当前位置:theitroad>如何使用Digger在Linux上执行信息收集

如何使用Digger在Linux上执行信息收集

时间:2020-02-23 14:30:57  来源:igfitidea点击:

我们是否是渗透测试人员,试图进行快速的信息收集? Digger是一个用python编写的多功能工具,可满足我们所有主要的数据收集需求。 Digger将完成许多基本信息收集任务。

它利用API组合所有数据以隐藏身份。在本指南中,我将向我们介绍如何安装和使用Digger来执行以下操作:Whois Lookup反向DNS LookupDNS LookupPort ScanHTTP标头CheckOnline TracerouteIP位置Lookuprobots.txt CheckerURL提取

如何下载Digger信息收集工具

Digger是一个Python脚本,可以使用git clone在任何Linux系统上轻松下载。

$git clone https://github.com/Sameera-Madhushan/Digger
Cloning into 'Digger'...
remote: Enumerating objects: 29, done.
remote: Counting objects: 100% (29/29), done.
remote: Compressing objects: 100% (28/28), done.
remote: Total 29 (delta 14), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (29/29), done.

克隆后,我们应该获得Digger目录。

$ tree Digger
Digger
├── digger.py
├── LICENSE
├── README.md
└── requirements.txt
0 directories, 4 files

如何使用Digger信息收集工具

下载该工具后,将工作目录更改为Digger

cd Digger

安装Python依赖项

sudo pip3 install -r requirements.txt

安装依赖项后,运行Digger Python脚本:

python3 digger.py

如果我们没有Python 3,请参阅以下文章

如何在Ubuntu 16.04/CentOS 7/Debian 9/macOS上安装Python 3.6

如何在Ubuntu 18.04/Ubuntu 16.04 LTS上安装Pip3和Django

运行脚本时,我们应该收到如下输出

_____  _
|  __ \(_)
| |  | |_  __ _  __ _  ___ _ __
| |  | | |/_` |/_` |/_ \ '__|
| |__| | | (_| | (_| |  __/|
|_____/|_|__, |__, |___|_|
           __/| __/|       v2.0
          |___/|___/

[Coded By Sameera a.k.a άλφα Χ]
     

    {1} Whois lookup
    {2} Traceroute
    {3} DNS Lookup
    {4} Reverse DNS Lookup
    {5} GeoIP Lookup
    {6} Port Scan
    {7} HTTP Header Check
    {8} URL Extractor
    {9} robots.txt Checker
    {10} Update
    {11} Exit

Digger:

现在,使用给出的数字匿名执行信息收集。请参阅下面的示例。

执行Whois查询

Digger:- 1
Do You Wish to Dig Your Own Information[yes/no] - no
Enter IP or Domain for lookup:- google.com
	 [#] Checking the availability of API server...
	 [#] API Server is Online
   Domain Name: GOOGLE.COM
   Registry Domain ID: 2138514_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.markmonitor.com
   Registrar URL: http://www.markmonitor.com
   Updated Date: 2016-02-21T18:36:40Z
   Creation Date: 1997-09-15T04:00:00Z
   Registry Expiry Date: 2017-09-14T04:00:00Z
   Registrar: MarkMonitor Inc.
   Registrar IANA ID: 292
   Registrar Abuse Contact Email: theitroad@localhost
   Registrar Abuse Contact Phone: +1.2083895740
   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
   Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
   Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
   Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
   Name Server: NS1.GOOGLE.COM
   Name Server: NS2.GOOGLE.COM
   Name Server: NS3.GOOGLE.COM
   Name Server: NS4.GOOGLE.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2016-12-05T05:09:08Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

执行DNS查找

Digger:- 3
Enter Domain - google.com
	 [#] Checking the availability of API server...
	 [#] API Server is Online
google.com.		299	IN	A	216.58.217.174
google.com.		299	IN	AAAA	2607:f8b0:4004:80e::200e
google.com.		299	IN	TXT	"docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com.		599	IN	MX	50 alt4.aspmx.l.google.com.
google.com.		59	IN	SOA	ns1.google.com. dns-admin.google.com. 224084865 900 900 1800 60
google.com.		599	IN	MX	30 alt2.aspmx.l.google.com.
google.com.		3599	IN	TXT	"facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com.		21599	IN	CAA	0 issue "pki.goog"
google.com.		21599	IN	NS	ns3.google.com.
google.com.		21599	IN	NS	ns2.google.com.
google.com.		599	IN	MX	20 alt1.aspmx.l.google.com.
google.com.		21599	IN	NS	ns4.google.com.
google.com.		599	IN	MX	10 aspmx.l.google.com.
google.com.		3599	IN	TXT	"v=spf1 include:_spf.google.com ~all"
google.com.		599	IN	MX	40 alt3.aspmx.l.google.com.
google.com.		21599	IN	NS	ns1.google.com.

遵循相同的模式来执行Digger支持的其他信息收集。如果要更新工具,请使用" {10}更新"。

Digger:- 10
Checking for updates...
Digger is Upto Date.

相关推荐

如何在CentOS上安装Redis

如何在CentOS上安装Redis

如何在RHEL 8/CentOS 8上安装Ruby 2.5

如何在RHEL 8/CentOS 8上安装Ruby 2.5

如何在RHEL 8/CentOS 8上安装Scala

如何在RHEL 8/CentOS 8上安装Scala

如何在CentOS 7上安装Semaphore Ansible Web UI

如何在CentOS 7上安装Semaphore Ansible Web UI

相关推荐
最近更新
标签