Installation of Aquatone Tool in Kali Linux

Step 1: Download Google Chrome on your Linux System, by using the following command.

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

Step 2: Install Google Chrome, using the following command

sudo apt install ./google-chrome-stable_current_amd64.deb

Step 3: Download Aquatone Zip from Github Page.

https://github.com/michenriksen/aquatone/releases/tag/v1.7.0

Step 4: After Downloading Extract the zip folder.

Right Click and Extract

Step 5: Go to Terminal and change directory to Downloads

cd Downloads
cd aquatone_linux_amd64_1.7.0/

Step 6:  Move Aquatone in the bin directory.

sudo mv aquatone /usr/local/bin/

Step 7: Check the help page of aquatone for a better understanding of usage, use the following command.

aquatone --help

AQUATONE is a set of tools used for performing reconnaissance, scanning, and discovery o domain names. AQUATONE can discover subdomains on a given target domain using OSINT source and the most common domain brute force method. After discovering the subdomain, the AQUATONE tool can scan the domain for standard web ports and HTTP headers information. HTML bodies and snapshots can be collected and considered as the report to analyze the attack environment quickly.

To increase the efficiency and simpleness of aquatone tool, it is divided into 3 phases

1. Discovery
2. Scanning
3. Gathering

Discovery

The first stage of an AQUATONE assessment is the discovery stage, where subdomains are discovered on the victim domain using open sources, services, and the more common dictionary brute force approach. aquatone-discover ships with the following collector modules:

1. Dictionary brute force
2. DNSDB.org
3. Google Transparency Report
4. HackerTarget
5. Netcraft
6. Shodan (requires API key)
7. ThreatCrowd
8. VirusTotal (requires API key)

Scanning

The scanning stage is where AQUATONE will enumerate the recognized hosts for open TCP ports that are usually used for web services.

Gathering

The last stage is the gathering phase, in which the results of discovery and scanning stages are used to make the discovered web services return and save HTTP response headers packets and HTML bodies, as well as taking the snapshots of how the web page or domain looks like in web browser which makes the analysis much more accessible.