Tutorial: One Shot Passive Discovery

January 20, 2017 | Views: 6162

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Estimated reading time: 1.5 minutes

When preparing for a penetration test, step one: Gather the information.

Let’s collect the information about the target by digging what is already available on the internet.  You may do Google search, whois, traceroute, advanced Googling and other stuff but let’s kill this with one shot. I have found a cool script which can come in handy to your rescue.

STEP 1: Installing the script

Getting into the directory where yo want to install this, I have chosen /opt directory.

  1. open the terminal
  2. cd /opt/
  3. git clone https://github.com/leebaird/discover.git

STEP 2: Running the script

  1. [ command – cd discover ]  You are set to rock now
  2. ./discover.sh

discovery-1

  • Choose 1 for domain discovery
  • Choose 1 for passive discovery
  • Input the company name and domain name

discovery-2

NOTE: For the first time let it run and see the processing: in my case the harvester scripts were postfixed with permission denied error, I went to usr/bin and found theHarvester.py file ad gave it executable permissions [command – chmod 777 theHarvester.py ]

discovery-3

  • Let it run, It will prompt you to press return when done.

discovery-4

STEP 3: Reporting

It will then open multiple tabs in firefox and an interactive web report as well, best part. You can browse through the report like a website easily.

discovery-5

discovery-6

discovery-7

  • Food for the brain: Figure out where the reports are getting stored

NOTE: Passive scanning can be done on any domain as we are only gathering the information which is freely available on the internet. We are just using the script to net all these fish.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
3 Comments
  1. Nice Streamlining – I love the command line, but this saves a lot of potential wasted time.

  2. Nice one thank you man 🙂

  3. Interesting. Very similar to theHarvester, with in tabs for ease of viewing and a diagram to show the relationship. I suppose for us heathens that hate command lines and like GUI stuff, it is okay. :>

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel