Open In App

Gasmask – Information Gathering Tool in Kali Linux

Improve
Improve
Like Article
Like
Save
Share
Report

Gasmask is a free and open-source tool available on Github. Gasmask is an Open Source Intelligence and Information Gathering Tool based on (OSINT). Gasmask is capable of doing everything almost you need for reconnaissance as per your need it can perform reconnaissance easily. Gasmask works as an open-source tool intelligence tool. It integrates with just about every data source available and utilizes a range of methods for data analysis. Gasmask is written in python language. You must have python language installed into your Kali Linux system in order to use the Gasmask tool. This tool is used to get various information about our target.  This information includes DNS server information, organization name, address, city, zip, country, email address related to the respective organization, registrars, naming servers, DNS information. The dependencies of the tool include Python 3, x validators, python-whois, dnspython, requests, nmap, shodan, censys, pprint. For information gathering, this tool uses the following modules and information gathering sources virustotal, yahoo, spyse, youtube, yandex, shodan, reverse dns, netcraft, whois, bing, censys.io, dns, github, dnsdumpster,  instagram, crt, ask, dogpile. These were the modules for which the tool uses the publicly available data to get information about the target.

Features of Gasmask:

  • Gasmask is a free and open-source tool available on Github. This means you can download and install this tool freely.
  • Gasmask is an Open Source Intelligence and Information Gathering Tool (OSINT).
  • Gasmask is used for performing reconnaissance.
  • Gasmask works as an open-source tool intelligence tool which means open-source information is used by this tool to perform reconnaissance.
  • Gasmask is written in python language. This means you must download and install python language in your Kali Linux operating system.
  • Gasmask has some dependencies which are Python 3, x validators, python-whois, dnspython, requests, mmap, shodan, censys, pprint.
  • Gasmask uses the following modules to perform reconnaissance dns, netcraft, whois, bing, censys.io, dns, Github, dnsdumpster,  instagram, crt, ask, etc.
  • Gasmask is a free tool. You don’t need to pay any amount to anyone to use this tool as it is an open-source tool.

Uses of Gasmask:

  • Gasmask is used to perform reconnaissance.
  • Gasmask is used for information gathering.
  • Gasmask is used to find DNS information.
  • Gasmask is used to find the names of the owner of the organization and the names of people of the respected domains.
  • Gasmask is used to find the address of the domain organization located.
  • Gasmask is used to find the city of the companies’ office.
  • Gasmask is used to find the email addresses associated with the domain.
  • Gasmask is used to find subdomains of the domain.
  • Gaskmask’s Whois lookup is used to find whois information of the domain.
  • Gasmask’s DNS queries are used to find DNS server information.
  • Gasmask’s Bing Virtual Hosts is used to find hosts of the target.

Installation

Step 1. Open your Kali Linux operating system. Move to desktop. Here you have to create a directory called Gasmask. In this directory, you have to install the tool. To move to desktop use the following command.

cd Desktop

move directory to desktop

Step 2. Now you are on the desktop. Here you have to create a directory Gasmask. To create a Gasmask directory using the following command.

mkdir Gasmask

creating directory for gasmask

Step 3.  Step 3. You have created a directory. Now use the following command to move into that directory.

cd Gasmask

change directory to gasmask

Step 4. Now you are in the Gasmask directory. Now you have to install the tool using the following command. Use the following command to install Gasmask.

git clone https://github.com/twelvesec/gasmask.git

cloning gasmask repository

Step 5. The tool has been downloaded to your system now use the following command to list out the contents of the directory.

ls

directory listing in linux

Step 6. You can see there is a directory called gasmask. Move to this directory using the following command.

cd gasmask

change directory to gasmask

Step 7. Now you are in the directory gasmask. Use the following command to list out the contents of the directory.

ls

directory listing

Step 8. You can see so many files here (api_keys.txt gasmask.py readme.md etc).  Now you have to install the requirements.txt of the tool to download the dependencies of the tool.

pip3 install -r requirements.txt

installing requirements for gasmask

Step 9. All the requirements have been downloaded into the tool. Now you can run the tool using the following command.

python3 gasmask.py

running gasmask

Working with Gasmask

1. To perform reconnaissance on a website.

python3 gasmask.py -d testphp.vulnweb.com -i basic'

Use the above command for basic scanning of the tool.

performing reconnaissance

The details which we got are given below.

\__    _/_  _  _ __ |  |_  _ __  /   __/ __   ___  
 |    |  \ \/ \/ // _ \|  |\  \/ // _ \ \___  \_/ _ \/ _\
 |    |   \     /\  _/|  |\   /\  _/ /        \  _/\  \__
 |_|    \/\/  \__  >_/\_/  \__  >__  /\__  >\__  >
                      \/               \/        \/     \/     \/
GasMasK v. 2.0 - All in one Information gathering tool - OSINT
GasMasK is an open source tool licensed under GPLv3.
Written by: @maldevel, mikismaos, xvass, ndamoulianos, sbrb
HOME
Please visit https://github.com/twelvesec/gasmask for more.. [+] Information gathering: ['basic'] [+] Looking into first 100 search engines results [+] Using DNS server: 8.8.8.8 [+] Target: testphp.vulnhub.com:False [+] User-agent strings: 76 [+] Whois lookup ---------------- Name: REDACTED FOR PRIVACY Organization: Offensive Security Address: REDACTED FOR PRIVACY City: REDACTED FOR PRIVACY Zip code: REDACTED FOR PRIVACY Country: GI Emails: abuse@support.gandi.net 00f473073623a6d885a6693334a8c413-15095153@contact.gandi.net 39d0803179f546cd0d04749b02bf7a96-15095389@contact.gandi.net ea4bb56fd04f9305960dbf95649f3840-15094593@contact.gandi.net Registrar: GANDI SAS Whois Server: whois.gandi.net Updated Date: 2020-08-25 02:15:10 2020-08-25 04:15:12 Expiration Date: 2021-09-12 23:36:17 Creation Date: 2012-09-12 23:36:17 Name Servers: ERIC.NS.CLOUDFLARE.COM:173.245.59.112 JEAN.NS.CLOUDFLARE.COM:108.162.192.121 [+] DNS queries --------------- gasmask.py:580: DeprecationWarning: please use dns.resolver.Resolver.resolve() instead answers = myresolver.query(value, record) A DNS record: - CNAME DNS record: - HINFO DNS record: - MX DNS record: - NS DNS record: - PTR DNS record: - SOA DNS record: - TXT DNS record: - SPF DNS record: - SRV DNS record: - RP DNS record: - [+] Reverse DNS Lookup ---------------------- 'bool' object has no attribute 'encode' [+] Bing Virtual Hosts ---------------------- can only concatenate str (not "bool") to str can only concatenate str (not "bool") to str can only concatenate str (not "bool") to str [+] Search engines results - Final Report -----------------------------------------

These details we got after scanning the website. By scanning the above website we got DNS information. Email addresses associated with the website. We got domain details.

2. To perform whois lookup on a website.

python3 gasmask.py -d testphp.vulnweb.com -i whois

whois lookup using gasmask

The details we get after scanning are:

____              ._                ___              
\__    _/_  _  _ __ |  |_  _ __  /   __/ __   ___  
 |    |  \ \/ \/ // _ \|  |\  \/ // _ \ \___  \_/ _ \/ _\
 |    |   \     /\  _/|  |\   /\  _/ /        \  _/\  \__
 |_|    \/\/  \__  >_/\_/  \__  >__  /\__  >\__  >
                      \/               \/        \/     \/     \/
GasMasK v. 2.0 - All in one Information gathering tool - OSINT
GasMasK is an open source tool licensed under GPLv3.
Written by: @maldevel, mikismaos, xvass, ndamoulianos, sbrb
HOME
Please visit https://github.com/twelvesec/gasmask for more.. [+] Information gathering: ['whois'] [+] Looking into first 100 search engines results [+] Using DNS server: 8.8.8.8 [+] Target: testphp.vulnweb.com:18.192.172.30 [+] User-agent strings: 76 [+] Whois lookup ---------------- Name: Acunetix Acunetix Organization: Acunetix Ltd Address: 3rd Floor,, J&C Building,, Road Town City: Tortola Zip code: VG1110 Country: VG Emails: legal@eurodns.com legalservices@eurodns.com administrator@acunetix.com Registrar: Eurodns S.A. Whois Server: whois.eurodns.com Updated Date: 2020-06-08 03:22:51 2020-06-08 05:48:32 Expiration Date: 2021-06-14 07:50:29 2021-06-13 00:00:00 Creation Date: 2010-06-14 07:50:29 2010-06-14 00:00:00 Name Servers: NS1.EURODNS.COM:8.20.241.107 NS2.EURODNS.COM:8.20.243.107 NS3.EURODNS.COM:8.20.241.108 NS4.EURODNS.COM:8.20.243.108 ns1.eurodns.com:8.20.241.107 ns2.eurodns.com:8.20.243.107 ns3.eurodns.com:8.20.241.108 ns4.eurodns.com:8.20.243.108 [+] Search engines results - Final Report -----------------------------------------

Conclusion: These are the example that how you can get information about the target using Gasmask tool. It’s very easy to perform reconnaissance using the Gasmask tool.  Gasmask is capable of doing everything almost you need for reconnaissance as per your need it can perform reconnaissance easily. Gasmask works as an open-source tool intelligence tool. It integrates with just about every data source available and utilizes a range of methods for data analysis.



Last Updated : 16 Sep, 2022
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads