Penetration Testing Tutorial : Dmitry Deepmagic Tool For Information gathering
Dmitry : Deepmagic Information Gathering Tool .
Information Gathering is the task where all the penetration testing begins . When Gathering Information about the target , there come a plenty of tools . In this post , we will use Dmitry to gather information about the target . Dmitry is an command line tool and comes pre-installed within the Kali linux . The best use of Dmitry is to use it for gathering information on a web server , but is not limited to it . One can use Dmitry for information gathering purposes in lots of applications .
Here is what Dmitry does for you during the penetration testing Information Gathering :
[box ENGINE=”shadow” align=”” class=”” width=””]DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and much more. [/box]
The following is a list of the current features:
- An Open Source Project.
- Perform an Internet Number whois lookup.
- Retrieve possible uptime data, system and server data.
- Perform a SubDomain search on a target host.
- Perform an E-Mail address search on a target host.
- Perform a TCP Portscan on the host target.
- A Modular program allowing user specified modules
Official Website and Source : http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/
Here is a Command Line help for the Dmitry Tool .
root@kali:~# dmitry -h Deepmagic Information Gathering Tool "There be some deep magic going on" dmitry: invalid option -- 'h' Usage: dmitry [-winsepfb] [-t 0-9] [-o %host.txt] host -o Save output to %host.txt or to file specified by -o file -i Perform a whois lookup on the IP address of a host -w Perform a whois lookup on the domain name of a host -n Retrieve Netcraft.com information on a host -s Perform a search for possible subdomains -e Perform a search for possible email addresses -p Perform a TCP port scan on a host * -f Perform a TCP port scan on a host showing output reporting filtered ports * -b Read in the banner received from the scanned port * -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 ) *Requires the -p flagged to be passed
Run a domain whois lookup (w), an IP whois lookup (i), retrieve Netcraft info (n), search for subdomains (s), search for email addresses (e), do a TCP port scan (p), and save the output to example.txt (o) for the domain example.com:
root@kali:~# dmitry -winsepo example.txt example.com Deepmagic Information Gathering Tool "There be some deep magic going on" Writing output to 'example.txt' HostIP:188.8.131.52 HostName:example.com