Get information with inforfinder

Inforfinder is a tool to obtain information from an IP or a domain. It is an ideal tool to work in systems or development as well as for pentesting. Obtaining information with inforfinder is very easy as we will see below.

Obtener información con inforfinder

With this tool you can get a list of domains from an IP. You can also get the subdomains from the domains by dictionary, see CMS versions (wordpress, prestashop, etc) installed on each domain and see information about the web server.

It can be downloaded from

The following parameters are supported:

root@host:/home/user/inforfinder/src# python 


    ,#@@@ +++       #+++
   @@@### @@@       @@@#
   @+     @@@       @@@#
  `@  @@@ @@@       @@@#
  `@  ##@ @@@       @@@#
   @'   @ @@@       @@@#
   @@@@@@ @@@       @@@#
    ,#### @@@       @@@#
          @@@       @@@#
    @@@@@ @@@       @@@#
   @@     @@@       @@@#
   @.     @@@       @@@#
  .@  @@@ @@@'      @@@;
   @.   @ @@@@,    @@@@
   @@   @  @@@@@@@@@@@#
    @@@@@  .@@@@@@@@@@
    @@@@ ,@@@, +@@@@@@@@
   +'    @   @ @     @
    @@@@ @   @ @@@@  @
       @`@   @ @     @
   `@@@@ '@#@+ @     @


    InforFinder v1.0.9
    Powered By GGUsoft 2017
    Domain collector and CMS recognizer / HTTP information server collector



	 -d 				Gets a domain for apply any optional commands

	 -dD 				Gets a domain list hosted in IP of the specified domain

	 -dI 				Gets a domain list hosted in the specified IP 

	 -dR  		Gets a domain list hosted in every IP of the specified range

	 -dF 				Gets a list with all domains hosted at same IP from a file, the file contens a IP by line


	 inforfinder  -cms			Checks if every domain found has a cms website (wordpress, joomla ,etc) and show version

	 inforfinder  -servinfo		Checks web server parameter

	 inforfinder  --subdomain-enum		Lists subdomains of every domain found

To obtain the list of domains would be:

python -dD

This will return the list of domains on the server where is hosted.

To obtain the list of domains from an IP, i.e. the list of domains hosted on an IP, enter:

python -dI

To obtain the list of domains from an IP, i.e. the list of domains hosted in a range of IP addresses, in this example case would give us the list of domains in each IP between and, for this, we introduce:

python -dI

To any of the previous options, we can add -cms, to check if any of the domains hosts any CMS and to tell us which version it has:

python -dI -cms

We can also add the -servinfo option to give us server information:

python -dI -cms -servinfo

And we can add the –subdomain-enum option to search for subdomains based on the dictionary located in the “subdomlist.txt” file in the src subdirectory of the inforfinder root directory:

python -dI -cms -servinfo --subdomain-enum

If you are interested in seeing more pentesting articles, for example, how you can escalate privileges, see

Leave a Reply