In this chapter post we will learn some graphical user interface (GUI) tools to collect information about our target systems, websites. As we know that the information gathering is first and main stage of hacking. But question is that why we do it? The answer is that hacking depends upon information and we can attack on our target when we will have some information about our target web or system. Hacking is impossible without the information gathering so it is important for a hacker to collect information about his target using tools and other resources. Information includes IP address, user, Operating System, pictures, many other things related to target and these things will be require during attack. Some attacks will require IP address, some will require username, domain and many more thing. So attacks cannot be performed without some information. In this way information gathering or reconnaissance is first and important stage of hacking. Let’s try it using GUI tools of kali Linux.
a) MALTEGO:
It is a higher power advance information gathering tool of the kali Linux that work in graphical user interface. It is very important tool of kali Linux and a hacker must learn it completely. Information gathering becomes easy by Maltego. It is used to collect information of person’s name, phone number, website, link or URL, Bitcoin address, Bitcoin cash block, Bitcoin cash transaction, bitcoin cash address, crypto currency block, Etherium address, Etherium block, netblock, tracking code, SSl certificate, IPQS tag, circular are, location, GPS coordinate etc. It provides lot of information. You can use it easily because it is pre-installed in kali Linux.
It has two editions community edition and professional edition. Community edition is free and we can collect limited but lot of information about our target. Professional edition is paid and provides full information. Mostly people use community edition. Here I will discuss about community edition.
Maltego community edition to use free
To use community edition registration is important on a website of Maltgo. You can register on Maltego website by following steps, to use Maltego CE. Open the Maltego. Click (run) under (Maltego CE free). Tick the (accept) and click on (next).Then click on (register here) and enter you details to register on a website the Maltego. Then inter your (email address) in Maltego. Then enter your (password) of email as you gave in your register details. Then solve the (captcha) as shown in figure then click on (next). Then (next), then click finish. Now you can use Maltego community edition (free).
Maltego CE registration
To use Maltego CE (install) different (Transforms) as shown in figure. Click on (install). So transforms will install online that you can run during information gathering. You must install (all transforms) to work easily in Maltego. Now we will learn about information gathering of different things in Maltego.
Transforms of Maltego to use after installation online
1).INFORMATION GATHERING OF DOMAIN:
Website hacking has great importance in hacking that is used for ethical and non-ethical purposes. Mainly during web hacking we target a domain and often main domain. So, before hacking this domain to collect information about that specific domain is very important. Now we suppose that we have a domain and we want to collect information about that specific domain (google.com). So we can collect information about this domain by using Maltego. To collect information about a specific domain, open the (new graph) first by clicking on icon as shown in the figure. Then drag the (domain) from left as shown in figure to the graph. Then (double click) on that domain and enter you domain in box and shown in figure. As (google.com) and click (ok). Then to collect information about that domain (right click) domain in graph. Here you will see different transforms means information options which you want to collect. To collect all information click (run) icon. As you will run all transforms then it will take sometimes and Maltego will show you ip addresses, email and other connections related to that specific domain. You can run limited transforms as you wish like DNS transforms, ip transforms, email transforms etc. but for full information you must click on (all transforms). You can see the information of specific transforms by right clicking on that transform and by running further transforms on that specific transform. So, you can collect more and more deep information about your target domain. So, in this way Maltego is very powerful tool in kali Linux. By using collected information you can find different vulnerabilities on weakness in your target domain using different tool like vega, owasp zap etc.
Information and relations of target domain of website
2).INFORMATION GATHRING OF A NAME OF A PERSON:
Sometimes we did not know any information about our target except the name of person related to our target. Sometimes, a person is dangerous for society and he or she is criminal. So, in this case we need to collect information about that person using his/her name. Let’s consider that we want to collect information about (shahswar). So, in Maltego open the (New Graph) and drag the person) from left as shown in figure. Then then remove the current name and type (shahswar) under the (sign) of person as shown in figure. Then to collect information about (shahswar) (right click) on person’s icon and (all transform) to collect full information about (shahswar). Maltego will take sometimes and then it will show you email addresses, phone numbers, domains, websites etc. related to (shahswar). You can also collect further information about specific transforms related to (shahswar) by running further transforms on that specific transforms. So, in this way you can collect lot of information Maltego only using the name of person.
Transforms and relations of target name of a person
3).INFORMATION GATHRING OF A WEBSITE:
It is similar to domain information. Drag the (website) from left side into (new graph), then enter the website as (www.google.com), under the website icon. Then right click on that website icon in graph and run (all transforms) to see complete information about that website, as shown in figure of domain information.
4).INFORMATION GATHRING OF AN IPV4 ADDRESS:
Sometime we need to collect information about an ip address (ipv4) as (192.168.0.1) related
Information and relations of IPv4 address
to our target. It can be ip of a specific machine, computer, website etc. To collect information Related to an ip address open (new graph) by clicking on icon as shown in figure. Then (drag) the ipv4 in graph. Then enter your ip address as (192.168.1.0). (right click) in icon of ip address click on (all transforms) and then click on (run) icon as shown in figure to see full information about that ipv4 address. Similarly you can collect the information about ipv6 address if you now by using same method.
5).INFORMATION GATHRING OF A PHONE NUMBER:
Sometimes we need to collect information about a specific (phone number) related to our target. We can do it by (phoneinfoga) but by Maltego it is very easy. To collect information about a specific phone number open (new graph) in Maltego and (drag) (phone number) from left sides as shown in figure. Then then enter the phone number with country code as (+923404142240). Then right click on the icon of phone number in graph, click on (run) icon to collect full information related to that phone number. Maltego will take some time and then it will provide you the information about the phone number.
Phone number information in Maltego
If short Maltego can gather information about each and every thing or identity only drag the identity about which you want to collect information from left side. Enter requirement and run (all transforms).
So in this way Maltego will help you a lot. I discussed few things in Maltego but you can do lot of things in Maltego. So try them and enjoy Maltego for good and deep information gathering.
b) LEGION:
It is the tool of kali Linux that works in graphical user interface mode and used for information gathering. It is a best tool that helps in information gathering. It is a best tool that helps in information gathering and vulnerability identification. It helps to brute force on a specific service also. Burt first we will discuss about scanning in legion. It is the mixture of different tools like nmap, nikto etc. it provides a lot of information about target website or ip address. You must learn it for information gathering and vulnerability scanning.
Now if we talk about the scanning in legion, there are two methods for scanning in legion. First is (easy) method and second is (HARD) method. Hard method requires many options but easy method is very simple.
To perform scanning on a target website or ip address click on green icon as shown in figure. Then enter your target website link or ip address in (white box) as shown in figure. Select (Easy), then increase the blue line to (insane) level for full scanning. Then click on (submit) to start scanning will start, and it will scan deeply.
Target setting in legion
By clicking on (hosts) you can see hosts of website or host in your provided range. By clicking on (services) you can check services available on target. By clicking on (Tools) you can see tools results available related to your scanning. By clicking on (scripts) you can check vulnerabilities and ssh-keys etc. by clicking on (information) you can see the basic information about your target like ip address MAC address etc. by clicking on CvEs you can find more information and vulnerabilities about your target.
By right clicking on any service information you can use more options and you can find more deep information about your target. You must use different options to find more detail about your target but by simple useful information.
Output of legion about our target
c) SPARTA:
It is also an information gathering and vulnerability scanning tool of kali Linux that is written in python language and works in graphical user interface mode. It is one of the best tool of kali Linux and like legion. It is mixture of different tools like hydra nmap, nikto etc. it helps to find available services on target ip, ip range or on target domain also, basic information, open ports and vulnerabilities. It also helps to perform brute force attack on open service and ports. Its interface and working method is almost similar to legion tool but it is advance.
Now if we talk about the scanning in sparta then click on (scan), then click on (click here to add host to hope), then enter your website domain or ip or ip range of any network and click on (add to scope).
The scanning will start. You can see hosts by clicking on (hosts). You can find open services by clicking on (services). By clicking on (Tools) you can find the results of different tool result related to your scanning. By clicking on (information) you can find basic information related to your target like ip address, MAC address, operating system etc. You can see the result of different tools by clicking on these tools like nikto, hydra etc.
Output of sparta about our target
By right clicking on any services you can find more information about your target. You must use different options for more information. So, it is very helpful tool and you must learn it to save your time and for deep information gathering.
So it was all about the GUI tools of kali Linux to collect basic information about the target. You must learn all tools deeply for more information. I hope will enjoy this chapter for information gathering. So best of luck for information gathering using GUI tools of kali Linux.