Ethical Hacking and Countermeasures

Certified Ethical Hacker

OSRFramework Cheat Sheet

OSRFramework OSRFramework includes applica�ons related to username checking, DNS lookups, informa�on leaks research, deep web search, regular expression extrac�on, etc. Tools included in the OSRFramework package to gather informa�on on the target
Source: [Link] are [Link], [Link], [Link], [Link], [Link], and en�[Link].

[Link] – Verifies a user profile against 290 different platforms

Syntax Processing arguments Processing arguments
-o <path_to_output_folder>, -e <sum_ext> [<sum_ext>
[Link] Specify Output folder for the generated Specify the output extension for the summary files.
--output_folder ...], --extension <sum_ext>
(--info <ac�on> | --license | -b | -f <path_to_fuzzing_list> | -l <path_to_output_folder> documents [<sum_ext> ...] Default: XLS
<path_to_nick_list> | -n <nick> [<nick> ...] | --show_tags)
[-p <pla�orm> [<pla�orm> ...]] [-t <tag> [<tag> ...]] -w, --web_browser Specify default web browser -d <candidate_domains>
[<candidate_domains> ...], -d <candidate_domains> [<candidate_domains> ...],
[-x <pla�orm> [<pla�orm> ...]] [--avoid_download] --domains --domains <candidate_domains>
[--avoid_processing] [--fuzz_config <path_to_fuzz_list>] -F <alternative_header_file>,
<candidate_domains> [<candidate_domains> ...]
[--nonvalid <not_valid_characters>] --file_header Specify header for the output filenames
[<candidate_domains> ...]
[-e <sum_ext> [<sum_ext> ...]] [-L <path_to_log_folder] [-m] <alternative_header_file>
[-o <path_to_output_folder>] [-w] -o
-T <num_threads>, --threads Specify the number of threads to be used <path_to_output_folder>,
[-F <alterna�ve_header_file>] [-T <num_threads>] [-h] <num_threads> (default 32) --output_folder Specify the output folder for the generated documents
[-v <verbosity>] [--version] <path_to_output_folder>
Arguments
-h, --help Displays help -x <domain> [<domain>
Input options ...], --exclude <domain> Specify the domains to be excluded from the search
-v <verbosity>, --verbose Select the verbosity level: 0 - none; 1 [<domain> ...]
Ac�on to be performed such as list_pla�orms, <verbosity> – normal (default); 2 - debug -F
--info <action>
list_tags <alternative_header_file> Specify the Header for the output filenames to be
--version Displays the version of the program , --file_header generated
--license Displays license <alternative_header_file>

-b, --benchmark Benchmarking tasks -T <num_threads>,

[Link] Commands --threads <num_threads>
Specify the number of threads to be used (default 16
-f <path_to_fuzzing_list>,
--fuzz <path_to_fuzzing_list>
Find URLs similar to usufy Commands Description Specify whether [Link] should search for leaked
--is_leaked
[Link] -n <username> -p emails
Search for a user on social media sites
-l <path_to_nick_list>, --list Specify the path to the file where the list of twitter facebook youtube
<path_to_nick_list> nicks to verify is stored (one per line) --quiet Inform the program not to show anything
[Link] -n <username> Check username (profile) on various pla�orms
-n <nick> [<nick> ...], --nicks Arguments
<nick> [<nick> ...] Specify a list of nicks to process

-h, --help Shows help

--show_tags Shows pla�orms grouped by tags [Link] – Check for the existence of a given mail
Platform selection arguments Syntax --version Displays version of the program and exists
-p <platform> [<platform> ...],
Specify the pla�orm for searching [Link]
--platforms <platform>
(--license | -m <emails> [<emails> ...] | -M
[<platform> ...]
<emails_file> | -n <nicks> [<nicks> ...] | -N
-t <tag> [<tag> ...], --tags Specify the list of tags that fit the pla�orms to <nicks_file> | --create_emails <nicks_file>) [Link] Commands
<tag> [<tag> ...] perform the search [-e <sum_ext> [<sum_ext> ...]]
[-d <candidate_domains> [<candidate_domains> ...]] Commands Description
-x <platform> [<platform> ...], [-o <path_to_output_folder>] [-x <domain> [<domain>
Specify the pla�orms you want to exclude [Link] -n <target
--exclude <platform> ...]] Validates the existences of a given email address
from the processing email>
[<platform> [-F <alternative_header_file>] [-T <num_threads>]
Processing arguments [--is_leaked] [--quiet] [-h] [--version]
[Link] -m <target Check whether the given email address was used on
Use to prevent storing the downloadable email> the Internet
--avoid_download
version of the profiles Input options
[Link] -m <target Check whether the given email address was used on
--avoid_ processing
Use to prevent performing any processing task --license Displays license email> <website> the specified web site
without valid profiles
-m <emails> [<emails> ...],
--fuzz_config --emails <emails> [<emails> Specify a list of emails for checking
Specify the path to the fuzzing config details
<path_to_fuzz_list> ...] [Link] – Performs a query on the platforms in OSRFramework
--nonvalid -M <emails_file>,
Specify not valid characters Syntax
<not_valid_characters> --emails_file <emails_file>
Input file containing a list of emails
-e <sum_ext> [<sum_ext> ...], [Link]
--extension <sum_ext> Use to output extension for the summary files. -n <nicks> [<nicks> ...], Specify a list of nicks for checking against
Default: XLS (--license | -q <searches> [<searches> ...])
[<sum_ext> ...] --nicks <nicks> [<nicks> ...] domains selected
[-e <sum_ext> [<sum_ext> ...]]
-L <path_to_log_folder, [-F <alternative_header_file>]
Specify the path to the log folder. If none was -N <nicks_file>, --nicks_file Input file containing a list of nicks to be checked [-m] [-o <path_to_output_folder>]
--logfolder <nicks_file> against domains selected
<path_to_log_folder
provided, ./logs is assumed [-p <platform> [<platform> ...]] [--process] [-w]
[-x <platform> [<platform> ...]] [-h] [--version]
Specify parameter to launch [Link] by using --create_emails <nicks_file> Input file with the list of nicks to be created in
-m, --maltego the domains selected
Maltego Transform

