Browsing category
Reconnoitre is a reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. Ways to use this tool: Scan a single host, create a […]
Buster is an advanced OSINT tool used to: Get social accounts from various sources(gravatar,about.me,myspace,skype,github,linkedin,previous breaches) Get links to where the email was found using google,twitter,darksearch and paste sites Get breaches of an email Get domains registered with an email (reverse whois) Generate possible emails and usernames of a person Find the email of a social […]
Hostintel is a tool that you can use to collect intelligence and information about a host, IP or a domain. This tool will be useful to get you the reputation of the target and investigate if the host/IP listed by a threat feed to be malicious or hosting malwares. Hosts are identified by FQDN host […]
Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainley aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. Features Sub Domain Scraping Finding A.S.N -> Netblocks -> IP’s Resolving Finding Ports […]
Seeker utilizes HTML5, Javascript, JQuery and PHP to grab Device Information and GeoLocation with High Accuracy. Seeker Hosts a fake website on Apache Server and uses Ngrok to generate a SSL link which asks for Location Permission and if the user allows it, we can get : Longitude Latitude Accuracy Altitude – Not always available […]
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search. This only works if their Facebook Profile is public What does this do? In simple words you have at least one Image of the Person you are looking for and a clue about its name. You feed this […]
Flashlight is an automated information gathering tool that allows you to scan networks and gather information. For more information about using Flashlight, “-h” or “-help” option can be used. Parameters for the usage of this application can be listed below: -h, –help: It shows the information about using the Flashlight application. -p <ProjectName> or –project […]
Aragog is a python 2.7 script which looks for Facebook Accounts that have invalid emails on their account. This script was only created for Gmail & Hotmail to be checked, but in the future this could be further upgraded in new features. The attack scenario through this script is if the email of the account […]
Belati is tool for Collecting Public Data & Public Document from Website and other service for OSINT purpose. This tools is inspired by Foca and Datasploit for OSINT What Belati can do? Whois(Indonesian TLD Support) Banner Grabbing Subdomain Enumeration Service Scanning for all Subdomain Machine Web Appalyzer Support DNS mapping / Zone Scanning Mail Harvester […]
Plecost is a vulnerability fingerprinting and vulnerability finder for WordPress blog engine. Installation Using Pypi: > python3 -m pip install plecost Remember that Plecost3 only runs in Python 3. Using Docker: You can run Plecost using Docker: > docker run –rm iniqua/plecost {ARGS} Where {ARGS} is any valid argument of Plecost. A real example could be: > […]
OpenFace is a Python and Torch implementation of face recognition with deep neural networks and is based on the CVPR 2015 paper FaceNet: A Unified Embedding for Face Recognition and Clustering by Florian Schroff, Dmitry Kalenichenko, and James Philbin at Google. Torch allows the network to be executed on a CPU or with CUDA. Overview […]
Trape is a recognition tool that allows you to track people, the information you can get is very detailed. We want to teach the world through this, as large Internet companies could monitor you, obtaining information beyond your IP. Some benefits One of its most enticing functions is the remote recognition of sessions. You can […]
Raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. Usage of this is application is pretty simple. It requires at least three parameters. The first one is the company name , the second one is the country initials and the domain name. Please […]
Active reconnaissance, information gathering and OSINT built in a portable web application. D0xk1t is an open-source, self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers. Based off of the prior command-line script, D0xk1t is now fully capable of conducting reconnaissance and penetration testing for security researchers who need a framework without the head-scratching. There is no server […]
Every organization is producing files on a daily basis with content that is approved for publishing. There’s a catch to that: You as a company are in fact publishing more data than you think. Every time a document is created, software that was used to create that document inserts their so called metadata which can […]
Knockmail performs a search of emails from a specified txt file and verifies whether its a valid email address. Cloning: git clone https://github.com/4w4k3/KnockMail.git Running: cd KnockMail sudo su pip install -r requeriments.txt python knock.py If you have another version of Python: python2.7 knock.py Screen DISCLAIMER: “DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS […]
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling. Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator Subdomain Finder Reverse IP Scanner CMS detection For Sites On the same server. […]
Infoga is a tool, similar to The Harvester, for gathering e-mail accounts information from different public sources (search engines, pgp key servers). Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company on the Internet. Screenshots Installation git clone https://github.com/m4ll0k/Infoga.git […]
Are you interested in OSINT tools? Tinfoleak is the best OSINT tool for Twitter, and is open-source! The new version includes a lot of new and improved features: Search by coordinates Geolocated users Tagged users User conversations Identification in other social networks More powerful and flexible search filter More detailed information on existing features … […]
DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C language. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more. The information are gathered with following methods: […]
A tool to retrieve IP Geolocation information Powered by ip-api Requirements Python 3.x Features Retrieve IP or Domain Geolocation. Retrieve your own IP Geolocation. Retrieve Geolocation for IPs or Domains loaded from file. Each target in new line. Define your own custom User Agent string. Select random User-Agent strings from file. Each User Agent string […]