General thoughts about each framework or multitask tool
Tool
Fully Passive
Can be fully passive
Individual commands
Fully automated
Thoughts
Really Usable ?
Danger Zone
Yes
Yes
No (not really)
Almost
Semi-Complete tool performing OSINT on 3 types of targets (domain, IP, email). Each type will then launch a bunch of tools and test to gather information
Yes. It’s not fully exhaustive but can give some interesting informations
Gasmask
Yes
Yes
Yes
No
Seems to be a complete tool but hard to use/learn. The command lien syntax looks hards
Yes but need some practice to learn the syntax
Spiderfoot
Not sure
Probably not
Not really but scans can be customised
Yes
Big and complete tool but it can bring many false positive. You still can analyse manually results. Scan are long (45min/1h)
Yes but it can be hard sometimes
Datasploit
No (wapp)
Semi-Passive (browser like)
No
Almost
Semi-complete and semi-passive tool. It will detect if IP, domain, username or phonenumber and perform some queries. You can specify quiet or active mode. Not totally passive, it acts like a web browser
Probably yes. You can have good result but its not fully passive.
Recon-ng
No
Yes
Yes (modules)
No
Big and complete tool but hard to use as long as you need to know modules
Yes but need some practice to master modules
Omnibus
No
Yes
Yes
No
Complete framework used to do many recon things. Individual commands so analysis can be fully passive. Features vocabulary is strange and need adapt
Yes but need some practice to learn using session, modules etc
ReconDog
Yes
Yes
No
Yes
Simple and basic recon, it only uses public API to gather informations
Yes but informations won’t be enough
OSINT-SPY
No
Yes
Yes
No
Simple tool, not veru exhaustive but can gather some informations about a target. Some functionnalties may be useless and some are buggy
Hard to use as long as some outputs are broken and some features are basic (manually doable) or useless
Belati
No
No
No
Yes
Automated script that does lots of manually doable things. Basic recon and not so passive.
Not really. Benefits are not that good and it’s considered as active recon
Troubles / Nope
Maltego (https://www.paterva.com/web7/downloads.php)
→ Still not installed
→ Wait and see
Sn0int (https://sn0int.readthedocs.io/en/latest/index.html)
→ Install failed
→ module “nude”
Intrigue-core (https://github.com/intrigueio/intrigue-core)
→ Not installed
→ Installation seemed hard compared to benefits
PownRecon (https://github.com/pownjs/pown-recon)
→ NodeJS tool
→ Seemed to be focused on relations between people, not very efficient
Inquisitor (https://github.com/penafieljlm/inquisitor)
→ Not installed
→ Not very efficient features