Belati

General Informations

# Belati is tool for Collecting Public Data & Public Document from Website and other service for OSINT purpose. 
# This tools is inspired by Foca and Datasploit for OSINT

# Might need root privileges to executes all tools
# Like nmap.  But it works well without root (nmap won't be executed)

# Not totally passive as long as it does an HTTP Banner Grabbing for earch domain/subdomain found.

Usage - Basic Commands

# Display help
> ?
> help

# Display necessary options for analysis
> show options

# You can then set your target domain
> set domain domain.com

# Start the crawling and research process
> start

Start - Actions

# On the main domain
- whois
- HTTP Banner Grabbing
- Subdomain enumeration (dnsdumpster, crt.sh)

# Then for each subdomain
- HTTP Banner Grabbing
- Wappalyzing
- Checking GIT/SVN repository

# Then on each IP found it does nmap
# If root is not set, it will skip this step (good to know)
nmap -sS -A -Pn <IP>

# Other steps
- DNS Zone Scanning
- Email harvest
- Public document harvest (PDF, DOC, XLS, ODT, PPT, RTF, TXT) → Download them

# Result / Report
# It starts a web server on 127.0.0.1:8000