Working with OSRFramework on Kali Linux
Example 1: Domainfy
1. In this example, We will be using the Domainfy sub-command to get information about the target domain (w3wiki.org).
domainfy.py --whois -n w3wiki.org
2. In the below Screenshot, We have got the Whois Data of our target domain w3wiki.org
Example 2: Usufy
1. In this example, We will be using the Usufy sub-command for getting information about the victim user.
2. In the below Screenshot, We have got the various platform links which are associated with our victim user.
Example 3: Mailfy
1. In this example, We will be using the Mailfy sub-command for discovering email addresses that contain the “w3wiki.org” string
2. In the below Screenshot, We have got the results of our scan.
Example 4: Searchfy
1. In this example, We will be using the Searchfy sub-command for getting the information about the victim user.
2. In the below Screenshot, We have got similar user Facebook profile links that can be used in the Social Engineering attacks.
Example 5: Phonefy
1. In this example, We will be using the Phonefy sub-command to get the information about the phone number. In this example, We have provided the phone number of w3wiki Contact Number.
2. In the below Screenshot, We have got the links associated with the phone number.
Example 6: Alias_Generator
1. In this example, We will be using the sub-command alias_generator for generating the alias names from basic information.
2. In the below Screenshot, We have provided some basic information about the user with the name, place, year of birth etc.
3. In the below Screenshot, We have got the list of alias generated using the above basic information. This alias can be used in brute-forcing attacks.
OSRFramework – Open Source Research Framework on Linux
OSINT is the most common method or technique for collecting information about the target domain or employee of the organization from open-source or publicly available data. Mostly malicious hackers use this technique in the attacks of Social Engineering, Phishing, etc. But on the good side, We can use this OSINT technique or understanding the scope and getting familiar with our target domain. OSRFramework is an automated tool designed in the Python language, which is open-source and free to use. OSRFramework is the collection of various sub tools that can help the tester get information about the target domain or victim person. OSRFramework consists of :
- Domainfy – Used to get the information about the target domain.
- Usufy – Looks for registered accounts with given nicknames.
- Mailfy – Gets information about email accounts.
- Searchfy – Performs queries on several platforms.
- Phonefy – Looks for information linked to spam practices by a phone number.
- Alias_Generator – Generates a list of candidate usernames based on available information.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux