InfoSploit-Information Gathering Tool in Kali Linux

In Kali Linux. InfoSploit is a free and open-source tool that is available on Github. We can use InfoSpoit as an information-gathering tool. InfoSploit is a tool for scanning websites for data collection and identifying vulnerabilities in websites and webapps. InfoSploit is a simple and effective tool for performing reconnaissance on websites and web applications. InfoSploit is also available for Linux, Windows, and Android phones (termux) and is written in both bash and python. The interface of InfoSploit is fairly similar to Metasploit 1 and Metasploit2. InfoSploit has a command-line interface which we can run on Kali Linux. We can use this tool to obtain information about the target (domain). With InfoSploit, we can target any domain. The interactive console has a variety of useful features, including command completion and contextual help. This tool is written in python language.

In order to utilize this tool, we must have the python programming language installed on our Kali Linux system. InfoSploit can detect WordPress, Joomla, Magento CMS, Drupal, and Magento CMS, WordPress sensitive files, and WordPress version-related vulnerabilities. InfoSploit uses various modules to perform scanning. The whois data collection provides us information related to Banner grabbing, port scanning, sub-domain information, Geoip lookup, DNS lookup, reverse IP, and MX records lookup. InfoSploit is a vulnerability scanner in general. DNS Lookup, WHOIS lookup, GEO-Lookup, subnet lookup, port scanner, Links extractor, and some other modules are available in InfoSploit. InfoSploit can identify closed and open ports of networks. InfoSploit is also known as a complete set of information-gathering tools.

Features of InfoSploit

The following are the features of the InfoSploit:

• InfoSploit is a free and open-source tool that we can download and use without charge.
• The interactive console in InfoSploit has a lot of useful features.
• InfoSploit is a complete package of information gathering modules.
• InfoSploit can target a single domain and find all of its subdomains, making pentesting easier.
• InfoSploit is a powerful tool for finding flaws in the code of web apps and
• InfoSploit is one of the most simple and effective reconnaissance tools available.
• InfoSploit is written in python
• InfoSploit is a tool for obtaining information and assessing the vulnerability of web applications.
• The following modules are included in InfoSploit: Geoip lookup, DNS lookup, port scanning, and Banner grabbing. These modules are what makes this tool so effective.
• InfoSploit works and acts as a web application/website scanner.
• InfoSploit has an interface that is very similar to Metasploitable 1 and Metasploitable 2, making it simple to use.

Uses of InfoSploit Tool

The following are the uses of InfoSploit Tool:

• With the help of the InfoSploit tool, we can find the IP addresses of the target.
• We use InfoSploit to find information about Geo-IP lookup DNS lookup, Banner grabbing, sub-domain information, port scanning, reverse scanning with the help of the WHOIS lookup.
• We can use InfoSploit to find sensitive files like txt.
• We can use InfoSploit to detect Content Management Systems (CMS) using a target web application.
• InfoSploit contains a number of modules that we can use to get information about a target.
• The subdomain finder modules in InfoSploit can be used to find sub-domains of a single domain.
• We can use InfoSploit to find txt files or a website.
• We can use InfoSploit to find error-based SQL injections.

How to Install InfoSploit Tool in Kali Linux

The following are the steps that we used to install the InfoSploit tool in Kali Linux:

Step 1: To install InfoSploit, we first have to open our Kali Linux terminal. Move to desktop. Here we need to create a directory named InfoSploit. In this directory, we will install this tool. We use the following command to move to the desktop.

Step 2: Now, we are on the desktop. We must first create a directory called InfoSploit. The following command will create an InfoSploit directory.

Step 3: We have created a directory. Now in order to move into that directory, we have to use the following command.

Step 4: Now, we are in the InfoSploit directory. In this directory, we must download the tool, which implies we must clone the tool from GitHub. In order to clone the tool from GitHub, we have to run the command below.

Step 5: The tool has been downloaded in the directory InfoSploit. Now, use the following command to list the tool's contents that have been downloaded.

Step 6: When we list out the contents of the tool, we will notice that it has created a new directory called InfoSploit. To see the contents of the tool, we must move to this directory. Use the following command to move to this directory.

Step 7: Use the following command to list out the contents of the directory.

Step 8: This directory has a large number of files, as we can see. These files are the tool's files. We must now give the tool permission to execute.

Step 9: The entire downloading and installation process has been completed. To use InfoSploit, we must first install the tool. Use the following command to install the tool.

Step 10: Now that the tool has been installed, execute the following command to run it.

Step 11: The tool has finally begun and is working properly. We can see a console with a lot of features.

Working with InfoSploit

1. Scan the Website javatpoint.com Using InfoSploit to Perform DNS Lookup

In order to perform DNS Lookup. We will choose option 1. After that, we have to enter the website domain, which is javatpoint.com, in our case. InfoSploit found the DNS information. This is how we can use InfoSploit to execute a DNS lookup.

2. Scan the Website javatpoint.com and Extract Links

In order to extract links from the domains. We will choose option 6. After that, we need to provide the website's domain, which we have provided as javatpoint.com. InfoSploit found all the links on that domain. This is how the domain's links can be extracted.

3. Scan the Website javatpoint.com and find robots.txt

We will choose option 12 in order to find robots.txt of javatpoint.com. After that, we need to enter the website domain, which is javatpoint.com, in this case. InfoSploit also searches Robots.txt and other files. Similarly, any domain's robots.txt can be found.

Conclusion

These were the examples that we used to show how to use the InfoSploit tool to perform reconnaissance. It is incredibly straightforward and easy to use. We only need to select options 1 to 16 and then provide the domain name; the rest will be handled by the InfoSploit tool. InfoSploit is a tool for scanning websites for information gathering and identifying vulnerabilities in websites and online apps. InfoSploit is one of the most simple and effective tools for conducting reconnaissance on websites and web applications. The InfoSploit tool, which is written in both bash and python, is also available for Linux, Windows, and Android phones (termux).