Footprinting a Target using OSRFramework

OSRFramework is a set of libraries that are used to perform Open Source Intelligence tasks. They include references to many different applications related to username checking, DNS lookups, information leaks research, deep web search, regular expressions extraction, and many others. It also provides a way of making these queries graphically as well as several interfaces to interact with such as OSRFConsole or a Web interface.

Open kali linux terminal use domainfy

Use domainfy to check with the existing domains using words and nicknames. Type domainfy -n [Domain Name] -t all (here, the target domain name is airasia) and press Enter.

-n: specifies a nickname or a list of nicknames to be checked. -t: specifies a list

of top-level domains where nickname will be searched.

The tool will retrieve all the domains along with their IP addresses related to the target domain. Using this information, attackers can further find vulnerabilities in the subdomains of the target website and launch web application attacks

Use searchfy to check for the existence of a given user details on different social networking platforms such as Github, Instagram and Keyserverubuntu. Type searchfy -q “target user name or profile name” (here, the target user name or profile is brucelee and it is searched in all the social media platforms) and press Enter

The searchfy will search the user details in the social networking platforms and will provide you with the existence of the user. These profile links of the target user can be used by the attackers to perform social engineering attacks.

Similarly, you can use following OSRFramework packages to gather more information about the target:

usufy – Gathers registered accounts with given usernames.
mailfy – Gathers information about email accounts
phonefy – Checks for the existence of a given series of phones
entify – Extracts entities using regular expressions from provided URLs

This concludes the demonstration of gathering information about the target user aliases from multiple social media platforms using OSRFramework.