[Link]/ceh Over 50% Of Professionals Received Promo�ons a�er C|EH 01

 Ethical Hacking and Countermeasures
Certified Ethical Hacker

OSRFramework Cheat Sheet

Input options Processing arguments Arguments

--license Displays license -x <domain> [<domain> ...], -h, --help Displays help
Specify the domains to be excluded from the
--exclude <domain> [<domain>
-q <searches> [<searches> ...], ...] search
--queries <searches> Specify a list of queries to be performed --version Displays version of the program
[<searches> ...] -F <alternative_header_file>,
Specify header for the output filenames to
--file_header
Processing arguments <alternative_header_file> be generated
-e <sum_ext> [<sum_ext> ...], -T <num_threads>, --threads Specify the number of threads to be used
[Link] Commands
Specify the output extension for the summary
--extension <sum_ext> <num_threads> (default 16)
[<sum_ext> ...] files. Default: xls
Commands Description
-F <alternative_header_file>, -t <tld_type> [<tld_type> ...],
Specify header for the output filenames to be Specify the list of TLD types where the nick Finds URL loca�on and pla�orm for a given
--file_header --tlds <tld_type> [<tld_type> [Link] -n <number>
generated ...] will be searched for telephone number
<alternative_header_file>
-o <path_to_output_folder>, Specify the output folder for the generated --quiet Informs the program not to show anything
--output_folder
documents
<path_to_output_folder> Arguments [Link] – Use regular expressions to extract entities
-p <platform> [<platform> ...], -h, --help Shows help
--platforms <platform> Specify the pla�orms to perform the Syntax
[<platform> ...] search
[Link] (-r <name> [<name> ...] | -R
Specify whether to process the info in the --version Displays version of the program <regular_expression>)
--process (-i <path_to_input_folder> | -w <url>)
profiles recovered
[-e <sum_ext> [<sum_ext> ...]] [-o
Open URIs returned in the default web <path_to_output_folder>]
-w, --web_browser [-v <verbosity>] [-F <alternative_header_file>]
browser [Link] Commands
[-q]
-x <platform> [<platform> ...], Description [-L <path_to_log_folder] [--recursive] [-h]
--exclude <platform>
Specify the pla�orms you want to exclude Commands
from the processing [--version]
[<platform> ...] Verify all top-level domains (-t all) for a
[Link] -n <nicks> -t all
registered name
Arguments Input options
[Link] –whois -n <Target
Display results in table format for whois search -r <name> [<name> ...],
-h, --help Shows help IP>
--regexp <name> [<name> Specify the regular expressions to be searched for
...]
--version Displays version of the program -R <regular_expression>,
[Link] – Checks for the existence of a given series of phones --new_regexp specify a new regular expression
<regular_expression>
Syntax
-i <path_to_input_folder>,
[Link] – Checks for the existence of domains [Link] (--license | -n <phones> [<phones> ...]) [-e --input_folder Specify the path to the folder to analyze
<sum_ext> [<sum_ext> ...]] [-o <path_to_output_folder>] <path_to_input_folder>
Syntax [-p <platform> [<platform> ...]] [-F
<alternative_header_file>] [--quiet] [-w] [-x
[Link] (--license | -n <nicks> [<nicks> ...] | -N <platform> [<platform> ...]] [-h] [--version] -w <url>, --web <url> Specify URI to be recovered and analyzed
<nicks_file>)
[-e <sum_ext> [<sum_ext> ...]] [-o Processing arguments
<path_to_output_folder>] Input options
-e <sum_ext> [<sum_ext>
[-t <tld_type> [<tld_type> ...]] Specify the output extension for the summary files.
--license ...], --extension <sum_ext>
[-u <new_tld> [<new_tld> ...]] [-x <domain> [<domain> Displays License Default: XLS
[<sum_ext> ...]
...]]
[-F <alternative_header_file>] [-T <num_threads>] -n <phones> [<phones> ...], -o <path_to_output_folder>,
[--quiet] --numbers <phones> [<phones> Specify a list of phones to process
--output_folder Specify the output folder for the generated documents
[-h] [--version] ...] <path_to_output_folder>
Processing arguments
-F
Input options -e <sum_ext> [<sum_ext> ...], <alternative_header_file>, Sepcify the verbosity level: 0 - none; 1 – normal
Specify the output extension for the summary --file_header
--extension <sum_ext> (default); 2 - debug
[<sum_ext> ...] files. Default: XLS <alternative_header_file>
--license Display license
-o <path_to_output_folder>, Specify the output folder for the generated -v <verbosity>, --verbose Sepcify the verbosity level: 0 - none; 1 – normal
-n <nicks> [<nicks> ...], Specify a list of nicks to be checked in the --output_folder <verbosity> (default); 2 - debug
<path_to_output_folder> documents
--nicks <nicks> [<nicks> ...] selected domains
-L <path_to_log_folder,
-F <alternative_header_file>, Specify the path to the log folder. If none was
Specify header for the output filenames to be --logfolder
-N <nicks_file>, --nicks_file --file_header provided, ./logs is assumed
Specify the file having the list of nicks to be
generated <path_to_log_folder
<nicks_file> checked in the selected domains <alternative_header_file>
-p <platform> [<platform> ...], Input variable to inform the system to perform a
Processing arguments Specify the pla�orms where you want to --recursive
--platforms <platform> recursive search on the folder tree
[<platform> ...] perform the search
-e <sum_ext> [<sum_ext> ...],
--extension <sum_ext>
Specify parameter to launch [Link] by using Arguments
Maltego Transform Open the URIs returned in the default web
[<sum_ext> ...] -w, --web_browser
browser -h, --help Shows help
-o <path_to_output_folder>,
Specify the output folder for the generated -x <platform> [<platform> ...], Specify the pla�orms that you want to exclude
--output_folder
documents --exclude <platform> from the processing --version
<path_to_output_folder> Displays version of the program
[<platform> ...]

[Link]/ceh 97% Of Professionals Stated That Skills Acquired in C|EH Helped Safeguard Their Organiza�ons 02
 Ethical Hacking and Countermeasures
Certified Ethical Hacker

OSRFramework Cheat Sheet

[Link] – Open Sources Research Framework console interface
Syntax
[Link]
Modules Available
- usufy Checks if a username exists in 291 pla�orms
Verifies if a username has been registered in up
- mailfy
to 22 email providers

- searchfy Finds profiles using full names and other

informa�on in 7 pla�orms

Verifies the existence of a given domain in up to

- domainfy
1567 different TLD

- phonefy Specify the pla�orms to perform the

search

Verifies if a phone number has been linked to

--process
spam prac�ces in 4 pla�orms

U�l to look for regular expressions using 13

- entify
pa�erns

osrframework_server.py – Open Sources Research Framework web

interface
Syntax
./[Link] [--host <IP>] [--port <PORT>] [--debug] [-h]
[--version]

Configuration arguments
Select the host in which the server will be
--host <IP>
accessible Default: localhost

Select the port in which the server will be

--port <PORT>
accessible. Use this carefully
Select whether error messages will be
--debug
deployed
Arguments

-h, --help Shows help

--version Version of the program and exists

osrframework_server.py Commands

Commands Description
osrframework_server.py -h Start a local server

[Link]/ceh 97% Of Professionals Found C|EH Labs to Accurately Mimic Real-World Cyber Threats 03