Reconnaissance with Osmedeus

Osmedeus is a fully automated offensive security framework for reconnaissance and vulnerability scanning. Like all the other tools in the category, Osmedeus allows you to automate some of the boring stuff like footprinting and scanning a target using a collection of awesome tools.

Osmedeus installation

Osmedeus doesn’t ship with Kali Linux, so you will have to install it from the official repository.

The generic steps to install Osmedeus on Kali Linux are as follow:

  • Choose a directory of your liking (I install these external tools to /opt)
  • Clone the GitHub repository:

git clone https://github.com/j3ssie/Osmedeus

Cloning Osmedeus repository

  • Install the application

cd Osmedeus

./install.sh

Osmedeus installationimage

You can now start the application either from the CLI or from the menu if you take two minutes to add there. I’ve previously mentioned alacarte and you can use it again to add another icon to your list of Info Gathering tools.

Adding Osmedeus to Kali Linux menu

Using Osmedeus

Unlike most of the other OSINT tools, Osmedeus does not require you to configure any API keys. Therefore, this application is fairly simple to use.

The results will be saved in separate folders, inside a general folder for each target also referred to as a workspace like in Recon-ng.

Running Osmedeus to scan for subdomains

The tool currently has eight modules with different goals:

  • subdomain - Scanning subdomain and subdomain takeover
  • portscan - Screenshot and Scanning service for list of domains
  • screenshot - Screenshot list of hosts
  • vuln - Scanning version of services and checking vulnerable service
  • git - Scanning for git repo
  • burp - Scanning for burp state
  • dirb - Do directory search on the target
  • ip - IP discovery on the target

I will run only the subdomain because I want to gather additional information on a previous target. For this kind of information request, Osmedeus runs the following apps:

  • Amass
  • subfinder
  • massdns
  • assetfinder
  • gobuster
  • findomain
  • goaltdns

The command is very simple.

  • Just type:

./osmedeus.py -m subdomain -t sans.org

Running Osmedeus

And the final results will be written in a single text file under the aforementioned folder.

Osmedeus scan results

Running Osmedeus in report mode

Osmedeus has a text report mode and a Web UI.

  • Just type :

/osmedeus.py --report help

(will start the Web UI)

Running Osmedeus in report mode

Open the link in your favorite browser:

image

Conclusions:

Osmedeus is a good application to add to your OSINT toolbox. Specially because it automates the use of a different set of tools and therefore it might get some extra results.


Next post: Footprinting with Sublist3r

3 comments:

sak said...

You actually make it look so easy with your performance but I find this matter to be actually something which I think I would never comprehend. It seems too complicated and extremely broad for me. I'm looking forward for your next post, I’ll try to get the hang of it!
Ethical hacking Online Training

Shayzee said...

Hello Everyone !

USA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.

All SSN's are Tested & Verified.

**DETAILS IN LEADS/FULLZ**

->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER
->ADDRESS WITH ZIP
->PHONE NUMBER, EMAIL
->EMPLOYEE DETAILS

*Price for SSN lead $2
*You can ask for sample before any deal
*If you buy in bulk, will give you discount
*Sampling is just for serious buyers

->Hope for the long term business
->You can buy for your specific states too

**Contact 24/7**

Whatsapp > +923172721122

Email > leads.sellers1212@gmail.com

Telegram > @leadsupplier

ICQ > 752822040

Anonymous said...

TESTIMONY ON HOW I GOT MY LOAN AMOUNT FROM A RELIABLE AND TRUSTED LOAN COMPANY LAST WEEK. Email for immediate response drbenjaminfinance@gmail.com

Hello everyone, My name is Mrs. Carolin Glowski, I'm from Europe, am here to testify of how i got my loan from BENJAMIN LOAN FINANCE after i applied Two times from various loan lenders who claimed to be lenders right here this forum, i thought their lending where real and i applied but they never gave me loan until a friend of mine introduce me to {Dr. Benjamin Scarlet Owen} the C.E.O of BENJAMIN LOAN FINANCE who promised to help me with a loan of my desire and he really did as he promised without any form of delay, I never thought there are still reliable loan lenders until i met {Dr. Benjamin Scarlet Owen} who really helped me with my loan and changed my life for the better. I don't know if you are in need of an urgent loan also, So feel free to contact Dr. Benjamin Scarlet Owen on his email address drbenjaminfinance@gmail.com


THANKS