How to install knockpy on Linux for information gathering

How to install knockpy on Linux for information gathering

Hi guys, welcome again to our new article based on the installation of knockpy. The Knockpy tool is used to enumerate subdomains on a given domain.

This article helps you to install knockpy on your system and how to use it. If you have any trouble with the installation of knockpy then please contact us via WhatsApp.

What is Knockpy

Knockpy is a Python-based tool for network enumeration and discovery of subdomains on a given domain. It uses various techniques, such as brute-forcing and wordlist-based dictionary attacks, to identify subdomains and their associated IP addresses.

This information can be used by security professionals to perform vulnerability assessments and penetration testing. Additionally, knockpy can be used by domain owners to identify and secure any subdomains that may be vulnerable to attack.

Install Knockpy in Kali Linux

For installing knockpy on your system you have to follow the following steps:

Step 1: –

git clone https://github.com/guelfoweb/knock.git

Output:

kali@kali:~$ git clone https://github.com/guelfoweb/knock.git
Cloning into 'knock'...
remote: Enumerating objects: 1480, done.
remote: Counting objects: 100% (44/44), done.
remote: Compressing objects: 100% (26/26), done.
remote: Total 1480 (delta 19), reused 37 (delta 17), pack-reused 1436
Receiving objects: 100% (1480/1480), 480.51 KiB | 372.00 KiB/s, done.
Resolving deltas: 100% (670/670), done.

Step 2: –

cd knock

Output:

kali@kali:~/knock$

Step 3: –

pip3 install -r requirements.txt

Output:

kali@kali:~/knock$ pip3 install -r requirements.txt
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: requests in /usr/local/lib/python3.10/dist-packages (from -r requirements.txt (line 1)) (2.28.1)
Requirement already satisfied: beautifulsoup4 in /usr/local/lib/python3.10/dist-packages (from -r requirements.txt (line 2)) (4.11.1)
Requirement already satisfied: colorama in /usr/lib/python3/dist-packages (from -r requirements.txt (line 3)) (0.4.4)
Requirement already satisfied: idna<4,>=2.5 in /usr/lib/python3/dist-packages (from requests->-r requirements.txt (line 1)) (3.3)
Requirement already satisfied: charset-normalizer<3,>=2 in /home/varsha/.local/lib/python3.10/site-packages (from requests->-r requirements.txt (line 1)) (2.1.1)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in /usr/lib/python3/dist-packages (from requests->-r requirements.txt (line 1)) (1.26.5)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.10/dist-packages (from requests->-r requirements.txt (line 1)) (2022.9.24)
Collecting soupsieve>1.2
  Using cached soupsieve-2.3.2.post1-py3-none-any.whl (37 kB)
Installing collected packages: soupsieve
Successfully installed soupsieve-2.3.2.post1

Step 4: –

python3 knockpy.py <DOMAIN>

Output:

kali@kali:~/knock$ python3 knockpy.py gmail.com

  _  __                 _                
 | |/ /                | |   v5.3.0            
 | ' / _ __   ___   ___| | ___ __  _   _ 
 |  < | '_ \ / _ \ / __| |/ / '_ \| | | |
 | . \| | | | (_) | (__|   <| |_) | |_| |
 |_|\_\_| |_|\___/ \___|_|\_\ .__/ \__, |
                            | |     __/ |
                            |_|    |___/ 

