InfoSploit-Information Gathering Tool in Kali Linux
In Kali Linux. InfoSploit is a free and open-source tool that is available on Github. We can use InfoSpoit as an information-gathering tool. InfoSploit is a tool for scanning websites for data collection and identifying vulnerabilities in websites and webapps. InfoSploit is a simple and effective tool for performing reconnaissance on websites and web applications. InfoSploit is also available for Linux, Windows, and Android phones (termux) and is written in both bash and python. The interface of InfoSploit is fairly similar to Metasploit 1 and Metasploit2. InfoSploit has a command-line interface which we can run on Kali Linux. We can use this tool to obtain information about the target (domain). With InfoSploit, we can target any domain. The interactive console has a variety of useful features, including command completion and contextual help. This tool is written in python language.
In order to utilize this tool, we must have the python programming language installed on our Kali Linux system. InfoSploit can detect WordPress, Joomla, Magento CMS, Drupal, and Magento CMS, WordPress sensitive files, and WordPress version-related vulnerabilities. InfoSploit uses various modules to perform scanning. The whois data collection provides us information related to Banner grabbing, port scanning, sub-domain information, Geoip lookup, DNS lookup, reverse IP, and MX records lookup. InfoSploit is a vulnerability scanner in general. DNS Lookup, WHOIS lookup, GEO-Lookup, subnet lookup, port scanner, Links extractor, and some other modules are available in InfoSploit. InfoSploit can identify closed and open ports of networks. InfoSploit is also known as a complete set of information-gathering tools.
Features of InfoSploit
The following are the features of the InfoSploit:
Uses of InfoSploit Tool
The following are the uses of InfoSploit Tool:
How to Install InfoSploit Tool in Kali Linux
The following are the steps that we used to install the InfoSploit tool in Kali Linux:
Step 1: To install InfoSploit, we first have to open our Kali Linux terminal. Move to desktop. Here we need to create a directory named InfoSploit. In this directory, we will install this tool. We use the following command to move to the desktop.
Step 2: Now, we are on the desktop. We must first create a directory called InfoSploit. The following command will create an InfoSploit directory.
Step 3: We have created a directory. Now in order to move into that directory, we have to use the following command.
Step 4: Now, we are in the InfoSploit directory. In this directory, we must download the tool, which implies we must clone the tool from GitHub. In order to clone the tool from GitHub, we have to run the command below.
Step 5: The tool has been downloaded in the directory InfoSploit. Now, use the following command to list the tool's contents that have been downloaded.
Step 6: When we list out the contents of the tool, we will notice that it has created a new directory called InfoSploit. To see the contents of the tool, we must move to this directory. Use the following command to move to this directory.
Step 7: Use the following command to list out the contents of the directory.
Step 8: This directory has a large number of files, as we can see. These files are the tool's files. We must now give the tool permission to execute.
Step 9: The entire downloading and installation process has been completed. To use InfoSploit, we must first install the tool. Use the following command to install the tool.
Step 10: Now that the tool has been installed, execute the following command to run it.
Step 11: The tool has finally begun and is working properly. We can see a console with a lot of features.
Working with InfoSploit
1. Scan the Website javatpoint.com Using InfoSploit to Perform DNS Lookup
In order to perform DNS Lookup. We will choose option 1. After that, we have to enter the website domain, which is javatpoint.com, in our case. InfoSploit found the DNS information. This is how we can use InfoSploit to execute a DNS lookup.
2. Scan the Website javatpoint.com and Extract Links
In order to extract links from the domains. We will choose option 6. After that, we need to provide the website's domain, which we have provided as javatpoint.com. InfoSploit found all the links on that domain. This is how the domain's links can be extracted.
3. Scan the Website javatpoint.com and find robots.txt
We will choose option 12 in order to find robots.txt of javatpoint.com. After that, we need to enter the website domain, which is javatpoint.com, in this case. InfoSploit also searches Robots.txt and other files. Similarly, any domain's robots.txt can be found.
These were the examples that we used to show how to use the InfoSploit tool to perform reconnaissance. It is incredibly straightforward and easy to use. We only need to select options 1 to 16 and then provide the domain name; the rest will be handled by the InfoSploit tool. InfoSploit is a tool for scanning websites for information gathering and identifying vulnerabilities in websites and online apps. InfoSploit is one of the most simple and effective tools for conducting reconnaissance on websites and web applications. The InfoSploit tool, which is written in both bash and python, is also available for Linux, Windows, and Android phones (termux).