Ciphers Security

How to install Photon Script in Linux

how to install photon tool

Hello everyone today in this article we are going to discuss information about Photon Python-based script for website footprinting tool.

After reading this article you will definitely be able to install and run the Photon tool on your system, and you can also learn how you can use it.

Photon tool

This tool is a command line script developed in Python for gathering information about target URLs such as URLs (in-scope and out-of-scope), URLs with parameters, email, Social Media Accounts, Files, Secret keys, and subdomains.

Data Extraction:-

URLs (in-scope & out-of-scope)
URLs with parameters (example.com/gallery.php?id=2)
Intel (emails, social media accounts, Amazon buckets, etc.)
Files (pdf, png, xml etc.)
Secret keys (auth/API keys & hashes)
JavaScript files & Endpoints present in them
Strings matching custom regex pattern
Subdomains & DNS-related data

Genius

Photon’s smart thread management & refined logic gives you top-notch performance.

Still, crawling can be resource-intensive but Photon has some tricks up its sleeves. You can fetch URLs archived by archive.org to be used as seeds by using the –Wayback option.

Installing photon in Kali Linux

  1. first, go to the GitHub Repo of the tool and copy the repo link {click here}
  2. then go to the terminal and create a directory where you want to keep the photon repo and clone it by the command [git clone https://github.com/s0md3v/Photon]
step 2 in photon

3. now navigate to the tool directory and install the requirement.txt file by the command [pip3 install -r requirement.txt]

requirements.txt

4. Now execute this command for checking whether you successfully installed the script or not [python3 photon.py -h]

photon py

5. Now we are going to use this tool for gathering information about our target website which is certifiedhacker.com by command [pyhton3 photon.py -u http://www.certifiedhacker.com]

photon execurtion

6. Now navigate to the result directory for seeing your query result. the result is directory is automatically created by the tool inside it with the name of the website you’re queried.

photon result

7. use the cat command for seeing the result

photon result

8. Now we will crawl the target website using URLs from archive.org by using Wayback command [pyhton3 photon.py -u http://www.certifiedhacker.com -l 3 -t 200 --wayback]

Note:- here

  • -u refers to the target website
  • -l refers to the level to crawl
  • -t refers to the number of threads
  • –wayback refers to the URLs from the archive.org as seeds
photon specific result

You can further explore the tool and conduct several more capabilities such as the cloning of the target website, collecting secret keys and cookies, retrieving strings by defining regex patterns, etc.

Using this information, the attackers can perform various attacks on the target website such as brute-force attacks, denial-of-service attacks, injection attacks, phishing attacks, and social engineering attacks.

If you have any queries regarding the above content, or you want to update anything in the content, then contact us with your queries. You can directly post your question in the group.

Connect with us on these platforms