Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
http://datasploit.info | @datasploit
Overview of Tool?
• Performs Automated OSINT (Reconnaissance) on Domain / Email /
Username.
• Fetches information from mul...
How it works
Python
Client
Mongo Db
Django
Celery
RabbitMQ
Components
• Python: all the logic.
• MongoDB: Storing all files in json dicts.
• Django: Web UI
• Celery: Handles tasks t...
Sources
Email:
Work History
Social profiles
Location Information
Slides
Scribd Documents
Related Websites
HaveIBeenPwned
E...
Documentation
• http://www.datasploit.info
• http://datasploit.readthedocs.io/en/latest/
• https://upgoingstar.github.io/d...
How it works?
• Download from git (git clone or dowload)
git clone https://github.com/upgoingstar/datasploit.git
• pip ins...
Twitter:
@datasploit
https://twitter.com/datasploit
Facebook:
/datasploit
https://www.facebook.co
m/datasploit/
Roadmap
• Reverse image search
• Intelligence on co-relating and validating a profile
• Porting all modules to web UI.
• U...
How to Contribute
• Test the tool (we have very bad dev skills, so you know ;))
• Write a module. Or Suggest a module. (we...
Contributors.
• Shubham Mittal (@upgoingstar)
• Nutan Kumar Panda (@nutankumarpanda)
• Susdhanshu (@sudhanshu_c)
• Kunal (...
Thanks
View on GitHub Download .zip Download .tar.gz
Follow @datasploit for OSINT news and latest updates.
Datasploit - An Open Source Intelligence Tool
Upcoming SlideShare
Loading in …5
×

Datasploit - An Open Source Intelligence Tool

This presentation was used for explaining Datasploit to osint enthusiasts in Blackhat Arsenal 2016 and Defcon 24 Demolabs.

  • Login to see the comments

Datasploit - An Open Source Intelligence Tool

  1. 1. http://datasploit.info | @datasploit
  2. 2. Overview of Tool? • Performs Automated OSINT (Reconnaissance) on Domain / Email / Username. • Fetches information from multiple sources. • Works in passive mode, i.e. not a single packet is sent to the target. • Customized for Pen-testers / Product Security Guys / Cyber Investigators. • Available as command line as well as GUI.
  3. 3. How it works Python Client Mongo Db Django Celery RabbitMQ
  4. 4. Components • Python: all the logic. • MongoDB: Storing all files in json dicts. • Django: Web UI • Celery: Handles tasks thrown from UI, sends results back to UI. • RabbitMQ: Used by Celery for message queuing.
  5. 5. Sources Email: Work History Social profiles Location Information Slides Scribd Documents Related Websites HaveIBeenPwned Enumerated Usernames  Domain: WhoIS DNS Records PunkSpider Wappalyzer Github Email Harvestor  Domain IP History Pagelinks Wikileaks Subdomains Links from Forums Passive SSL Scan ZoomEye Shodan Censys Username: Git Details Check username on various sites. Profile Pics –Output saved in $username directory Frequent Hashtags Interaction on Twitter.
  6. 6. Documentation • http://www.datasploit.info • http://datasploit.readthedocs.io/en/latest/ • https://upgoingstar.github.io/datasploit/
  7. 7. How it works? • Download from git (git clone or dowload) git clone https://github.com/upgoingstar/datasploit.git • pip install –r requirements.txt (includes django and celery • Instal MongoDb and RabbitMQ • Config.py holds API keys • domain_xyz.py – running stand alone scriptss. • domainOsint / emailOsint – automated OSINT
  8. 8. Twitter: @datasploit https://twitter.com/datasploit
  9. 9. Facebook: /datasploit https://www.facebook.co m/datasploit/
  10. 10. Roadmap • Reverse image search • Intelligence on co-relating and validating a profile • Porting all modules to web UI. • Use graphical and visualization templates on UI. • Modules on Phone Number / IP Address / facebook api / git info extract / etc. • Design pluggable APIs structure. • Alerting based on a periodic regular OSINT scan. • Harvest file > Extract metadata > Map vulnerabilities. • OSINT Tutorials.
  11. 11. How to Contribute • Test the tool (we have very bad dev skills, so you know ;)) • Write a module. Or Suggest a module. (we love feedbacks). • Use / Promote / Write about the tool. • Write OSINT blogs / tool walkthrough(s) / etc. • Report issues at https://github.com/upgoingstar/datasploit/issues • Send message via twitter to @datasploit
  12. 12. Contributors. • Shubham Mittal (@upgoingstar) • Nutan Kumar Panda (@nutankumarpanda) • Susdhanshu (@sudhanshu_c) • Kunal (@KunalAggarwal92)
  13. 13. Thanks View on GitHub Download .zip Download .tar.gz Follow @datasploit for OSINT news and latest updates.

×