OSINT or Open source intelligence refers to information about businesses or people that can be collected from online sources. However, it requires tools to do so, and here are the 10 best OSINT Tools for 2020. It’s only natural that we feel the need to weed out what’s most valuable in the age of information […]
Collect OSINT for GitLab groups and members and search the group and group members’ snippets, issues, and issue discussions for sensitive data that may be included in these assets. The information gathered is intended to compliment and inform the use of additional tools such as TruffleHog or GitRob, which search git commit history using […]
ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses. Description This tool can help you in your OSINT investigation on Proton service (for educational purposes only). ProtOSINT is separated in 3 sub-modules: [1] Test the validity of one protonmail account [2] Try to find if your target have […]
SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is to gathering infromation from search engines for Internet-connected devices (https://censys.io/, https://www.shodan.io/). It scraps data about Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and also has database where CVEs are mapped to CWE. […]
MOSINT is an OSINT Tool for emails. It helps you gather information about the target email. Features: Verification Service { Check if email exist } Check social accounts with Socialscan Check data breaches [need API] Find related emails Find related phone numbers Find related domains Scan Pastebin Dumps Google Search DNS Lookup You can […]
Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user has been leak out. It’s possible too verify if any credential of user has been leak out before. The Oblivion have two modes: Oblivion Client: graphical mode. Oblivion Server: mode with API functionalities. NOTE: […]
Final Recon is a useful tool for gathering data about a target from open source resources, the tool is written in Python3. Installation steps It is really easy to install the tool from the official github link: https://github.com/thewhiteh4t/FinalRecon/blob/master/finalrecon.py There are also a few non standard python3 libraries required for the tool to What does it […]
sn0int sn0int is an OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. It is an enumerating attack surface by semi-automatically processing public information and mapping the results in a unified format for follow-up investigations. Among other things, it […]
So you have been tasked with performing a penetration test of the internet-facing systems of a customer. The security assessment is due soon, and you have to find a reasonable solution to gain information about the customer’s networks and systems as well as targets to attack — all of this in the nick of time. […]
XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work?XRay is a very simple tool, it works this way: It’ll bruteforce subdomains using a wordlist and DNS requests. For every subdomain/ip found, it’ll use Shodan to […]
Maryam is a full-featured open-source intelligence (OSINT) framework written in Python. Complete with independent modules, built in functions, interactive help, and command completion, provides a command-line environment for used forensic and open-source intelligence(OSINT). Maryam is a completely modular framework and makes it easy for even the newest of Python developers to contribute. Each module […]
Geolocation Spy (GeoSpy) is an OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their websites or services and control […]
Mitaka is a browser extension for OSINT search which can: Extract & refang IoC from a selected block of text. E.g. example[.]com to example.com, test[at]example.com to [email protected], hxxp://example.com to http://example.com, etc. Search / scan it on various engines. E.g. VirusTotal, urlscan.io, Censys, Shodan, etc. Features Supported IOC types name desc. e.g. text Freetext any […]
When performing OSINT reconnaissance against a target, it’s often very difficult to accurately define the scope. There are so many sources of information and so many diverse types of data. It quickly becomes overwhelming. While there are many excellent OSINT tools already available to the discerning OSINTer, their focus is usually on breadth of collection. […]
email2phonenumber is an OSINT tool that allows you to obtain a target’s phone number just by having his email address. This tool helps automate discovering someone’s phone number by abusing password reset design weaknesses and publicly available data. It supports 3 main functions: “scrape” – scrapes websites for phone number digits by initiating password reset […]
Spiderfoot is an open-source tool used for reconnaissance. It is capable of gathering open-source information which can be further used for investigations and red teaming exercises. Spiderfoot has a multitude of scanning options and modules available, it utilizes more than 100 OSINT data sources to collect information automatically. It can capture information like domains, IP addresses, emails, DNS […]
Mitaka is an OSINT friendly browser extension which can extract & refang IoC from a block of text and Search / scan it on various engines. Features Supported IOC types name desc. e.g. text Freetext any string(s) ip IPv4 address 8.8.8.8 domain Domain name github.com url URL https://github.com email Email address test@test.com asn ASN AS13335 […]
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for common OWASP vulnerabilities. The supported features with this tool are: Automatically collect all URL’s from a target website Automatically collect all […]
sn0int is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. The tool is enumerating attack surface by semi-automatically processing public information and mapping the results in a unified format for followup investigations. Also read: Buscador – […]
OSINT Tool to find Media Links in Tor Sites. Features Download Media Scrape From Single Url Scraping From Files Txt Csv Excel Tested On Kali Linux 2019.2 Ubuntu 18.04 Nethunter Arc Linux Also read: FreshOnions – Tor Scraper Installation git clone https://github.com/itsmehacker/DarkScrape.git pip3 install -r requirements.txt
LittleBrother is an information collection tool (OSINT) that aims to carry out research on a French, Swiss, Luxembourgish or Belgian person. It provides various modules that allow effective searches. LittleBrother does not require an API key or login ID. LittleBrother OSINT Features Lookup: Phone lookup Email lookup Last name / First name lookup Surname lookup […]