XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work? XRay is a very simple tool, it works this way: It’ll bruteforce subdomains using a wordlist and DNS requests. For every subdomain/ip found, it’ll use Shodan […]
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third […]
An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills. Check out the example (digraph), which is based on mine and my colleagues (David Prince) LinkedIn profile. By glancing at the visualisation you can easily see, by the number of “arrows”, there is some sort of relationship between us […]
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third […]
Trape is a recognition tool that allows you to track people, the information you can get is very detailed. We want to teach the world through this, as large Internet companies could monitor you, obtaining information beyond your IP. Some benefits One of its most enticing functions is the remote recognition of sessions. You can […]
Tinfoleak is a simple Python script that allow to obtain detailed information about a Twitter user activity Detailed information about any Twitter user: basic information about a Twitter user (name, picture, location, followers, etc.) devices and operating systems used by the Twitter user applications and social networks used by the Twitter user place and geolocation […]
Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. It includes gathering data from various public sources and their API. OSINT-SPY can find information about a person, email, an organization, person’s geolocation, domain names, […]
Active reconnaissance, information gathering and OSINT built in a portable web application. D0xk1t is an open-source, self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers. Based off of the prior command-line script, D0xk1t is now fully capable of conducting reconnaissance and penetration testing for security researchers who need a framework without the head-scratching. There is no server […]
An OSINT Framework to perform various recon techniques, aggregate all the raw data, and give data in multiple formats. Overview Performs automated OSINT on a domain / email / username / phone and find out relevant information from different sources. Useful for Pen-testers, Cyber Investigators, Product companies, defensive security professionals, etc. Correlates and collaborate the […]
DataSploit is a simple tool used to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data. It is useful for Pen-testers, product companies, defensive security professionals, cyber investigators and etc. The tool tries to find out credentials, api-keys, tokens, sub-domains, domain history, legacy portals […]