Skip to main content

TRAPE: PEOPLE TRACKER ON THE INTERNET

Picture Credit: Github
Information is power. Information gathering is the most crucial part of penetration testing. Tracking targets IP address, browser, Operating Systems, social media accounts are the primary step.

There are many tools are available to do this, nut in this tutorial we learn the use of Trape. Trape is written in python, it is a footprinting tool. Trape can help us by getting the IP address, OS, social media accounts by a single click of them.
It also can perform phishing and browser hooking attacks.

NOTE: This channel DOES NOT promote or encourage any ILLEGAL activities, all content provided by this channel is meant for EDUCATIONAL PURPOSE only.

Trape doesn’t come pre-installed with Kali Linux, we need to clone it from github repository.
So open our terminal window and type following command and press enter.
git clone https://github.com/jofpin/trape
The screenshot of the command is the following:
This is not a large tool, trape needs a few seconds to download. After the download is complete we need to go to trape’s directory using cd command and then we check the files using ls command. Here we are going to join those commands in a single command using && like this :

cd trape && ls
The screenshot is following:
First, we need to install all the requirements for the trape tool to do this we use this simple command.

pip install -r requirements.txt
The screenshot is following:
Now we can run the python script and check the options by using the simple command as following:

python trape.py -h
The screenshot is following:
Here we must need to use Ngrok token. The older tutorials on the internet will not work here. In the older versions of tape, we can use it without ngrok(offline mode) but we can add ngrok, in this new version ngrok is a must. Here comes a question.
What is this Ngrok?
Ngrok is a tool that makes a tunnel that we can access our localhost on the internet.

So we need to go ngrok.com and sign up.


After sign up we get the API key in the auth sidebar,screenshot is following.


Now copy the API token and come back to the terminal and paste the token. Now this will ask for Google Maps API token, to get follow this guide and paste the API key of Google map, this will help to get the location. Sorry, I cant show my Google map’s API token for security reason so no screenshot for this one. This API tokens are needed for first-time configuration only.

After pasting Google map’s API this will ask for a URL. Target will see this url’s website after clicking our link, as the following screenshot.


We are using https://www.google.com for an example or we can use any other link.
Then Trape will ask for the port here type 80 (port for http) and press enter.
After doing this Trape will open like the screenshot below:


We can choose the lure URLs to catch targets in our local network or public internet. We can see the information of the target in the control panel link.
Screenshot of the control panel is the following:

Control panel can be accessed with the access key. For better result in the public internet, we can use a URL shortener to hide the ngrok URL. All done now wait for targets click, whenever target clicks on the link we got the information of the target.

Comments

Popular posts from this blog

Websites To Get Free Mechanical Projects for Free

Websites to Get Projects for Mechanical Engineers Mechanical engineering is a versatile and dynamic field that requires constant innovation and practical experience. One of the best ways to gain hands-on experience and deepen your understanding of mechanical engineering concepts is by working on projects. Whether you are a student, a recent graduate, or a professional looking to expand your skills, finding the right projects can be a game-changer. Here are some top websites where you can find exciting and challenging projects for mechanical engineers. 1. NevonProjects NevonProjects offers a wide range of project ideas and kits for mechanical engineering students. This platform is known for its comprehensive list of projects that cover various domains within mechanical engineering, including robotics, automation, and manufacturing. Diverse...

5 Websites to Get Free Projects with Project Reports - Part 1

Well, I know most of you are final-year students searching for those final-year projects, and the good news is you are at the right place on earth where you will get the best information about your problem. When it comes to finding free projects complete with project reports, several online resources stand out. Here are five websites that provide a wealth of projects across various domains, complete with detailed documentation. 1. SourceCodester    - Overview : SourceCodester offers a vast array of projects in different programming languages including PHP, VB.NET, C#, Python, and Java.    - Features : Each project comes with complete source code, documentation, and sometimes even video tutorials. This makes it an excellent resource for students and professionals looking to learn and develop their skills.    - Project Reports : Many projects include detailed reports and diagrams such as UML diagrams, database schemas, and SRS (Software Requirement Specificat...

Recent Microsoft Outage: Causes and Impact

Overview On July 13, 2024, Microsoft experienced a significant system outage that affected a wide range of services, including Microsoft 365, Teams, Outlook, OneDrive for Business, Exchange Online, and SharePoint. The outage predominantly impacted users in Europe, Asia, and Africa, leading to widespread disruption in business operations and communication. Cause of the Outage Microsoft initially identified a "wide-area networking (WAN) routing change" as the primary cause of the outage. However, a more detailed investigation revealed that a command issued to update the IP address on a WAN router triggered the problem. This command caused all routers in the WAN to recompute their adjacency and forwarding tables, which led to packet forwarding failures across the network. The issue arose because the command behaved differently on various network devices and had not been fully vetted in Microsoft's qualification process​. Impact on Services The outage resulted in users being ...