mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-21 18:33:03 +00:00
Adding breached data search tools
This commit is contained in:
Omar Santos
GitHub
parent
2ad8d413ee
commit
4361567552
1 changed files with 40 additions and 31 deletions
|
|
@ -21,28 +21,32 @@ Open-source intelligence (OSINT) is data collected from open source and publicly
|
|||
- [Xenu](http://home.snafu.de)
|
||||
- [ParamSpider](https://github.com/devanshbatham/ParamSpider)
|
||||
|
||||
## The OSINT Framework
|
||||
- [OSINT Framework](https://osintframework.com)
|
||||
|
||||
## Open Source Threat Intelligence
|
||||
|
||||
- [GOSINT](https://github.com/ciscocsirt/gosint) - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
|
||||
- [Awesome Threat Intelligence](https://github.com/santosomar/awesome-threat-intelligence) - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.
|
||||
|
||||
## Active and Passive Reconnaissance Tips and Tools
|
||||
|
||||
### Passive Recon
|
||||
### Website Exploration and "Google Hacking"
|
||||
- censys : https://censys.io
|
||||
- Certficate Search: https://crt.sh/
|
||||
- ExifTool: https://www.sno.phy.queensu.ca/~phil/exiftool
|
||||
- Google Hacking Database (GHDB): https://www.exploit-db.com/google-hacking-database
|
||||
- Google Transparency Report: https://transparencyreport.google.com/https/certificates
|
||||
- Huge TLS/SSL certificate DB with advanced search: https://certdb.com
|
||||
- netcraft: https://searchdns.netcraft.com
|
||||
- SiteDigger: http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx
|
||||
- Spyse: https://spyse.com
|
||||
|
||||
#### Website Exploration and "Google Hacking"
|
||||
* censys - https://censys.io
|
||||
* Spyse - https://spyse.com
|
||||
* netcraft - https://searchdns.netcraft.com
|
||||
* Google Hacking Database (GHDB) - https://www.exploit-db.com/google-hacking-database
|
||||
* ExifTool - https://www.sno.phy.queensu.ca/~phil/exiftool
|
||||
* Certficate Search - https://crt.sh/
|
||||
* Huge TLS/SSL certificate DB with advanced search - https://certdb.com
|
||||
* Google Transparency Report - https://transparencyreport.google.com/https/certificates
|
||||
* SiteDigger - http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx
|
||||
### Data Breach Query Tools
|
||||
- BaseQuery: https://github.com/g666gle/BaseQuery
|
||||
- Buster: https://github.com/sham00n/buster
|
||||
- h8mail: https://github.com/khast3x/h8mail
|
||||
- LeakLooker: https://github.com/woj-ciech/LeakLooker
|
||||
- PwnDB: https://github.com/davidtavarez/pwndb
|
||||
- Scavenger: https://github.com/rndinfosecguy/Scavenger
|
||||
- WhatBreach: https://github.com/Ekultek/WhatBreach
|
||||
|
||||
### IP address and DNS Lookup Tools
|
||||
- [bgp](https://bgp.he.net/)
|
||||
|
|
@ -59,31 +63,36 @@ Open-source intelligence (OSINT) is data collected from open source and publicly
|
|||
- [Viewdns](https://viewdns.info/)
|
||||
- [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html)
|
||||
|
||||
#### Social Media
|
||||
### Social Media
|
||||
* A tool to scrape LinkedIn: https://github.com/dchrastil/TTSL
|
||||
* cree.py http://ilektrojohn.github.com/creepy
|
||||
|
||||
#### Whois
|
||||
### Whois
|
||||
WHOIS information is based upon a tree hierarchy. ICANN (IANA) is the authoritative registry for all of the TLDs and is a great starting point for all manual WHOIS queries.
|
||||
* ICANN - http://www.icann.org
|
||||
* IANA - http://www.iana.com
|
||||
* NRO - http://www.nro.net
|
||||
* AFRINIC - http://www.afrinic.net
|
||||
* APNIC - http://www.apnic.net
|
||||
* ARIN - http://ws.arin.net
|
||||
* LACNIC - http://www.lacnic.net
|
||||
* RIPE - http://www.ripe.net
|
||||
|
||||
- ICANN: http://www.icann.org
|
||||
- IANA: http://www.iana.com
|
||||
- NRO: http://www.nro.net
|
||||
- AFRINIC: http://www.afrinic.net
|
||||
- APNIC: http://www.apnic.net
|
||||
- ARIN: http://ws.arin.net
|
||||
- LACNIC: http://www.lacnic.net
|
||||
- RIPE: http://www.ripe.net
|
||||
|
||||
### BGP looking glasses
|
||||
* BGP4 - http://www.bgp4.as/looking-glasses
|
||||
* BPG6 - http://lg.he.net/
|
||||
- BGP4: http://www.bgp4.as/looking-glasses
|
||||
- BPG6: http://lg.he.net/
|
||||
|
||||
### DNS
|
||||
* dnsenum - http://code.google.com/p/dnsenum
|
||||
* dnsmap - http://code.google.com/p/dnsmap
|
||||
* dnsrecon - http://www.darkoperator.com/tools-and-scripts
|
||||
* dnstracer - http://www.mavetju.org/unix/dnstracer.php
|
||||
* dnswalk - http://sourceforge.net/projects/dnswalk
|
||||
- dnsenum - http://code.google.com/p/dnsenum
|
||||
- dnsmap: http://code.google.com/p/dnsmap
|
||||
- dnsrecon: http://www.darkoperator.com/tools-and-scripts
|
||||
- dnstracer: http://www.mavetju.org/unix/dnstracer.php
|
||||
- dnswalk: http://sourceforge.net/projects/dnswalk
|
||||
|
||||
## The OSINT Framework
|
||||
- [OSINT Framework](https://osintframework.com)
|
||||
|
||||
|
||||
## Dark Web OSINT Tools
|
||||
### Dark Web Search Engine Tools
|
||||
|
|
|
|||
Loading…
Reference in a new issue