Every day I write about
#osint
(Open Source Intelligence) tools and techniques. Also little bit about forensics and cybersecurity in general. Work in
@netlas_io
ZEHEF
A simple
#Python
tool that collects information about an email. It checks its reputation in different sources and finds possible accounts in different social networks (some functions may not work properly, the tool is in development).
#osint
Free Certifications
I'll be honest, I don't have a certificates at all. But I know that many IT professionals love to add certificates to their CVs and Linkedin profiles.
This repository contains links to 148 FREE online IT certifications
How to download photos from any Instagram account without authorization?
1. Open
2. Insert the link {target_instaram_login}
3. Click "Extract" button
4. Highlight photos and click "Download all"
Works with limitations, but works.
Ghunt online version.
Get info about Google account by email:
- name
- default profile and cover pictures;
- calendar events and timezone;
- Google Maps reviews;
- Google Plus and Google Chat data;
#osint
#socmint
DorkGPT
Describe what you want to find in human language and get a Google query using advanced search operators. Suitable for "juicy info" and vulnerable sites, as well as for any other search tasks.
Creator
@PredictaLabOff
Search in data leaks database (14, 491, 682, 918 records) by:
First/Last name
Password
IP Address
Phone
VIN
City
and other fields.
(use of the service may violate the laws of your country)
Forensic Analysis Tools
Linux distributions
Windows Forensic Environment
Mac Forensic Tools
Copy and recovery data software
Metadata analysis
Additional resources
Contributor
@SerScorza
APIs for OSINT
As a reminder, I have a Github repo with over a hundred APIs for automating dozens of different
#osint
tasks: collecting information about people, companies, etc.
If you don't know how to use APIs, read this:
Leaked passwords database search tool
Search by 3,2 billions leaked credentials by:
- email
- nickname
- password
(you can also try searching by mobile number, as some people use it as a password)
Tip by
@SaltinDeadsec
Today I'm starting to compile a list of Twitter accounts of Linux distributions created specifically for OSINT and cybersecurity research.
In this thread🧵 I will tell you which project is behind each account on the list.
Yesterday, my Twitter finally got 25,000+ followers🥳
I've been preparing for this day for several months now, and today I present to you the book
PYTHON FOR OSINT. 21 DAY COURSE FOR BEGINNERS
(the course is free, donate just if you want)
AWESOME CYBER SECURITY UNIVERSITY
About
Introduction and Pre-Security
Free Beginner
#Redteam
Path
Free Beginner
#Blueteam
Path
Bonus CTF practice and Latest CVEs
Contributor
@brootware
Awesome Cybersecurity Handbooks
30 quick reference guides on various cybersecurity topics:
#osint
#forensics
reverse engineering
social engineering
wireless attacks
and more.
Contributor
@syr0_
Digital Forensics Lab
(lesson slides)
- Basic Computer Skills for DFIR
- Basic Networking Skills for DFIR
- Computer and DFIR
- Computer Forensics Case Study
- Mobile/IoT Forensics Case Study
- Forensic Intelligence Repository
- AI for Forensics
I've been working on my
#osint
tool collection for 15 months. It includes tools from my tweets from April 2021. Today I added 41 new tools from last month's tweets.
Now:
131 sections and subsections
1000+ tools (almost all links with descriptions)
RT 🙏
OSINT Anonymous
A list of tools and techniques for hiding your real identity during investigations:
Random personal data generatots;
Temporary emails;
Free SMS receiving services;
Fake faces generation;
Social media privacy recommendations;
and more.
Attack surface database of the entire Internet.
Search info by domain, ip, technology, host, tag, port, city and more.
Partly free
Founder
@mazen160
#osint
DATA SURGEON
A tool for extracting various sensitive data from text files and web pages. For example:
- emails
- phone numbers
- API keys
- URLs
- MAC addresses
- Hashes
- Bitcoin wallets
and more.
#rust
#osint
Ultimate OSINT Search Engine + list of 281+ tools for information gathering about":
IP Adress
Social Media Account
Email
Phone
Domain
Person
Venicle
and more.
Python3 for Digital Forensics
A small collection of
#python
scripts for routine
#dfir
tasks:
Metadata extraction;
Timeline parsing
MFT parsing and analysis
Event log analysis
and more
Contributor
@Ish_dante
A simple but very interesting example of solving the geolocation challenge.
How to determine a person's location by a couple of blurred inscriptions in a lift and the number of floors in a couple of minutes?
Author
@ronkaminskyy
Security Study Plan
Practical detailed plans to study different areas of cybersecurity:
AWS
Azure
Docker
Web Penetration Testing
Docker
Application Security Testing
Network
and more.
Contributor
@jassics
Awesome Cyber Skills
List of places, where you can train your
#pentest
skills free, legally and safely:
fake vulnerable website/applications
hackers games/challenges
CTFs
open online courses
and more.
