keyboard_arrow_up

title: Cheatsheet OSINT
date: Aug 25, 2021
tags: DamCTF Writeups OSINT Cheatsheet Volatility3 Forensic ShieldsCTF Prog HeroCTF MidnightFlag


OSINT

Seach Engines 🔍️

Search Engines Description
https://www.exploit-db.com/google-hacking-database Google Dorking DB
https://tineye.com/ Reverse Image Search
https://citizenevidence.amnestyusa.org/ Youtube Data Viewer
https://www.startpage.com/ Meta Search Engine
https://www.searchftps.net/ FTP Search Engine 1
http://www.freewareweb.com/ftpsearch.shtml FTP Search Engine 2
https://www.shodan.io/ Web Connected Devices 1
https://censys.io/ Web Connected Devices 2
https://www.thingful.net/ Web Connected Devices 3
https://whatsmyname.app/ Search username
https://archive.org/web/ Get web archive

Website 🌐

Website Description
https://github.com/aboul3la/Sublist3r Subdomains Enumerator
https://pentest-tools.com Subdomains Enumerator With Server Information

Social Networks 💬

Tool Description
https://github.com/soxoj/maigret Social Media Account Gathering (fork of Sherlock)
https://github.com/megadose/holehe Find registered accounts from email
https://github.com/megadose/ignorant Check if a phone number is registered on social networks

Twitter

Tool Description
https://twitter.com/search-advanced Twitter advanced search

Facebook

Tool Description
https://github.com/sowdust/ffff Finds facebook friends (you can be banned)

Instagram

Tool Description
https://github.com/Datalux/Osintgram Instagram Account Information (need access to the account)
https://github.com/megadose/toutatis Extract phone number, mail, ID ...

TikTok

Tool Description
https://github.com/hippiiee/tiktok-url-timestamp Get the date of publication of a video

Linkedin

Tool Description
https://rocketreach.co Get the email adress of the personn
https://www.lusha.com Find mail, phone ...

Google/Youtube

Tool Description
https://github.com/mxrch/GHunt Google account information
https://mattw.io/youtube-metadata/ Youtube metadata
https://mattw.io/youtube-geofind/location Find video from a location

Github

Tool Description
https://api.github.com/search/users?q=email@hippie.cat Find user account from an email

Email 📝

Email Tool Description
https://github.com/m4ll0k/Infoga Email gathering
https://emailrep.io Check the reputation of a mail address

DNS/WHOIS 🗃️

Tool Description
https://dnsdumpster.com DNS recon and research
https://www.robtex.com/dns-lookup Whois, records, seo, alexa, DNS Blacklist
https://viewdns.info site down,dns record, reverse whois, iran firewall, chinese firewall, spam db
https://domainbigdata.com Great WHOIS
https://www.expireddomains.net monitor expired domains

Social Engineering 👥

Social Engineering Tool Description
https://github.com/Git-Ankitraj/blackeye-im Create a quick phishing web page

Leaks

Website Description
https://dehashed.com/ Get informations about a leaked account (password, address ...)
https://haveibeenpwned.com/ Check if an email is in a db leak
http://hackinflukyc37se.onion/LeakedPass Check username or email in data breaches.
http://xjypo5vzgmo7jca6b322dnqbsdnp3amd24ybx26x5nxbusccjkm4pwid.onion/ Check username or email in data breaches.
http://4wbwa6vcpvcr3vvf4qkhppgy56urmjcj2vagu2iqgp3z656xcmfdbiqd.onion Leak facebook (f*ck facebook)

Tempmail :e-mail:

Website Description
https://www.gmailnator.com Gmail temp mails
https://temp-mail.org Different domains available

Miscellaneous Tools 🔨

Misc Tools Description
https://github.com/laramies/theHarvester Use a domain to find information on multiple search engines (good ++)
https://github.com/Moham3dRiahi/Th3inspector Domain, website, phone, ip, email, credit card checker, subdomain ...
https://github.com/evyatarmeged/Raccoon DNS, Port scan, WHOIS, Web application (CMS ..), Subdomain ...
https://opencorporates.com The largest open database of companies in the world
https://osintframework.com/ Gather every OSINT tools

Darknet

:construction_worker: Work in progress