Several ways are used for collecting information like DNS, TLS, web applications, etc.. Raccoon is a tool that brings out these data from different sources.
What is Raccoon tool?
Raccoon is an open-source information gathering and observation tool. It collects information like WHOIS record, Port Scanning, DNS details, DNS mapping, Web Application Firewall (WAF) information and sub-domains enumeration, etc.. The tool has the ability to gather details from websites, such as information about the web server, information on the Control Management Systems, HTML forms, email addresses, etc.. It also gives details about any kind of vulnerability chances.
One of the important steps of reconnaissance is Port scanning and enumeration. The raccoon tool uses the well-known nmap tool to find open ports and makes use of some other nmap scripts and features. It must be installed on OS before running Raccoon on the target host. OpenSSL is used for TLS/SSL scans and should be installed as well.
Features of Raccoon tool:
Raccoon tool collects details like
Ø Domain Name System
Ø DNS visual mapping
Ø WHOIS information
Ø TLS Data
Ø Services and scripts scan
Ø Subdomain enumeration
Ø Web application data retrieval
Ø Detects known WAFs
Ø Supports anonymous routing
Ø Uses asyncio for improved performance
Ø Saves output to files
Installation of Raccoon
Raccoon is a Python developed tool. To run this tool Python 3.5+ is needed. There are two methods to install Raccoon scanner in Linux. The first method is by cloning the Github repository of Racoon using the following commands.
1. Run, “git clone https://github.com/evyatarmeged/Raccoon.git” to clone the repository.
2. Then go into the directory by “cd Raccoon”.
3. Then run python raccoon_src/main.py to install the tool.
Another way for installation is,
1. Run “pip3 install raccoon-scanner” if pip3 is not present in the system run,
2. Sudo apt-get install python3-pip
After proper installation of the Raccoon tool, you can use the following syntax to use the tool.
There are several options available to gather valuable information about the target. All the accessible options can be explored by executing the “raccoon –help” command.
For a usage example, we can execute the “-t” parameter. the –t (or –target) option to scan the target host to gather a handful of information
So the full command would be raccoon -t
The Raccoon tool first detects the protocol of the application. Whether it is HTTP or HTTPS. Then it collects the Domain Name System, Transport Layer Security, and Web Application Firewall information about the target.
Raccoon is considered as an information-gathering tool. In a way, it helps to decode data. But attack may raise as it gives out information about the user.