helps in the process of penetration testing, which is all about information discovery, Exploiting useful information, and Reporting the findings. It is an open-source collaboration and reporting platform for IT security experts. this platform was developed in the Ruby programming language. this comes preinstalled with new versions of Kali Linux but you can install it manually also.

To install Dradis use the command:

sudo apt-get install dradis
Dradis Installation

 

Usage of Dradis Tool

Step 1: After installation you will see Dradis installed in your application under-reporting tools, To use Dradis open the terminal and run the command sudo Dradis or just simply click on the Dradis application.

sudo dradis
Running Dradis tool

 

Step 2: Now we can go on the given link and a window will open for you to set up your Dradis password and log in.

Opening Dradis tool web interface

 

Step 3: Now after setting your password and login you will be able to see the dashboard where you can create a new project or open and include your old projects to work on.

Setting Password for login

 

Tool 2: Pipal Reporting Tool

This tool is an Open Source Built Ruby for Password analysis. It can be used or come in handy when you are analyzing large password dumps that you used in the process of penetration testing activity. This tool also comes pre-installed with Kali Linux and is found under-reporting tools in the application menu.

To install Pipal use the command:

sudo apt-get install pipal
Installation Pipal tool

 

Usage of Pipal Tool

Step 1: As pipal is a password analyzer I have created a wordlist on the Desktop which consists of different words which we will be analyzing with the pipal tool.

Wordlist data

 

Step 2: Now Go to the terminal and switch the directory where the wordlist is, you can type the command pipal -h to get the helping menu for the pipal tool.

pipal -h
Help page of Pipal tool

 

Step 3: Now let’s analyze the wordlist we just created to do so simply type the command in the terminal in the location of the wordlist.

pipal wordlist.txt
Executing pipal tool with wordlist

 

In the above image, you can see that we have all the analysis that we could have obtained from the wordlist, in this way you can analyze password lists, wordlists and password dumps also with the pipal tool.

Tool 3: Metagoofil Reporting Tool 

This Tool is used for information gathering, it is designed for extracting metadata of public documentation which belongs to a target organization. It can provide a lot of information after scanning documents, and obtaining files. It automatically generates an HTML page for the results of metadata with potential usernames and many more, which is going to be very useful when you are preparing for attacks like brute force which uses data lists to do so.

This tool follows a set of steps to get the useful metadata:

  • It searches for the given file in the target website using Google search, you might have heard about Google Advanced search which allows users to get some really useful data by searching keywords which is not visible to regular users.
  • Then it downloads the matched document that is found on the target website.
  • Now the process of metadata extraction begins from the downloaded documents.
  • Then it shows all the results on the HTML page.

Step 1: To download Metagoofil use the command:

sudo apt-get install metagoofil
Installation of Metagoofil tool

 

Step 2: After installation, you can find this tool in applications under reporting tools, and run directly from there.

Opening Metagoofil tool

 

Step 3: Or you can go to the terminal and type the below command to get the help menu for the usage of this tool or you can easily go to its man page to get more information about it, as you can see in the image below.

metagoofil -h
Help page of tool

 

To use it you can specify the domain and targeted file type you want to search for in that domain particularly.

Usage of Metagoofil Tool

Step 1: To use Metagoofil, go to your terminal and type the command to get the help menu.

metagoofil -h
Help page

 

Step 2: Now we will simply perform a file scan on the domain www.youtube.com for txt file types, to do so we need to specify two arguments that are:

  • -d: it is to specify the domain in our case that is youtube.com
  • -t: it is to specify which file type you are looking for in our case it is txt (text file type).
metagoofil -d www.youtube.com -t txt
Running tool for domain youtube.com

 

Step 3: You can see it has looked up text files and downloaded the data into our local system, the download location is in my Desktop folder so let’s see some of the files that are downloaded.

cat robots.txt
dispaying robots.txt file of Youtube domain

 

So this is how you can use the Metagoofil reporting Tool in kali Linux.

Conclusion

There are many ways to make Ethical hacking Reports but these tools help you to dig in more and find accurate and more useful information regarding your target or victim which leads you to make an impressive and good report. If you want to master report writing start working and understanding these tools, there are many more tools that offer the ability to do report writing and manage the resources the same way the above tools do but it is not possible to cover all the tools in a single article, but you can always dig in and find more, or maybe you can build your tools and software’s which will help Linux developers community.



Like Article
Suggest improvement
Next
Sparta Tool in Kali Linux
Share your thoughts in the comments

Similar Reads

Kali-Whoami - Stay anonymous on Kali Linux
Gobuster - Penetration Testing Tools in Kali Tools
Kali Linux Tools
Kali Linux - Exploitation Tools
Kali Linux - Information Gathering Tools
Kali Linux - Vulnerability Analysis Tools
Kali Linux - Web Penetration Testing Tools
Top 10 Kali Linux Tools For Hacking
Kali Linux - Wireless Attack Tools
Kali Linux - Forensics Tools
author
lucifer2411
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox