Is this the best OSINT tool out there?!

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
yo what's going on guys and welcome back today we are doing a video on basically Recon and G if you guys don't know what that is it is an ocent tool it is an amazing tool it is incredible and we're going to cover kind of some of the things that you can do to gather um information about websites businesses things like that and then you guys are going to play with it I'm not going to dive super deep into it because this is a insane tool that you can do all kinds of stuff with um but let's go ahead and get started if you guys like this kind of content hit the like button hit that sub button we're so close I'm trying to get to 5K this year I think we can do it I think you guys have done an amazing job if you guys like this type of um interaction as well go ahead and hop in the Discord the links down below we use that um quite often and there's giveaways in there and stuff like that so check it out and then if you want to support you can hit the patreon but that's not required by any means so don't worry about it all right first things first um for those of you that watch my videos all the time you know I am horrible about put covering my camera with my commands so I'm gonna try and make a very valid point to keep not doing that um hopefully I can do that we'll see here though so let's go ahead and give me one sec here I've got my notes here that I've got to switch over to here so these are the notes these are the commands that we're going to be going through all right so let's go ahead and up and do so first things first um obviously you just have to start up Recon NG so you start it up and you can see we get all those errors right so I'll go ahead and minimize these a little bit here there we go all right so I just want to show you guys those errors and I want you to be able to read them so just so that you can see so you see all of them say hunter i o key not set key not set key not set that's what they are okay so this is a fresh install of parrot you can use this on Cali whatever but when you download and install Recon NG when you install the modules which I'm going to cover here in a second and show you guys um if you don't actually use an API key meaning for instance you guys know with Showdown you have to have an account to use an API key which lets programs actually reach out and request information if you don't put your API key into Recon NG it gives you those errors which says basically it may not work right which makes sense the tool doesn't work if you don't have credentials to log into it if you put your API key you can make this tool even more um insane than it is the big thing is here that I'm not putting my API Keys here just because um for the YouTube video for one this is a box that I use for YouTube videos only and for two um there's a lot of times where I'll open files and things like that without paying attention I don't want to share my API keys right so let's go ahead and hop into it so you can see here we have Discovery modules exploitation modules import modules Recon modules these are just things that they're telling us it's not something um you don't really need to remember it's just telling you the amount of different modules so for instance if we did modules and search and we said we want to search for Recon modules right there's all the Recon modules okay and you can see already you're getting some good information you can see you're looking at uh you can find profiles from different websites that's going to use probably you know like YouTube Twitter things like that for you you can actually go ahead and look at Bing LinkedIn contacts um GitHub users all this stuff so these are good tools right already but well the ones we're going to focus on today are ones that you should be using um kind of when you're doing like pen tests for companies and things like that and these are just a small example of the amount you see there's hundreds of them I don't have time to cover hundreds of them for you guys and I've done videos on recon NG before but I want to do an update one so that way people get more exposure to it and you can actually see some of the modules that I use so let's go ahead and hop into it so first things first you're gonna have to do when you get into Recon and G you will have zero modules so what you can do is you say Marketplace and then you could say search and if you know which module you want you can actually search it so let's say we're going to use the metacrawl let's go ahead and search that and you can see there's the metacrawler one right well what we could do is we could actually install that but since we already have installed we're going to say Marketplace and then we'd say install and all so this will install every basically everything in the marketplace and you can see it's already checking all mine are installed so I'm not going to it's it's actually going back through and installing them again but this is how you get all of them and I recommend doing all of them unless you have specific ones you want you can also use third-party ones and things like that but they're not going to cover that in this the main reason I recommend all of them is they're not like these are taking up a lot of space or anything like that you can go ahead and hop in install them all and within you know five ten minutes you have every module that you need and then there you go you get all the API Keys again so again those are just you have to set the API keys and you can set those when you run those modules so now what we're going to do is we're going to actually go ahead and show you guys the search which