h4cker/osint/README.md
2023-08-20 15:20:19 -04:00

6.7 KiB

Open-source Intelligence (OSINT)

Open-source intelligence (OSINT) is data collected from open source and publicly available sources. The following are a few OSINT resources and references:

Passive Recon Tools:

Open Source Threat Intelligence

  • Awesome Threat Intelligence - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.

OSINT Source Highlights

Website Description
shodan.io Server
google.com Dorks
wigle.net WiFi Networks
grep.app Codes Search
app.binaryedge Threat Intelligence
onyphe.io Server
viz.greynoise.io Threat Intelligence
censys.io Server
hunter.io Email Addresses
fofa.info Threat Intelligence
zoomeye.org Threat Intelligence
leakix.net Threat Intelligence
intelx.io OSINT
app.netlas.io Attack Surface
searchcode.com Codes Search
urlscan.io Threat Intelligence
publicwww.com Codes Search
fullhunt.io Attack Surface
socradar.io Threat Intelligence
binaryedge.io Attack Surface
ivre.rocks Server
crt.sh Certificate Search
vulners.com Vulnerabilities
pulsedive.com Threat Intelligence

Website Exploration and "Google Hacking"

Data Breach Query Tools

IP address and DNS Lookup Tools

Social Media

Acquisitions and

  • OCCRP Aleph - The global archive of research material for investigative reporting.

Whois

WHOIS information is based upon a tree hierarchy. ICANN (IANA) is the authoritative registry for all of the TLDs and is a great starting point for all manual WHOIS queries.

BGP looking glasses

DNS

The OSINT Framework

Dark Web OSINT Tools

Dark Web Search Engine Tools

Tools to Crawl Dark Web Data

Other Great Intelligence Gathering Sources and Tools

Active Recon