# Belati is tool for Collecting Public Data & Public Document from Website and other service for OSINT purpose. # This tools is inspired by Foca and Datasploit for OSINT# Might need root privileges to executes all tools# Like nmap. But it works well without root (nmap won't be executed)# Not totally passive as long as it does an HTTP Banner Grabbing for earch domain/subdomain found.
Usage - Basic Commands
# Display help
> ?
> help# Display necessary options for analysis
> show options
# You can then set your target domain
> set domain domain.com
# Start the crawling and research process
> start
Start - Actions
# On the main domain
- whois
- HTTP Banner Grabbing
- Subdomain enumeration (dnsdumpster, crt.sh)# Then for each subdomain
- HTTP Banner Grabbing
- Wappalyzing
- Checking GIT/SVN repository
# Then on each IP found it does nmap# If root is not set, it will skip this step (good to know)
nmap -sS -A -Pn <IP>
# Other steps
- DNS Zone Scanning
- Email harvest
- Public document harvest (PDF, DOC, XLS, ODT, PPT, RTF, TXT) → Download them
# Result / Report# It starts a web server on 127.0.0.1:8000