Sub-Category | Description |
---|---|
OSINT - Beware. Your data is out there. | Two part presentation on OSINT and privacy awareness |
OSINT | Notes on OSINT |
Book | Link to OSINT Handbook 2020 |
Trainings | Trainings on OSINT |
Shodan | Notes on Shodan |
TraceLabs CTF | Introductory notes to TraceLabs CTF |
TraceLabs Guide - Hacktoria | Small guide to do an OSINT Investigation |
Hacktoria | Hacktoria's Challenges Write-ups |
TryHackMe OSINT Challenges | TryHackMe OSINT Challenges Write-ups |
- OSINT
- Table of contents
- Starting point
- OSINT Bookmarks
- External Resource
- Book
- Tracelabs CTF
- Challenges
- Local IP
- VMs
- Search Engines
- Google Dorks
- Dorks
- Image Solve
- Video Search Engines
- Image Search Engines
- Geolocation Recon
- Geolocation Recon tips and tricks
- Google Alerts
- Brands
- Portugal
- Find people
- Social Networking Recon
- Username OSINT
- Personal Information
- Bitcoin
- Job Board Recon
- Search Code
- Deep/Dark Web Recon
- Metadata Recon
- Email Tracking
- Website Information
- Public Network Footprinting
- Other Footprinting Tools
- Wifi
- WaybackMachine
- Canary Tokens
- Shodan, Censys, and Thingful
- Website cloner
- Password OSINT
- Temporary Email
- VPN
- DNS Leak
- Sock Puppets
- Scams
- Browser OSINT
- Browser Plugin
- Firefox
- Chrome
- Search Engines List
-
TCM - Open-Source Intelligence (OSINT) in 5 Hours - Full Course - Learn OSINT!
-
OSINT Dojo - https://www.youtube.com/c/OSINTDojo
-
OSINT Curious - https://www.youtube.com/c/TheOSINTCuriousProject
-
Network Chuck - Instagram OSINT - https://www.youtube.com/watch?v=NWyqSbnsvGU
-
David Bombal - OSINT: You can't hide - https://www.youtube.com/watch?v=ImWJgDQ-_ek
-
STOK - 10+ Free OSINT tools (secure yourself today!) - https://www.youtube.com/watch?v=z6ghArAWwWc
-
Sumsub - How to Stalk People Effectively and Legally Through OSINT - https://www.youtube.com/watch?v=lF3yQFtYRBY
-
Penn State - OSINT The Art of Finding Information on Anyone - https://www.youtube.com/watch?v=SvL9bpsY-ZQ
-
Benjamin Strick - Bendobrown - OSINT At Home - https://www.youtube.com/playlist?list=PLrFPX1Vfqk3ehZKSFeb9pVIHqxqrNW8Sy
-
conINT - https://www.youtube.com/c/conINT_io
- 0x4rkØ - Solved OSINT Challenges - https://www.youtube.com/playlist?list=PLc_hdO4HVYGCg21E7lSQY6UltFigzwbbw
http://ipinfo.io/ip
-
Tracelabs OSINT VM - https://www.tracelabs.org/initiatives/osint-vm
-
TraceLabs OSINT VM Installation Guide - https://download.tracelabs.org/Trace-Labs-OSINT-VM-Installation-Guide-v2.pdf
-
ThreatPursuit-VM - https://github.com/mandiant/ThreatPursuit-VM
-
REMnux - https://docs.remnux.org/install-distro/get-virtual-appliance
-
Genymotion - https://www.genymotion.com/download/
-
CSILinux - https://csilinux.com/
-
OSINT Combine - https://drive.google.com/file/d/16T-3_PnNbsXV-IBe5EpT2EVGfkOJWXDD/view?usp=sharing
-
Google - https://www.google.com
-
Bing - https://www.bing.com
-
Yahoo - https://www.yahoo.com
-
Ask - https://www.ask.com/
-
Aol - https://www.aol.com
-
Baidu - https://www.baidu.com/
-
WolframAlpha - https://www.wolframalpha.com/
-
DuckDuckGo - https://duckduckgo.com/
-
Yandex - https://yandex.com/
-
Google Advanced Search https://www.google.com/advanced_search
-
Google Hacking Database - https://www.exploit-db.com/google-hacking-database
-
gbhackers - https://gbhackers.com/latest-google-dorks-list/
-
google-dork-list - https://www.boxpiper.com/posts/google-dork-list
-
Google Guide - http://www.googleguide.com/using_advanced_operators.html - http://www.googleguide.com/print/adv_op_ref.pdf
-
filetype: search your results based on the file extension
-
cache: This operator allows you to view cached version of the web page.
-
allinurl: This operator restricts results to pages containing all the query terms specified in the URL.
-
inurl: This operator restricts the results to pages containing the word specified in the URL
-
allintitle: This operator restricts results to pages containing all the query terms specified in the title.
-
inanchor: This operator restricts results to pages containing the query terms specified in the anchor text on links to the page.
-
allinanchor: This operator restricts results to pages containing all query terms specified in the anchor text on links to the page.
-
link: This operator searches websites or pages that contain links to the specified website or page.
-
related: This operator displays websites that are similar or related to the URL specified.
-
info: This operator finds information for the specified web page.
-
location: This operator finds information for a specific location.
-
42 Advanced Operators - https://ahrefs.com/blog/google-advanced-search-operators/
-
recibo vencimento ext:pdf
-
indexof site:pt
-
inurl:admin site:pt
-
password
-
hackedby
- Aperisolve - https://www.aperisolve.com/
-
YouTube - https://www.youtube.com/
-
YouTube DataViewer - https://citizenevidence.amnestyusa.org/
-
Google Videos - https://www.google.com/videohp
-
Yahoo Video Search - https://video.search.yahoo.com
-
Video Reverse - https://www.videoreverser.com/
-
Google Images - https://images.google.com/
-
Yahoo Images - https://images.search.yahoo.com/
-
Yandex Images - https://yandex.com/images/
-
Image Reverse - TinEye - https://tineye.com/
-
Image Reverse - ezgif - https://ezgif.com/reverse
-
Pimeyes - https://pimeyes.com/en
-
Remove Background - https://www.remove.bg/
-
Cleanup Pictures - https://cleanup.pictures
-
Google Maps - https://www.google.com/maps
-
Bing Maps - https://www.bing.com/maps/
-
Yandex: https://www.yandex.com/maps
-
Baidu: https://www.map.baidu.com
-
Zoom Earth - https://zoom.earth/
-
Wikimapia - https://wikimapia.org
-
Apple Maps: https://www.apple.com/maps
-
KartaView: https://www.kartaview.org
-
Dual Maps - http://data.mashedworld.com/dualmaps/
-
Google Street View: https://www.google.com/maps
-
Mapillary: https://www.mapillary.com
-
Satelite Tracking - https://www.n2yo.com/
-
Sentinel Hub - https://www.sentinel-hub.com/explore/sentinelplayground/
-
Sentinel Hub Playground - http://apps.sentinel-hub.com/sentinel-playground/
-
Sentinel Hub EO Browser - https://www.sentinel-hub.com/explore/eobrowser/
-
World Imagery - https://livingatlas.arcgis.com/
-
World Imagery Wayback - https://livingatlas.arcgis.com/wayback/
-
Mountains - https://peakvisor.com/
-
Sun Calc - https://suncalc.org
-
Open Infrastructure Map - https://openinframap.org/
-
Tips, Tricks and Techniques - https://somerandomstuff1.wordpress.com/2019/02/08/geoguessr-the-top-tips-tricks-and-techniques/
-
Guide to using reverse image - https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
- what3words - https://what3words.com/
- Google Alerts - https://www.google.com/alerts
-
Hunter - https://hunter.io
-
Phonebook.cz - https://phonebook.cz/
-
VoilaNorbert - https://www.voilanorbert.com/
-
Clearbit Connect - https://connect.clearbit.com/
-
Email Hippo - https://tools.emailhippo.com/
-
Email Checker - https://email-checker.net/
-
theHarvester - https://github.com/laramies/theHarvester
-
theHarvester -d microsoft.com -l 200 -b baidu
-
theHarvester -d eccouncil -l 200 -b linkedin
-
theHarvester -f theHarvester_results.xml -b 'baidu,bing,duckduckgo,google,yahoo,netcraft,linkedin,twitter' -l 500 -d somedomain.com
-
-
Sherlock - https://github.com/sherlock-project/sherlock
python3 sherlock satya nadella
-
Social Searcher - https://www.social-searcher.com/
-
UserRecon - https://github.com/issamelferkh/userrecon
./userrecon.sh
-
Friends and followers
-
Media (pictures, videos, audio)
-
Posts/Comments
-
Phone numbers/ Dates / Schedules
-
Likes / Dislikes
-
What was your childhood nickname?
-
What is the first school you attended?
-
What was your first pets name?
-
What street did you grow up on?
-
What's the ciry where your parents met?
-
What was the city you where born in?
-
What's the name of your oldest cousin?
-
StalkFace - https://stalkface.com/en/
-
Sowdust Github - https://www.sowsearch.info/
-
IntelligenceX Facebook Search - https://intelx.io/tools?tab=facebook
-
Twitter Advanced Search - https://twitter.com/search-advanced
-
Botometer - https://botometer.osome.iu.edu/
- Instaloot - https://github.com/althonos/InstaLooter
-
NameChk - https://namechk.com/
-
WhatsMyName - https://whatsmyname.app/
-
NameCheckup - https://namecheckup.com/
-
KnowEM - https://knowem.com/
-
User search - https://usersearch.org
-
My Life - https://www.mylife.com/
-
Social Bearing - https://socialbearing.com/
-
Peek You - https://www.peekyou.com/
-
Pipl - https://pipl.com/
-
Family Tree - https://familytreenow.com
-
That's Them - https://thatsthem.com
-
Intelius - https://www.intelius.com/
-
Sync me - https://sync.me/
-
True Caller - https://www.truecaller.com/
-
Bitcoin Whos Who - https://www.bitcoinwhoswho.com/
-
Bit Ref - https://bitref.com
-
Monster - https://www.monster.com/
-
Smart Recruiters - https://www.smartr.me/
-
Linkedin - https://www.linkedin.com/
-
Xing - https://www.xing.com/
-
Glassdoor - https://www.glassdoor.com/
- Search code - https://searchcode.com/
- Dark Nets
-
Friend-2-Friend
- Very anonymous Peer-2-Peer network
-
Privacy Networks
- Tor
-
-
Tor - https://www.torproject.org/
- Check if Ip is Tor - ExoneraTor - https://metrics.torproject.org/exonerator.html
-
Tails - https://tails.boum.org/
-
Whonix - https://www.whonix.org/
-
The Hidden Wiki - http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page is an onion site that works as a Wikipedia service of hidden websites
-
FakeID - http://fakeidskhfik46ux.onion is an onion site for creating fake passports
-
The Paypal Cent - http://nare7pqnmnojs2pg.onion is an onion site that sells PayPal accounts with good balances
-
strings
strings file
-
On-line - http://exif.regex.info/exif.cgi
-
exif - sudo apt install exif
exif file
-
metagoofil - https://github.com/opsdisk/metagoofil - https://github.com/laramies/metagoofil
metagoofil -d certifiedhacker.com -t pdf,doc,xls,ppt,txt -e 200
metagoofil -o metagoofil_results -u 'Randomize User-Agent' -r 10 -e 45 -l 100 -n 100 -w -t 'pdf,doc,docx,xls,xlsx' -d somedomain.com
-
exiftool - https://exiftool.org/
exiftool file
-
Infoga - https://github.com/m4ll0k/Infoga
-
EmailTrackerPro - http://www.emailtrackerpro.com/
-
bitly - https://bitly.com/
-
Linkly - https://linklyhq.com/
-
robots.txt
-
sitemap.xml
-
viewsource
-
Measure page quality - https://web.dev/measure/
-
seo-analyzer - https://neilpatel.com/seo-analyzer/
-
wappalyzer - https://www.wappalyzer.com/
-
Builtwith - https://builtwith.com/
-
Website Informer - https://website.informer.com/
-
Web Data Extractor - http://www.webextractor.com/
-
IANA (Internet Assigned Numbers Authority) - https://www.iana.org/numbers
-
ARIN (American Registry for Internet Numbers) - https://www.arin.net/about/welcome/region/
-
RIPE () - https://www.ripe.net/
- IP address into an ASN - https://www.ultratools.com/tools/asnInfo
-
Domain Tools Whois - https://whois.domaintools.com/
-
Network Tools - https://network-tools.com/
-
DNS Stuff - https://www.dnsstuff.com/freetools
-
Batch IP Converter - http://www.sabsoft.com/BatchIPConverter.htm
-
nslookup
nslookup certifiedhacker.com
- interactive: set type=a
- cname: set type=cname
-
dmtry
dmitry -i www.certifiedhacker.com
-
dig
dig certifiedhacker.com
dig yahoo.com mx
dig yahoo.com SOA
dig yahoo.com ANY +noall +answer
-
dnsrecon
