Home OSINT
Post
Cancel

OSINT

Posted May 8, 2023 Updated May 8, 2023
By BanZ
3 min read

Open-soruce intelligence is the collection and analysis of data gathered from open sources to produce actionable intelligence.

Frameworks

  • https://osintframework.com/

Comprehensive Tools

Dehashed

  • https://www.dehashed.com/

FOFA

A search engine for the global cyberspace.

  • https://en.fofa.info/

Have I been Pwned

  • https://haveibeenpwned.com/

MetaDefander

An advanced threat detection and prevention platform.

  • https://metadefender.opswat.com/

OSINT TOOLS

  • https://www.nmmapper.com/

Shodan

A search engine that lets users search for various types of servers connected to the internet using a variety of filters.

  • https://www.shodan.io/

spiderfoot

  • https://github.com/smicallef/spiderfoot

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

1

python3 sf.py -l 127.0.0.1:5001

python3 sf.py -l 127.0.0.1:5001

threet intellegence

Find detailed information about a host and its underlying infrastructure in seconds through the Threat Intelligence Platform web interface.

  • https://threatintelligenceplatform.com/

ViewDNS.info

It provides Reverse IP Lookup, finds WHOIS records, so on. Checks other domains on the same IP.

Websites

Cisco Talos

One of the largest commercial threat intelligence teams in the world.

NerdyData

Get a list of websites that use certain source (HTML/Javascript source code e.g. Googla Analytics code).

Security Headers

Scan websites.

urlscan.io

URL and website scanner.

URLhaus

A project from abuse.ch with the goal of sharing malicious URLs that are being used for malware distribution.

Wappalyzer

It identifies technologies on websites.

  • Wayback Machine

It provides archived web pages.

  • –> Research Old Information

  • robots.txt, sitemap.xml, and other interesting files.

  • Directories

  • URL parameters

  • API keys

Useful Tools

Waybackurls

Fetch all URLs that the Wayback Machine knows about for a domain.

IP Address

AbuseIPDB

A project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.

Censys Search

It provides information of specific IP addresses and domains.

Cloudflare Radar

Up to date Internet trends and insight.

MAC Address

MAC Address Lookup

It provides you information about any MAC Address of a networking card installed into your computer or any other device.

Malware

MalShare

A community driven public malware repository that works to provide free access to malware samples and tooling to the infomation.

MalwareBazaar

A project from abuse.ch with the goal of sharing malware samples with the infosec community, AV vendors and threat intelligence providers.

Indicators of Compromise (IOCs)

ThreatFox

A platform from abuse.ch with the goal of sharing indicators of compromise (IOCs) associated with malware with the infosec community, AV vendors and threat intelligence providers.

Botnet

Feodo Tracker

A project of abuse.ch with the goal of sharing botnet C&C servers associated with Dridex, Emotet (aka Heodo), TrickBot, QakBot (aka QuakBot / Qbot) and BazarLoader (aka BazarBackdoor).

SSL

Qualys

This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.

SSLBL

A project of abuse.ch with the goal of detecting malicious SSL connections, by identifying and blacklisting SSL certificates used by botnet C&C servers. In addition, SSLBL identifies JA3 fingerprints that helps you to detect & block malware botnet C&C communication on the TCP layer.

Email Address

Hunter

Adversary Tactics

MITRE ATT&CK

A globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

MITRE Cyber Analytics Repository

MITRE Engage

Disclaimer

1
2

Exploit Notes are only for educational purpose or penetration testing, not attacking servers that you're not authorized. This site will not take any responsibility even if you attack the server illegally or cause damage unintentionally. Please use the contents in this site at your own risk.
The contents of this site are not original, but based on the information on the internet, the author actually tried and functioned. Although the author strives to post the latest information on the content of this site as much as possible, there is no guarantee that it will always be new.
learning, rev
ctf
This post is licensed under CC BY 4.0 by the author.
Recently Updated
Trending Tags
ctf learning web
Trending Tags
ctf learning web