In the field of information security research, it is always about the time that we can save when gathering information that can yield more focus on vulnerability research and exploitation. In this section, we will focus more on how to automate OSINT to make passive reconnaissance more effective:

#!/bin/bash 
echo "Enter target domain: " read domain if [[ $domain != "" ]]; 
then 
echo "Target domain set to $domain" 
echo "********************************************" 
echo "The Harvestor" theharvester -d $domain -l 500 -b all -f harvester_$domain echo "done!" 
echo "********************************************" 
echo "Whois Details" whois $domain >> whois_$domain 
echo "done!" 
echo "********************************************" 
echo "Searching for txt files on $domain using Goofile..." goofile -d $domain -f txt >> goofile_txt_$domain 
echo "done!" 
echo "********************************************" 
echo "Searching for pdf files on $domain using Goofile..." goofile -d $domain -f pdf >> goofile_pdf_$domain 
echo "done!" 
echo "********************************************" 
echo "Searching for pdf files on $domain using Goofile..." goofile -d $domain -f doc >> goofile_doc_$domain 
echo "done!" 
echo "********************************************" 
echo "Searching for pdf files on $domain using Goofile..." goofile -d $domain -f xls >> goofile_xls_$domain 
echo "done!" else echo "Error! Please enter a domain... " 
fi

The previous script can be further used with a looping one-line script to run on multiple domains, by using the following line as and when required:

while read r; do scriptname.sh $r; done < listofdomains

The preceding automation is a very simple script to make use of some of the command-line tools in Kali, and store the output in multiple files without a database. However, attackers can make use of similar scripts to automate the majority of the command-line tools to harvest most of the information.