• We just launched and are currently in beta. Join us as we build and grow the community.

RED_HAWK : Tool for Information Gathering

ItsHighNoon

Debugging Workflow Master
I
I Rep
0
0
0
Rep
0
I Vouches
0
0
0
Vouches
0
Posts
170
Likes
168
Bits
0
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 400 XP
Salmon-Events-Planner-Portfolio-Website-1.png


Hey Folks, in this tutorial we will discuss on an interesting tool called “REDHAWK“. It’s an all in one tool for information gathering and vulnerability scanning. The tool uses multiple combinations of other third party tools as well as currently is able to detect the following CMSs (Content Management Systems).

List of CMS Supported
  • WordPress
  • Joomla
  • Drupal
  • Magento

Let’s take a look 🙂 !!

Installation

Now first of all we will download this project using git command from gitub and after cloning the repository then we will go to the directory of this tool.
Note : make sure you should have php module to execute this tool.

git clone https://github.com/Tuhinshubhra/RED_HAWK
cd RED_HAWK12git clone
https://github.com/Tuhinshubhra/RED_HAWKcd RED_HAWK

1-18.png


Done 🙂 !! The configuration is complete and now we can use this tool using the following command. Now we have entered our target details and protocol related details on which the website is running. Basically if the target website is running on HTTP protocol then you have to enter “1” otherwise “2″.

php rhawk.php1php rhawk.php

3-18.png


Great 🙂 !! As you can see it has dumped some useful information related to the target website such as webserver, IP address, cms, cloudflare etc.

4-15.png

DNS Lookup

If you want to collect information related to the DNS server of the target website then you can use option “4”.

5-13.png

Calculate Subnet Mask

Similarly by using the “5” option of this tool we can calculate the subnet mask of this target web application.

6-14.png

Open Port Scanning

Often developers forget to add security to the active service running on the server, allowing the attacker to exploit those loopholes and remotely acquire the entire web server. So we use the following tools to find available or open ports on target web server.

7-11.png

Subdomain Finding

In addition, we can retrieve subdomain details through a particular host.

8-11.png

Basic Scanning

Now we will choose option “11” to perform a basic scan against the target web server.

9-9.png


Done 🙂 !! As you can see for yourself what kind of details we get after using the basic scan feature of this tool.

10-7.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

418,124

310,195

310,204

F F33
Top