dnsrecon -d certifiedhacker.com
-
nslookup - http://www.kloth.net/services/nslookup.php
-
dig
dig axfr @nsztm1.digi.ninja zonetransfer.me
-
digi.ninja - https://digi.ninja/projects/zonetransferme.php
-
Network Tools - https://www.yougetsignal.com/
-
dnsrecon - https://github.com/darkoperator/dnsrecon
dnsrecon -r 162.241.216.0/24
-
Traceroute
traceroute www.certifiedhacker.com
- ICMP
traceroute -I
- TCP
traceroute -T
-
tcptraceroute
tcptraceroute
-
Path Analyzer Pro - https://www.pathanalyzer.com
-
VisualRoute - https://www.visualroute.com
-
Domains - gTLD (Generic Top-Level Domain)
-
Sub-Domains
-
Google - https://www.google.com
site:itpro.tv
-
Netcraft Tools - https://www.netcraft.com/tools/
- Netcraft Site Report - https://sitereport.netcraft.com/?url=https://www.eccouncil.org/
- Netcraft Search DNS - https://searchdns.netcraft.com/?host=*.eccouncil.org
-
sublist3r - https://github.com/aboul3la/Sublist3r
python3 ./sublist3r.py -d domain.com -o domain.com.txt
-
httprobe - https://github.com/tomnomnom/httprobe
-
Amass - https://github.com/OWASP/Amass
-
crt.sh - https://crt.sh/
-
DNS Dumpster - https://dnsdumpster.com/
-
Hacker Target - https://hackertarget.com
-
ipinfo.io - https://ipinfo.io
-
Pentest Tools - https://pentest-tools.com/
More Info - https://hover.blog/whats-a-domain-name-subdomain-top-level-domain/
- Recon-ng - https://github.com/lanmaster53/recon-ng
- Maltego - https://www.maltego.com/ce-registration/
-
Foca - https://www.elevenpaths.com/innovation-labs/technologies/foca
-
OSINT Framework - https://osintframework.com/
-
Recon-Dog - https://github.com/s0md3v/ReconDog
-
Maltego - https://www.maltego.com/
-
BillCipher - https://github.com/84KaliPleXon3/BillCipher
-
OSRFramework - https://github.com/i3visio/osrframework
-
Th3inspector - https://github.com/Moham3dRiahi/Th3inspector
-
Raccoon - https://github.com/evyatarmeged/Raccoon
-
spiderfoot - https://github.com/smicallef/spiderfoot
- wigle.net - https://wigle.net
-
WaybackMachine - https://archive.org/web/
-
Archive.is - http://archive.is/
-
Cached Pages - http://www.cachedpages.com/
-
Cached View - http://cachedview.com/
-
OldWeb.Today - https://oldweb.today/
-
Time Travel - http://timetravel.mementoweb.org/
- Canary Tokens - https://canarytokens.org/generate
-
Censys - https://about.censys.io/
-
Thingfull - https://www.thingful.net/site/about
-
Remote desktop country:pt city:"Braga"
-
winrest port:5901 country:pt
-
smb contabilidade country:pt
-
smb series country:pt
-
wget
wget -mkEpnp site
-
HTTrack Website Copier - https://www.httrack.com/
-
HaveIBeenPwned - https://haveibeenpwned.com/
-
Breach-Parse - https://github.com/hmaverickadams/breach-parse
-
Dehashed - https://dehashed.com/
-
WeLeakInfo - https://weleakinfo.to/v2/
-
LeakCheck - https://leakcheck.io/
-
SnusBase - https://snusbase.com/
-
Scylla.so - https://scylla.so/
-
10 minute email - https://10minutemail.com/
-
20 minute email - https://www.20minutemail.com/
-
ProtonVPN - https://protonvpn.com/
-
PrivadoVPN - https://privadovpn.com/
-
Windscribe - https://windscribe.com
Always check everything is working correctly by confirming - https://mylocation.org/
- DNS Leak Test - https://dnsleaktest.com/
-
Fake Identity - https://datafakegenerator.com/
-
Fake Identity - https://www.fakenamegenerator.com/
-
Fake Photo - https://thispersondoesnotexist.com/
-
Geolocation extensions - https://chrome.google.com/webstore/category/extensions
-
Privacy.com - https://privacy.com/join/LADFC
-
Intro to Creating an Effective Sock Puppet (wayback archive): https://web.archive.org/web/20210307173507/https://jakecreps.com/sock-puppets/
-
The Art Of The Sock - https://www.secjuice.com/the-art-of-the-sock-osint-humint/
-
My Process for Setting up Anonymous Sock Puppet Accounts - https://garrettmickley.com/sockpuppet-account-creation/
- Scam Digger - https://scamdigger.com
-
Google Translate
-
Map Switcher
-
RevEye
-
Vortimo OSINT-tool - https://www.vortimo.com/
-
Vortimo UI
-
EXIF Viewer Pro
-
Search by Image - https://github.com/dessant/search-by-image
-
TinEye Reverse Image Search - https://tineye.com/
-
[uBlock Origin] - https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
-
[Multi-Account Containers] - https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/
-
[Wayback Machine] - https://addons.mozilla.org/en-US/firefox/addon/wayback-machine_new/
-
[Fireshot] - https://addons.mozilla.org/en-US/firefox/addon/fireshot/
-
[Translate] - https://addons.mozilla.org/en-US/firefox/addon/simple-translate/
-
[Video Download Helper] - https://addons.mozilla.org/en-US/firefox/addon/video-downloadhelper/
-
[Netcraft] - https://addons.mozilla.org/en-US/firefox/addon/netcraft-toolbar/
-
[IP Address and Domain] - https://addons.mozilla.org/en-US/firefox/addon/ip-address-and-domain-info/
-
[Shodan] - https://addons.mozilla.org/en-US/firefox/addon/shodan-addon/
-
[Firefox Relay] - https://addons.mozilla.org/en-US/firefox/addon/private-relay/
-
[Google Translate] - https://chrome.google.com/webstore/category/extensions
-
[User-Agent Swircher for Chrome] - https://chrome.google.com/webstore/category/extensions
-
[Wayback Machine] - https://chrome.google.com/webstore/category/extensions
-
[Fireshot] - https://chrome.google.com/webstore/category/extensions
-
[Video Download Helper] - https://chrome.google.com/webstore/category/extensions
-
[Change Geolocation] - https://chrome.google.com/webstore/category/extensions
-
invid verify
-
vortimo osint-tool
-
reveye
-
tineye
-
map switcher
-
exif viewer pro
-
google translate
-
vortimo browser extension
-
data miner scraper https://chrome.google.com/webstore/detail/data-scraper-easy-web-scr/
-
hunter.io
-
vlc video downloader
-
Full Page Screen Capture: https://chrome.google.com/webstore/detail/gofullpage-full-page-scre/fdpohaocaechififmbbbbbknoalclacl?hl=en-GB
- Dehashed—View leaked credentials.
- SecurityTrails—Extensive DNS data.
- DorkSearch—Really fast Google dorking.
- ExploitDB—Archive of various exploits.
- ZoomEye—Gather information about targets.
- Pulsedive—Search for threat intelligence.
- GrayHatWarfare—Search public S3 buckets.
- PolySwarm—Scan files and URLs for threats.
- Fofa—Search for various threat intelligence.
- LeakIX—Search publicly indexed information.
- DNSDumpster—Search for DNS records quickly.
- FullHunt—Search and discovery attack surfaces.
- AlienVault—Extensive threat intelligence feed.
- ONYPHE—Collects cyber-threat intelligence data.
- Grep App—Search across a half million git repos.
- URL Scan—Free service to scan and analyse websites.
- Vulners—Search vulnerabilities in a large database.
- WayBackMachine—View content from deleted websites.
- Shodan—Search for devices connected to the internet.
- Netlas—Search and monitor internet connected assets.
- CRT sh—Search for certs that have been logged by CT.
- Wigle—Database of wireless networks, with statistics.
- PublicWWW—Marketing and affiliate marketing research.
- Binary Edge—Scans the internet for threat intelligence.
- GreyNoise—Search for devices connected to the internet.
- Hunter—Search for email addresses belonging to a website.
- Censys—Assessing attack surface for internet connected devices.
- IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
- Packet Storm Security—Browse latest vulnerabilities and exploits.
- SearchCode—Search 75 billion lines of code from 40 million projects.