16 OSINT TOOLS
Hey amazing hackers,
welcome back to my blogpost today I am going to be covering some useful OSINT tools for daily usage if you are ready lets dive into it:)
some people might not know what OSINT is. Lets explain a little bit. And please do not forget to clapp my Blog if you liked.
OSINT
Open source intelligence tools can be defined as tools that use multiple methods to gather specific information from publicly available resources and present that information to aid the decision-making process.
use case
when you plug a piece of data(such as an email address,phone number, name, etc..) you can gather some information about company, people, social media because it returns all known online sources that contain information relevant
Perform State of the art binary code analysis with IDA
What it is
the source code of the software is not always available.A dissassembler like IDA Pro translates machine-executable code into readable assembly language source code.
Use Case
An incident response team loads a malicous artifacts founds on a breached server into IDA pro to further analyze and understand its behaviour, such as for potential damage, and method of traversal.
Gather Geolocation information with Cree.py
What it is
cree.py is a geospatial visualization tool that centralizes and visualizes geolocated information pulled across multiple online sources You can use this for daily life :)
Use case
Once the plugin is configured, a user can feed the tool a social media artifacts. Creepy has a lot of available locations on the map, allowing the user to see which information was posted
Mine,Merge, and Map Information with maltego
what it is
Integrate data from public sources, commercial vendors, and internal sources via the Maltego, it has been a powerfull configuration and pre-integrated/packaged sources it is being ready to be used in investigation.
use case
A user feeds Maltego domain names, IP addresses, domain records, URLs or even email addresses. The service finds connections and relationships within the data which allows the user to create a graph.
Dns Records with DNSdumpters
What it is
DNSdumpster is a free domain research tool that can discover hosts, related to a domain, finding visible hosts from the attacker’s perspective is an important part of the security assessment process.
Use case
After a user enters a domain name, DNS dumpster identifies and displays all asscociated subdomains, helping map an organization’s entire attack surface which is based on DNS record.
TinEye for reverse image search
What it is
TinEye is an image-focused web crawling database that allows users to search by image and find where that image appears online
Use case
An Investigator uploads an image to TinEye or searches by UR. TinEye constantly crawls the web and adds images to compare or even finding some information.
Shodan: The search engine for the IOT
what it is
Websites are just one part of the internet Shodan allows analysts to discover which of their devices are connected to the internet, where they are located and who is using them
Use case
Shodan helps researchers monitor all devices within their network that are directly accessible from the internet, and therefore vulnerable attacks
Wayback machine
What it is
Wayback machine analyzes websites published across time, allowing researchers to review how the web page looked when it was orginally launched or updated, it also retrieves some information that website such as data of some user etc.
Use case
Suppose a website was seized by the FBI, but the orginal content is no longer there. Researchers can use wayback machine to reveal information that the site may have contained.
Have I been pwned
What it is
The service exposes the severity of the risk of online attacks, while helping victims of data breaches learn about compromises of their account. Users can subscribe to receive breach notifications.
Use case
Users can securely enter email addresses and passwords to find out if they have been hacked. The site returns a complete list of breaches where specific accounts have been exposed.
Exploit DB
What it is
The exploit database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Exploits are collected throughout the internet.
Use case
The exploit database is a repository for publicly available exploits, making it a valuable resource for those who need actionable data at their fingerprint.
VirusTotal
What it is
Virustotal inspects items with over 70 antivirus scanners and URL/domain blacklisting services. Scanning reports produced by VirusTotal are shared with the public to raise the global IT securiry level and awarenesses about potentially harmful content
Use case
Users can select a file from their computer using their browser and send it to virustotal. Results are shared with the submitter.
MrLooquer
What it is
Mrlooquer IOCFeed serves as an IOC reverse search engine. It collects a variety of IOC artifacts, like malware, phising, or common vulnerability exposures used.
Use case
Users can enter their own IOCs to find out where attacks could be coming soon
PhishTank
What it is
PhishTank is a free community site where anyone can submit, verify, track and share phising data. PhishTank also provides an open API for developers and researchers to integrate anti-phising into their application.
Use case
Users submit suspicious URLs via email, and PhishTank identifies, verifies, tracks, confirms, and publishes phising site.
CityProtect
What it is
CityProtect is a crime visualization site. Users provide a location within the US, along with some other paramaters, and detailed crime reports are delivered.
Use case
A user can analyze quantified criminal behaviour in a geographic area over time to help build an intelligenceled brief.
WhitePages
What it is
Whitepages offers to perform reverse name, address and phone number look up and returns high-level information on any individual or business
Use case
A useful tool for veryfing that the persons a researcher is dealing with are who they say are. Investigations are able to locate people and businesses, verify their addresses and much more..
Honeypot Sensor
what it is
HoneyDB has multiple honeypots throughout the internet waitng to be attacked. The service logs compete details of an attack.Including IP address, and the binary that was used to execute it , and lists them in the HoneyDB database.
Use case
A campaign that uses a unique exploit to commit a wide spread attack on every system possible. Would most likely infect one or more of the honeypots. A user then accesses detailed information on the attack to gather information.
Overall
There are a lot of tools, which can be used but I covered some useful tools for daily life hopefully, you will like it take your tea and read it experimental. If you have any doubts you can always ask me:)
Take care and I will see you in the next lecture..
Ahmet Göker | Ethical Hacker| DDOS researcher | CTF player | Tryhackme < %0.6 | Youtuber | blogger | pentester
Linkedin : https://www.linkedin.com/in/ahmetgöker
Twitter: https://twitter.com/@TurkishHoodie_
Telegram: stuXnet
Youtube: https://youtube.com/TurkishHoodie
Many Thanks for reading this post, please share with your friends to get more content/hacking/CTF and much more…..
