Hacking, Hacking Tools, Vulnerability

TIDoS Framework -Web Penetration Testing Toolkit for Reconnaissance



Reconnaissance

Reconnaissance is a process to get information in-depth about the target. Keep gathering information until penetration testing phase is a bit difficult.

Here we have a Python script called TIDOS which helps Hackers or Penetration testers.This toolkit will gather information with best modules.

Here I have used Kali Linux as (Attacker Machine)

Installation

  • Download the TIDOS Tool Here

  • Execute the command: Python setup.py

  • Agree with Teams and conditions with Yes.

Execute the Script – Reconnaissance

  • It is very easy to run this python script after successful installation.
  • Execute the command to run the script: tidos

Pglink

  • Execute the command: pglink
  • After execution type, the backlinks of the website you want to look up.

Geolocation Lookup

  • Execute command: geoip
  • After execution type, websites geolocation you want to look up.

Grabbing HTTP Headers

  • Execute command: grabhead

  • Above figure Illustrates gathered information of web server, version and more.

Must Read Complete Kali Tools tutorials from Information gathering to Forensics

Ping Check

  • Execute command: piweb



  • Above figure Illustrates gathered information of target is Up or down.

Nmap Port Scan

  • Execute command: nmap

  • Above figure Illustrates gathered information of targets open ports.

Reverse IP Lookup

  • Execute command: revip

  • Above figure Illustrates gathered information of targets reverse Ip lookups.

Reverse DNS Lookup

  • Execute command: revdns

  • Above figure Illustrates gathered information of targets reverse DNS lookups.

Sub-Domain Scan

  • Execute command: subdom

  • Above figure Illustrates gathered information of targets Subdomains.

Subnet Range

  • Execute command: subnet

  • Above figure Illustrates gathered information of targets subnet range.

DNS Lookup

  • Execute command: dnschk

  • Above figure Illustrates gathered information of Targets Domain records.

Google Search

  • Execute command: gsearch

  • Above figure Illustrates gathered information of target records on Google search engine.

DDOS

  • Execute command: fl00d

  • Above figure Illustrates target is flooded with ICMP packets & Check the availability of a website.

Before exploiting, Known your targets loopholes in reconnaissance phase.Reconnaissance provides information about vulnerable software version and more.



Source : GBHackers



Previous ArticleNext Article

Founder and Editor-in-Chief of ‘Professional Hackers India’. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.