local: 10757 | google: 1 | duckduckgo: 0 | virustotal: 0 

Wordlist: 10758 | Target: gmail.com | Ip: 142.250.183.5 

06:38:01

Ip address      Code Subdomain                         Server                            Real hostname
--------------- ---- --------------------------------- --------------------------------- ---------------------------------
(ctrl+c) | 14.2% | cisco-capwap-controller.gmail.com                            (ctrl+c) | 14.3% | cisco-lwapp-controller.gmail.com                             (ctrl+c) | 14.8% | cloudflare-resolve-to.gmail.com                              (ctrl+c) | 27.1% | enterpriseenrollment.gmail.com                               (ctrl+c) | 27.1% | enterpriseregistration.gmail.com                             (ctrl+c) | 33.8% | googleffffffffa5b3bed2.gmail.com                             (ctrl+c) | 47.6% | lyncdiscoverinternal.gmail.com                               172.217.166.37  200  m.gmail.com                       ESF                               mail.google.com
(ctrl+c) | 54.0% | multisend-unsubscribe.gmail.com                              172.217.166.69  404  multisend-unsubscribe.gmail.com   ESF                                                                
(ctrl+c) | 60.7% | oscar.gmail.com                                          
(ctrl+c) | 70.5% | release-chat-service.gmail.com                               172.253.118.109      imap.gmail.com                                                                                       
(ctrl+c) | 74.7% | sandd-dev-commondata.gmail.com                               (ctrl+c) | 75.0% | savvis-dev-commondata.gmail.com                              (ctrl+c) | 75.0% | savvis-admin-commondata.gmail.com                            (ctrl+c) | 82.1% | staging-chat-service.gmail.com                               172.217.194.109      smtp.gmail.com                                                                                       
74.125.24.28         smtp-relay.gmail.com                                                                                 
74.125.68.109        pop.gmail.com                                                                                        
142.251.42.69   200  www.gmail.com                     ESF                                                                
                                                                                
06:39:13

Ip address: 9 | Subdomain: 7 | elapsed time: 00:01:11 

Test result with domain [testfire.net]

knockpy

How to uninstall Knockpy

To uninstall Knockpy, you can use the following steps: –

Step 1: –

sudo apt-get remove knockpy 

Output:

kali@kali:~$ sudo apt-get remove knockpy 
[sudo] password for kali: 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libflashrom1 libftdi1-2 linux-headers-5.15.0-47 python3-bs4 python3-html5lib
  python3-lxml python3-soupsieve python3-webencodings
Use 'sudo apt autoremove' to remove them.
The following packages will be REMOVED:
  knockpy
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
After this operation, 129 kB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database ... 242415 files and directories currently installed.)
Removing knockpy (5.3.0-1) ...
Processing triggers for man-db (2.10.2-1) ...

Step 2: –

sudo apt-get remove --auto-remove knockpy 

Output:

kali@kali:~$  sudo apt-get remove --auto-remove knockpy 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'knockpy' is not installed, so not removed
The following packages will be REMOVED:
  libflashrom1 libftdi1-2 linux-headers-5.15.0-47 python3-bs4 python3-html5lib
  python3-lxml python3-soupsieve python3-webencodings
0 upgraded, 0 newly installed, 8 to remove and 0 not upgraded.
After this operation, 83.6 MB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database ... 242397 files and directories currently installed.)
Removing libflashrom1:amd64 (1.2-5build1) ...
Removing libftdi1-2:amd64 (1.5-5build3) ...
Removing linux-headers-5.15.0-47 (5.15.0-47.51) ...
Removing python3-bs4 (4.10.0-2) ...
Removing python3-html5lib (1.1-3) ...
Removing python3-lxml:amd64 (4.8.0-1build1) ...
Removing python3-soupsieve (2.3.1-1) ...
Removing python3-webencodings (0.5.1-4) ...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...

Uses of Knockpy

  1. Enumerating subdomains on a given domain
  2. Discovering subdomains using dictionary attacks and Google scraping
  3. Scanning discovered subdomains for open ports and vulnerabilities
  4. Penetration testing and security assessments
  5. Network mapping and reconnaissance
  6. Identifying potential attack vectors and security weaknesses in a network
  7. Helping organizations secure their online assets and prevent potential cyber-attacks.
  8. Providing a comprehensive overview of a domain’s subdomain structure and security posture.

If you have any queries regarding the above content, or you want to update anything in the content, then contact us with your queries. You can directly post your question in the group.

Connect with us on these platforms




RECENT POST

Connect with us