Frameworks

General thoughts about each framework or multitask tool

Tool Fully Passive Can be fully passive Individual commands Fully automated Thoughts Really Usable ?
Danger Zone Yes Yes No (not really) Almost Semi-Complete tool performing OSINT on 3 types of targets (domain, IP, email). Each type will then launch a bunch of tools and test to gather information Yes. It’s not fully exhaustive but can give some interesting informations
Gasmask Yes Yes Yes No Seems to be a complete tool but hard to use/learn. The command lien syntax looks hards Yes but need some practice to learn the syntax
Spiderfoot Not sure Probably not Not really but scans can be customised Yes Big and complete tool but it can bring many false positive. You still can analyse manually results. Scan are long (45min/1h) Yes but it can be hard sometimes
Datasploit No (wapp) Semi-Passive (browser like) No Almost Semi-complete and semi-passive tool. It will detect if IP, domain, username or phonenumber and perform some queries. You can specify quiet or active mode. Not totally passive, it acts like a web browser Probably yes. You can have good result but its not fully passive.
Recon-ng No Yes Yes (modules) No Big and complete tool but hard to use as long as you need to know modules Yes but need some practice to master modules
Omnibus No Yes Yes No Complete framework used to do many recon things. Individual commands so analysis can be fully passive. Features vocabulary is strange and need adapt Yes but need some practice to learn using session, modules etc
ReconDog Yes Yes No Yes Simple and basic recon, it only uses public API to gather informations Yes but informations won’t be enough
OSINT-SPY No Yes Yes No Simple tool, not veru exhaustive but can gather some informations about a target. Some functionnalties may be useless and some are buggy Hard to use as long as some outputs are broken and some features are basic (manually doable) or useless
Belati No No No Yes Automated script that does lots of manually doable things. Basic recon and not so passive. Not really. Benefits are not that good and it’s considered as active recon


Troubles / Nope

Maltego (https://www.paterva.com/web7/downloads.php)
→ Still not installed
→ Wait and see

Sn0int (https://sn0int.readthedocs.io/en/latest/index.html)
→ Install failed
→ module “nude”

Intrigue-core (https://github.com/intrigueio/intrigue-core)
→ Not installed
→ Installation seemed hard compared to benefits

PownRecon (https://github.com/pownjs/pown-recon)
→ NodeJS tool
→ Seemed to be focused on relations between people, not very efficient

Inquisitor (https://github.com/penafieljlm/inquisitor)
→ Not installed
→ Not very efficient features