About GasMasK
GasMasK is a powerful open-source cyber intelligence tool composed of various information-gathering tools, making it a “Swiss Army knife” for security researchers. With this tool’s assistance, we can effortlessly conduct open-source intelligence collection tasks.
Supported GasMasK Information Collection
ask
bing
crt
censys.io
dns
dnsdumpster
dogpile
github
googleplus
netcraft
pgp
reverse dns
shodan
vhosts
virustotal
whois
yahoo
yandex
youtube
spyse
GasMasK Tool Dependencies
Python 3.x
validators
python-whois
dnspython
requests
shodan
censys
mmap
pprint
GasMasK Tool Download
Since this tool is developed based on Python 3, we first need to install and configure the Python 3 environment on our local device. Next, researchers can use the following command to clone the project’s source code locally:
git clone https://github.com/twelvesec/gasmask.git (Swipe right for more)Then use the pip3 command and the requirements.txt provided by the project to install other necessary dependencies:
sudo pip3 install -r requirements.txtGasMasK Tool Modes
Basic Mode: GasMasK
Whois query
DNS request
Reverse DNS query
Bing virtual hosts
GasMasK: Non-Google Mode
Whois query
DNS request
Reverse DNS query
Bing virtual hosts
Bing search
Yahoo search
ASK search
Dogpile search
Yandex search
Crt search
DNSdumpster search
Netcraft search
VirusTotal search
Spyse search
GasMasK Tool Help Information
___________ .__ _________
\__ ___/_ _ __ ____ | |___ __ ____ / _____/ ____ ____
| | \ \/ \/ // __ \| | \ \/ // __ \ \_____ \_/ __ \_/ ___\
| | \ /\ ___/| |_\ /\ ___/ / \ ___/\ \___
|____| \/\_/ \___ >____/\_/ \___ >_______ /\___ >\___ >
\/ \/ \/ \/ \/
GasMasK v. 2.0 - All in one Information gathering tool - OSINT
GasMasK is an open source tool licensed under GPLv3.
Written by: @maldevel, mikismaos, xvass, ndamoulianos, sbrb
https://www.twelvesec.com/
Please visit https://github.com/twelvesec/gasmask for more..usage: gasmask.py [-h] [-d DOMAIN] [-s NAMESERVER] [-x PROXY] [-l LIMIT]
[-i MODE] [-o BASENAME] [-k API-KEY] [-e SPYSE_API_KEY]
[-m MATCH] [-f FILTER] [--count] [-R REPORT]
[-B REPORT_BUCKET] [-1 CENSYS_API_ID] [-2 CENSYS_API_SECRET]
[-r] [-u] [-a ASN] [-c COUNTRY] [-O CERT_ORG]
[-I CERT_ISSUER] [-z CERT_HOST] [-S HTTP_SERVER]
[-t HTML_TITLE] [-b HTML_BODY] [-T TAGS] [-L LIMIT] [-D]
[-v] [-H]
[arguments [arguments ...]]
positional arguments:
arguments Censys queries
optional arguments:
-h, --help Show tool help information and exit
-d DOMAIN, --domain DOMAIN
Domain to be queried
-s NAMESERVER, --server NAMESERVER
DNS server to use
-x PROXY, --proxy PROXY
Use a proxy server to obtain results from the search engine, e.g., '-x http://127.0.0.1:8080'
-l LIMIT, --limit LIMIT
Limit the number of results returned by the search engines, default is 100
-i MODE, --info MODE Limit information gathering mode (basic, nongoogle, whois, dns, revdns, vhosts, google, bing, yahoo, ask, dogpile, yandex, linkedin, twitter, youtube, reddit, github, instagram, crt, pgp, netcraft, virustotal, dnsdump, shodan, censys, spyse).
-o BASENAME, --output BASENAME
Output results in four formats at once (markdown, txt, xml, and html).
-k API-KEY, --shodan-key API-KEY
Shodan search key (MODE="shodan")
-e SPYSE_API_KEY, --spyse-key SPYSE_API_KEY
-m MATCH, --match MATCH
Highlight matching strings in existing query results
-f FILTER, --filter FILTER
Filter JSON key names and display each result
--count Print count results
-B REPORT_BUCKET, --report_bucket REPORT_BUCKET
Bucket length for report mode, default is 10
-1 CENSYS_API_ID, --censys_api_id CENSYS_API_ID
Provide authentication ID for censys.io search engine
-2 CENSYS_API_SECRET, --censys_api_secret CENSYS_API_SECRET
Provide secret key hash for censys.io search engine
-r, --read_api_keys Read API keys stored in the api_keys.txt file, e.g., '-i censys -r'
-u, --update_api_keys
Update stored API keys in the api_keys.txt file, e.g., '-i censys -u'
-a ASN, --asn ASN Filter ASN
-c COUNTRY, --country COUNTRY
Filter country information
-O CERT_ORG, --cert-org CERT_ORG
Organization-issued certificate
-I CERT_ISSUER, --cert-issuer CERT_ISSUER
Organization-issued certificate
-z CERT_HOST, --cert-host CERT_HOST
Hostname certificate
-S HTTP_SERVER, --http-server HTTP_SERVER
Server header
-t HTML_TITLE, --html-title HTML_TITLE
Filter HTML page title
-b HTML_BODY, --html-body HTML_BODY
Filter HTML Body content
-T TAGS, --tags TAGS Filter specified tags, e.g., -T tag1,tag2,...
-L LIMIT, --Limit LIMIT
Limit N results
-D, --debug Show debug information
-v, --verbose Print raw JSON records
-H, --html Display HTML elements in the browser (Swipe right for more)GasMasK Usage
GasMasK Basic Usage Example
python gasmask.py -d example.com -i basic
python gasmask.py -d example.com -i dnsdump
python gasmask.py -d example.com -i shodan -k xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
python gasmask.py -d example.com -i whois,dns,revdns
python gasmask.py -d example.com -i basic,yahoo,github -o myresults/example_com_search_results (Swipe right for more)censys.io Usage Example
python gasmask.py -i censys --Limit 10 nessus
python gasmask.py -i censys -I SAP --report location.country.raw --report_bucket 10
python gasmask.py -i censys --html-title "Hacked By" --Limit 10 --html
python gasmask.py -i censys --tags heartbleed --report location.country.raw
python gasmask.py -i censys -S NGINX --count
python gasmask.py -i censys -d example.com
python gasmask.py -i censys -t "Internal Server Error" -S Apache -m "HTTP 500" --Limit 15 (Swipe right for more)API Key Reading Example (censys.io)
python gasmask.py -i censys -rAPI Key Updating Example (censys.io)
python gasmask.py -i censys -uLicense Agreement
This project’s development and release follow the GPL-3.0 open-source license agreement.
Project Address
gasmask: https://github.com/twelvesec/gasmask
References:
Exciting Recommendations
