Open in app

Sign in

Write

Sign in

Information Gathering using Ghost Eye

Süleyman Çelik
4 min readJan 16, 2022

Ghost Eye is an information-gathering tool written in Python 3. To run, Ghost Eye only needs a domain or IP. Ghost Eye can work with any Linux distros if they support Python 3.

Ghost Eye gathers information such as Whois lookup, DNS lookup, EtherApe, Nmap port scan, HTTP header grabber, Clickjacking test, Robots.txt scanner, Link grabber, IP location finder, and traceroute.

-Click to Parrot Security machine.

  1. In the login page, the attacker username will be selected by default. Enter password as toor in the Password field and press Enter to log in to the machine.

-Click the MATE Terminal icon at the top of the Desktop window to open a Terminal window.

  • If a Question pop-up window appears asking for you to update the machine, click No to close the window.

A Parrot Terminal window appears. In the terminal window, type sudo su and press Enter to run the programs as a root user.

In the [sudo] password for attacker field, type toor as a password and press Enter.

Now, type cd and press Enter to jump to the root directory.

Now, navigate to the Ghost Eye directory. Type cd ghost_eye and press Enter.In the terminal window, type pip3 install -r requirements.txt and press Enter.

To launch Ghost Eye, type python3 ghost_eye.py and press Enter.

The Ghost Eye — Information Gathering Tool options appear, as shown in the screenshot.

Let us perform a Whois Lookup. Type 1 for the Enter your choice: option and press Enter.

Type certifiedhacker.com in the Enter Domain or IP Address: field and press Enter

Scroll up to see the certifiedhacker.com result. In the result, observe the complete information of the certifiedhacker.com domain such as Domain Name, Registry Domain ID, Registrar WHOIS Server, Registrar URL, and Updated Date.

Let us perform a DNS Lookup on certifiedhacker.com. In the Enter your choice field, type 2 and press Enter to perform DNS Lookup.

The Enter Domain or IP Address field appears; type certifiedhacker.com, and press Enter.

As soon as you hit Enter, Ghost Eye starts performing a DNS Lookup on the targeted domain (here, certifiedhacker.com).

Scroll up to view the DNS Lookup result.

Now, perform the Clickjacking Test. Type 6 in the Enter your choice field and press Enter.

In the Enter the Domain to test field, type “domain” and press Enter.

By performing this test, Ghost Eye will provide the complete architecture of the web server, and also reveal whether the domain is vulnerable to Clickjacking attacks or not.

Similarly, you can use the other tools available with Ghost Eye such as Nmap port scan, HTTP header grabber, link grabber, and Robots.txt scanner to gather information about the target web server.

This concludes the demonstration of how to gather information about a target web server using Ghost Eye.

Ghosteye
Information Gathering

--

--

Süleyman Çelik

Written by Süleyman Çelik

29 Followers

Network Security Engineer, SOC-Siem Engineer, Cyber Security Researcher, Vulnerability Management Specialist | CEH | CNSS

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams