Open in app

Sign in

Write

Sign in

Tools for OSINT

Renato Basante Borbolla
4 min readJun 6, 2019

::Mass scanners (search engines)

• Censys - platform that helps information security practitioners discover, monitor, and analyze devices.

• Shodan - the world’s first search engine for Internet-connected devices.

• Shodan 2000 - do you use Shodan for everyday work? This tool looks for randomly generated data from Shodan.

• GreyNoise - mass scanner such as Shodan and Censys.

• ZoomEye - search engine for cyberspace that lets the user find specific network components.

• FOFA - is a cyberspace search engine.

• onyphe - is a search engine for open-source and cyber threat intelligence data collected.

• IntelligenceX - is a search engine and data archive.

• binaryedge - it scan the entire internet space and create real-time threat intelligence streams and reports.

• wigle - is a submission-based catalog of wireless networks. All the networks. Found by Everyone.

• PublicWWW - find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code.

• IntelTechniques - this repository contains hundreds of online search utilities.

• Hackle - search engine for hackers and security professionals.

• hunter - lets you find email addresses in seconds and connect with the people that matter for your business.

• GhostProject? - search by full email address or username.

• databreaches - was my email affected by data breach?

• Buckets by Grayhatwarfar - database with public search for Open Amazon S3 Buckets and their contents.

• Vigilante.pw - the breached database directory.

• builtwith - find out what websites are built with.

• Mamont’s open FTP Index - if a target has an open FTP site with accessible content it will be listed here.

• OSINT Framework - focused on gathering information from free tools or resources.

• maltiverse - is a service oriented to cybersecurity analysts for the advanced analysis of indicators of compromise.

• Leaked Source - is a collaboration of data found online in the form of a lookup.

• We Leak Info - to help everyday individuals secure their online life, avoiding getting hacked.

• pipl - is the place to find the person behind the email address, social username or phone number.

• abuse.ch - is operated by a random swiss guy fighting malware for non-profit.

• malcOde - malware search engine.

• Cybercrime Tracker - monitors and tracks various malware families that are used to perpetrate cyber crimes.

• NerdyData - search source code across 65 million websites.

• searchcode - helping you find real world examples of functions, API’s and libraries.

• Insecam - the world biggest directory of online surveillance security cameras.

• index-of- contains great stuff like: security, hacking, reverse engineering, cryptography, programming etc.

::Passwords

• Gotcha? - list of 1.4 billion accounts circulates around the Internet.

• have i been pwned? - check if you have an account that has been compromised in a data breach.

::Exploits databases

• CVE Mitre - list of publicly known cybersecurity vulnerabilities.

• CVE Details - CVE security vulnerability advanced database.

• Exploit DB - CVE compliant archive of public exploits and corresponding vulnerable software.

• Oday.today - exploits market provides you the possibility to buy zero-day exploits and also to sell Oday exploits.

• sploitus - the exploit and tools database.

• cxsecurity - free vulnerability database.

• Vulncode-DB - is a database for vulnerabilities and their corresponding source code if available.

• cveapi - free API for CVE data.

::DarkWeb

• Darksearch - It seems to be a reliable dark web search engine with the ability to use advanced search operators. You can view this search engine on any web browser but you will only be able to follow the links found in its index by using Tor or similar.

• TorBot - If you’re looking for an advanced tool for dark web research, TorBot probably is and will continue to be overkill. As of this writing, the last update to TorBot was in February. It uses Python 3.x and requires a Tor dependency. TorBot has a list of features that makes it useful for multiple applications. Features include:

— Onion Crawler (.onion).(Completed)

— Returns Page title and address with a short description about the site.(Partially Completed)

— Save links to database.(PR to be reviewed)

— Get emails from site.(Completed)

— Save crawl info to JSON file.(Completed)

— Crawl custom domains.(Completed)

— Check if the link is live.(Completed)

— Built-in Updater.(Completed)

— Visualizer module.(Not started)

— Social Media integration.(not Started) …(will be updated)

What I appreciate about TorBot is how ambitious the project is. There is a laundry list of promised features that are currently being worked on that are very exciting including:

— Visualization Module

— Implement BFS Search for webcrawler

— Multithreading for Get Links

— Improve stability (Handle errors gracefully, expand test coverage and etc.)

— Create a user-friendly GUI

— Randomize Tor Connection (Random Header and Identity)

— Keyword/Phrase search

— Social Media Integration

— Increase anonymity and efficiency

--

--

Renato Basante Borbolla

Written by Renato Basante Borbolla

56 Followers

Purple Team | Cyber Threat Intelligence | Pentester | Red Team | OSINT | Social Engineer | Ethical Hacker ~ #PowerShell #RedTeam #C2 #PurpleTeam #AWS #Azure

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams