diff --git a/osint/README.md b/osint/README.md index 6e0d7bc..22072bb 100644 --- a/osint/README.md +++ b/osint/README.md @@ -21,28 +21,32 @@ Open-source intelligence (OSINT) is data collected from open source and publicly - [Xenu](http://home.snafu.de) - [ParamSpider](https://github.com/devanshbatham/ParamSpider) -## The OSINT Framework -- [OSINT Framework](https://osintframework.com) ## Open Source Threat Intelligence - [GOSINT](https://github.com/ciscocsirt/gosint) - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. - [Awesome Threat Intelligence](https://github.com/santosomar/awesome-threat-intelligence) - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it. -## Active and Passive Reconnaissance Tips and Tools -### Passive Recon +### Website Exploration and "Google Hacking" +- censys : https://censys.io +- Certficate Search: https://crt.sh/ +- ExifTool: https://www.sno.phy.queensu.ca/~phil/exiftool +- Google Hacking Database (GHDB): https://www.exploit-db.com/google-hacking-database +- Google Transparency Report: https://transparencyreport.google.com/https/certificates +- Huge TLS/SSL certificate DB with advanced search: https://certdb.com +- netcraft: https://searchdns.netcraft.com +- SiteDigger: http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx +- Spyse: https://spyse.com -#### Website Exploration and "Google Hacking" -* censys - https://censys.io -* Spyse - https://spyse.com -* netcraft - https://searchdns.netcraft.com -* Google Hacking Database (GHDB) - https://www.exploit-db.com/google-hacking-database -* ExifTool - https://www.sno.phy.queensu.ca/~phil/exiftool -* Certficate Search - https://crt.sh/ -* Huge TLS/SSL certificate DB with advanced search - https://certdb.com -* Google Transparency Report - https://transparencyreport.google.com/https/certificates -* SiteDigger - http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx +### Data Breach Query Tools +- BaseQuery: https://github.com/g666gle/BaseQuery +- Buster: https://github.com/sham00n/buster +- h8mail: https://github.com/khast3x/h8mail +- LeakLooker: https://github.com/woj-ciech/LeakLooker +- PwnDB: https://github.com/davidtavarez/pwndb +- Scavenger: https://github.com/rndinfosecguy/Scavenger +- WhatBreach: https://github.com/Ekultek/WhatBreach ### IP address and DNS Lookup Tools - [bgp](https://bgp.he.net/) @@ -59,31 +63,36 @@ Open-source intelligence (OSINT) is data collected from open source and publicly - [Viewdns](https://viewdns.info/) - [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html) -#### Social Media +### Social Media * A tool to scrape LinkedIn: https://github.com/dchrastil/TTSL * cree.py http://ilektrojohn.github.com/creepy -#### Whois +### Whois WHOIS information is based upon a tree hierarchy. ICANN (IANA) is the authoritative registry for all of the TLDs and is a great starting point for all manual WHOIS queries. -* ICANN - http://www.icann.org -* IANA - http://www.iana.com -* NRO - http://www.nro.net -* AFRINIC - http://www.afrinic.net -* APNIC - http://www.apnic.net -* ARIN - http://ws.arin.net -* LACNIC - http://www.lacnic.net -* RIPE - http://www.ripe.net + +- ICANN: http://www.icann.org +- IANA: http://www.iana.com +- NRO: http://www.nro.net +- AFRINIC: http://www.afrinic.net +- APNIC: http://www.apnic.net +- ARIN: http://ws.arin.net +- LACNIC: http://www.lacnic.net +- RIPE: http://www.ripe.net ### BGP looking glasses -* BGP4 - http://www.bgp4.as/looking-glasses -* BPG6 - http://lg.he.net/ +- BGP4: http://www.bgp4.as/looking-glasses +- BPG6: http://lg.he.net/ ### DNS -* dnsenum - http://code.google.com/p/dnsenum -* dnsmap - http://code.google.com/p/dnsmap -* dnsrecon - http://www.darkoperator.com/tools-and-scripts -* dnstracer - http://www.mavetju.org/unix/dnstracer.php -* dnswalk - http://sourceforge.net/projects/dnswalk +- dnsenum - http://code.google.com/p/dnsenum +- dnsmap: http://code.google.com/p/dnsmap +- dnsrecon: http://www.darkoperator.com/tools-and-scripts +- dnstracer: http://www.mavetju.org/unix/dnstracer.php +- dnswalk: http://sourceforge.net/projects/dnswalk + +## The OSINT Framework +- [OSINT Framework](https://osintframework.com) + ## Dark Web OSINT Tools ### Dark Web Search Engine Tools