DataSploit – Framework to Perform Various OSINT Techniques
Introduction
DataSploit is an OSINT Framework which allows you to perform various recon techniques (on phone numbers, bitcoin addresses, people, companies, etc.), to aggregate all the raw data, and give data in multiple formats. If you are pentester, cybersecurity researcher or bug hunter, you’ll find DataSploit very useful OSINT framework. It brings all useful and effective OSINT tools and techniques in one place, correlates the raw data captured and gives you all the relevant information about the target’s domain/email/IP, etc.
DataSploit: An OSINT Framework to Perform Various Recon Techniques
Written in Python, this tool allows you to collect relevant information about a target and make/plan your attack/defence smoothly and quickly. DataSploit is an easy to use OSINT framework, but you can also use it as a library and write your own modules/tools.
Features:
- Performs automated OSINT on a domain / email / username / IP and find out relevant information from different sources.
- Easy to contribute OSINT Framework.
- Code for Banner, Main and Output function. Datasploit automagically do rest of the things for you.
- Useful for Pen-testers, Bug Bounty Hunters, Cyber Investigators, Product companies, Security Engineers, etc.
- Collaborate the results, show them in a consolidated manner.
- Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, usernames, dumped accounts, etc. related to the target.
- Can be used as library, automated scripts or standalone scripts.
- Can generate lists which can be feeded to active scan tools.
- Generates HTML, along with text files.
Requirements:
Python 2.7(not support forPython 3.0)- All from
requirements.txt
Install
Standalone Tool Installation
To install it as a standalone Tool, first you need to clone DataSploit repo and navigate to the working directory:
$ git clone https://github.com/datasploit/datasploit
$ cd datasploit
Then install all python libraries (requirements.txt) via pip:
$ pip install -r requirements.txt
$ pip install --upgrade --force-reinstall -r requirements.txt
And rename sample-config.py file:
$ mv sample-config.py config.py
Installation as a Library
Install DataSploit using pip (this command will install all the dependencies:
$ pip install datasploit
Once dataSploit is installed successfully, go and edit the config file to add your own API keys:
$ datasploit_config
Follow the guide on how to generate API keys.
Basic Usage
To see available options/commands, simply run:
$ python datasploit.py -h
usage: datasploit.py [-h] [-i SINGLE_TARGET] [-f FILE_TARGET] [-a] [-q]
[-o OUTPUT]
____/ /____ _ / /_ ____ _ _____ ____ / /____ (_)/ /_
/ __ // __ `// __// __ `// ___// __ \ / // __ \ / // __/
/ /_/ // /_/ // /_ / /_/ /(__ )/ /_/ // // /_/ // // /_
\__,_/ \__,_/ \__/ \__,_//____// .___//_/ \____//_/ \__/
/_/
Open Source Assistant for #OSINT
www.datasploit.info
optional arguments:
-h, --help show this help message and exit
-i SINGLE_TARGET, --input SINGLE_TARGET
Provide Input
-f FILE_TARGET, --file FILE_TARGET
Provide Input
-a, --active Run Active Scan attacks
-q, --quiet Run scans in automated manner accepting default
answers
-o OUTPUT, --output OUTPUT
Provide Destination Directory
Connect at Social Media: @datasploitExample: to run any script, you need to pass the respective argument:
$ python domainOsint.py -d example.com
domainOsint will call all other domain_* scripts and list down data as well as dump the same in MongoDB. For more usage examples and explanations, refer to the official DataSploit docu. (click on the “documentation button below)