I already showed you a little bit but we'll say module search and if you remember we did the discovery there was only two right so module search and we'll search for Discovery ones and there's only two Discovery info disclosure interesting files so this is actually one of my favorite ones and the reason this is one of my favorites is because most of us go to websites and do things you know like using different lists to try and you know gather domain or uh directories right so you may go to a website you may run some you know crawlers you may run whatever you run on it and try and get like the admin page or you know the robots.txt file you try and get all that stuff um and there's different tools that do that you know we all know that there's different tools but this one is just a quick one you don't have to set it all up you don't have to use dirtbuster Go Buster you don't have to wait 20 minutes for it to run I'll show you so we just say on here you're just gonna say you have to start everything with modules if you're going to use a module so you're going to say modules and we're going to say load and it'll tab you see tab info disclosure and we're going to say interesting files okay now when we type options you'll see here this is where you got to be a little bit um kind of Savvy with it you got to know because you notice when you list options it's not like Metasploit where it's going to tell you what options needed um so what we're going to say is we're going to say options set and then Source the source is the option we're going to set right and we're going to set and the source we're going to use we're just going to try hack me because that's something we use all the time on here and we've they they know people are looking at their stuff so we say set now you just run it and now watch this you can see it took me you know five seconds I didn't have to go to durbuster go Buster and I've gotten now granted you see that they're only checking Port 80 here which is fine but you can see I got the robots text I got sitemap um let's see I've got the admin console I've got a web console so I got that quick information just like that so this is all doing stuff that I would look at basically at a glance I'm going to use one tool Recon NG to set aside all this information and this gives me a good starting point this is not going to be an all-inclusive tool you can gather a ton of information on this but again you're not going to use this in only this I did not mean to exit the whole thing um one thing I didn't cover too is how to set up workspaces so if you guys are using a Recon NG for a long period of time such as uh you know you're working with X company right whatever company it is you would actually go ahead and say set it up like this you'd say Recon Ng and you'll say Tech W for workspace and we'll say x company it doesn't matter what it is and you can actually just work with workspaces but you can see here now we have X company so now when we look at workspaces you can see we can create list load so you can see if I say workspace and list workspaces and list you can see we have X companies that's what we're working in it saves that information for you so everything we do is saved so that's why I recommend the workspaces and I forgot to cover it because I'm going through it kind of fast so the next one we're going to wrote run is modules load and this is the meta crawler so we can just say meta crawl let's see if it'll all right so modules load meta crawl okay and of course it's not going to actually run it which is of course so we'll say search and we'll get the actual specific we'll get the specific one here modules search meta crawler um okay and it actually didn't find that one so it's going to be under Recon I believe so we'll look for Recon and we'll look for the metacrawler one so basically what we need is we need the full name of it all right so modules search metacrawler and no modules found okay so I don't have this module found apparently um interesting okay yeah it's not gonna work give me a sec guys I have to download the module I guess I thought I installed them okay guys welcome back so what happened was since this is a fresh install on parrot and I didn't have Recon NG installed yet I installed it for this video or I had Recon G I didn't have the modules installed there's dependencies that are required on these modules and I'll show you how you find that basically first and then I'll show you what I had to do to get it to work so that you guys get metacrawler to work because that's one that I do recommend and use so in Marketplace if I searched for it if I searched for metacrawler you can see it says installed here if that status has disabled which it did at the beginning and I didn't even like pay attention um when that says disabled that means there's dependencies that you haven't installed yet so what you do is you say Marketplace info and you'll say meta crawler or whatever tool you want and you can see here's the dependencies oef file pipe df3 and lxml so I just went over here and I installed them so sudo pip install LF file lxml pipe pdf3 and boom and then now when I go in here and I say modules search and I say meta crawler it exists so now we can use it so that's what you had to do um sorry I had to go out and figure it out because um like I said this is a fresh install for me so I didn't realize that I didn't have the dependencies so like I tell you guys in every one of my videos I don't take out my bloopers if you will um this is a mistake this is something that I should have set up before is it something that you guys will run into in the real world this happens all the time this type of stuff where you have to do a quick troubleshoot say hey why isn't this showing up but it's showing up here and when I saw it was disabled I knew I had to install the dependencies so let's go ahead and hop back into where we were so let's load it up modules load meta crawler and you can see now we're in here so now we need to set the modules set the source again and again we'll just use try hack me .com doesn't really matter and let's go ahead and run it Source contains no input okay modules set source interfaces with install modules okay not sure why it's uh oh I'm doing module set Source that's why it's option set Source see now I got myself all flustered there we go okay now we run it and you can see here within two seconds they found seven files on tryhackme.com we have malware sample PDF we have a case study PDF we have these PDFs so this is an insane tool because this actually allows you to crawl the website and grab PDFs from it that's awesome you can see obviously it does other ones as well it does documents xmls PowerPoints docxes PDFs blah blah the reason this is so good is because I have a video on Google Dorking as well you can do this manually but it's going to take you a lot longer this does it for you in a matter of seconds so that's really really nice and you can see I could go download them if I wanted to I don't really want to so now um we're going to show you two more basically so we'll go ahead and say let's go ahead and modules and load and this one you guys should be familiar with we'll say who is so there's a couple so we're going to say modules load and we'll say who is and we're just going to use the there we go pox one pocs point of contact so now we're just going to say set options if I can type set source and again try hackney.com we already know the who is record of tryaging.com because we've done it on this video 100 times but let's go ahead and run it and now look at this no contact is found now that is true if you do a Heroes who is record on try hack me there is no actual contact found there is a um namecheap ink okay that's a company but there's no contact the the company name is there but not the um contact so keep that in mind that you're not going to always get the who is record because some companies don't list who is and that's fine but you want to run it and you want to strike it out now that's what makes this tool so freaking cool and why I've had to cover well not had to why I've covered Recon NG multiple times in different videos is because look at how easy a one one tool can do all of this for you and you can just be gathering information so now last one whoops last one we're going to do is the MX record and we'll see what we can get from here okay now we're going to say options set source and there are literally hundreds of and we'll run it and you can see here we got five total five new hosts found and you can see we have their mailing Dome or their mailing servers right that is awesome that is awesome and you can see it doesn't give us any information on them just the names which is great um try hack me is a site specifically designed for security so I expect it to be more secure so I don't expect to get a ton of results from these but I use them because we use them all the time on this channel I think they're an incredible company I think they're great and so I like to use them for examples number one to try and get their name out there more as if I need to and number two just because I think it's a good practice to only do this on sites that authorize it okay um so this is kind of some of the stuff you can do on recon and G like I said mess around for yourself the modules search you can see there is literally hundreds okay mess with them start working with them put your API keys in there and see what you can find you can go in here and I know we did one with on the patreon I think maybe I can't remember when I did it but we did a script where we use The Showdown i o API key with Recon NG and we actually were pulling host lists and everything else so there's some really cool stuff you can do here so mess around with it have fun but be careful because yes it's all open source information but as if you're doing this to your friends and family and stuff like that some of it um to me is immoral I don't recommend it I don't I will never um condone that um but if you're doing it for your company or for yourself you're trying to gather information to see what's out there for you you should be doing this on you if you work for a company in your security professional you should be doing these things because these are the things that other hackers are doing so you should be checking out your company saying hey hey we've got these open files sitting out here we should probably um you know get rid of these These are important files those type of things you should be doing so go ahead check it out have fun be safe and once again if you guys like the video like this content hit that like button thank you so much
Info
Channel: stuffy24
Views: 312,936
Rating: undefined out of 5
Keywords: hacking, hacking course, osint, locate phone number on google map, botnets, make your own botnet, How to defend against hackers, how to catch hackers, hackers, hacking defense, cyber security, cyber defense, cyber defense course, how to stop hackers, check if your computer is hacked, is my computer hacked, most powerful hacking tool, recon-ng, recon ng, recon ng tutorial in hindi, recon ng tool, recon ng kali, osint tools, osint framework, osintgram, spy, public info
Id: i99v8lIOvFc
Channel Id: undefined
Length: 17min 9sec (1029 seconds)
Published: Fri Apr 14 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.