Counter OSINT Guide
A detailed guide to help protect your personal data and make yourself as difficult a target for investigation as possible.
Contributor
@soxoj
Google Maps Scraper
Total FREE.
NO LOGIN REQUIRED.
Slowly (be patient).
Scrape links to place, titles, phones, websites, links to images and much more!
Creator
@gosom6
#geoint
#golang
100
#redteam
projects
A list of 100 projects that are worth a close look at the source code for someone who wants to become a high-level professional:
Advanced Network Attacks
Data analysis
Payloads
Cryptography
Reverse Engineering
Post exploitation
Fast Google Dorks Scan
Search the website for vulnerable pages and files with sensitive information using 45 types of Google Dorks.
Creator
@IvanGlinkin
#bash
#opensource
#osint
One way to find out the variations of passwords a person uses by email.
1. Go to (search in leaks)
2. Type in an email search
3. Copy the SHA-1 Hash of the password found.
4. Search for it in the database of decrypted hashes
#osint
Enter the domain and get quick links to collect information about it in 95 different services:
- ip history
- whois history
- web archives
- backlinks
- subdomains
- site map
- threat and spam checking
and more.
#osint
#pentest
Famous Irish investigator
@osintme
compiled a list of 100+ hacker, cracker, carder & cyber criminal forums.
It comes in handy when investigating cybersecurity incidents, as well as just for educational purposes.
#osint
#cybersecurity
The power of
#OSINT
in automation. There are many ways to gain this power, but I would recommend:
1. Learn the basics of Python + some Python OSINT tricks ( ).
2. Practise your new skills on some REST APIs ()
Awesome IP Search Engines
A large list of training materials and automation tools for working with IP search engines (
@shodanhq
@censysio
@fofabot
@zoomeye_team
etc):
- guides
- "dorks" lists
- intregrations
- network scanners
- exploit automation tools
AI for OSINT
A list of AI tools that will help you in creating reports, writing code, transcribing video and audio, and other tasks.
Contributor
@CScorzaOSINT
Public penetration reports
Hundreds of public penetration test reports from well-known
#cybersecurity
companies and research groups. Useful for pentesters who want to learn how to make quality, standards-compliant reports.
Contributor
@juliocesarfort
Incident Response Methodologies 2022
Detailed guidelines to handle different types of security incidents:
Scam;
Phishing;
DDOS;
Website Defacement;
Insider Abuse;
Blackmail
and more.
Contributor
@CertSG
Free simple tool that allows you to download website files in the .onion domain zone as an archive with html, css, javascript and other files.
#darkweb
#osint
Awesome Anti-Forensic
List of tools for countering
#forensic
activities:
Data tampering
Hiding process
Encryption/Obfuscation
Steganography
Cleaner/Data Destruction/Wiping
and more.
Today I started compiling a list of the
#twitter
accounts of companies that develop useful
#OSINT
tools.
In this thread🧵, I'll talk about the project behind each account on the this list.
Python for OSINT. Free 21 day course Notion template (
@NotionHQ
)
I recommend that you dedicate 15-20 minutes to this course every morning for 21 days. Duplicate this template and receive a daily notification reminding you to complete the lesson.
Thank you very much for following my profile💕💕💕
Python for OSINT. 21 day free course for beginners
Worldwide map of OSINT tools
Collection of 1000+ OSINT tools
All projects
SOC Multi Tool
Chrome Extension for quick:
IP/Domain Reputation Lookup
IP/ Domain Info Lookup
Hash Reputation Lookup (
Decoding of Base64 & HEX using CyberChef
File Extension & Filename Lookup
and more (view pic)
Thanks for tip
@andalusiahacker
You only need about 3 hours of reading to take your
#OSINT
automation skills to the next level:
Python for OSINT. 21 day course for beginners
Linux for OSINT. 21-day course for beginners
Netlas CookBook
Today I added 45 new tools in my
#OSINT
collection.
Now there are 550 of them (22 categories, 38 subcategories).
In honor of this event, I will do a thread🧵 in which I will talk about all my collections, lists, and other projects related to osint.
A tool for locating photos and satellite images:
Specify the objects you see and the distance between them (ex: a 10-story building 80 meters from a park).
Select a search area (ex: a district of a city)
Get a list of places that fit the description.
"Best online tools for
#Telegram
investigations"
An article with small list of the most important search engines, directories, online services, and bots for finding any information in Telegram.
Thanks for tip
@osintbear
IACA DarkWeb Tools
Universal search engines
Search Pastebins
Search DarkWeb Marketplaces
Search DarkWeb Social Media
Thanks for tip
@0xtechrock
* Use in Tor browser
* some services may not work
InstaOSINT
A small list of useful links for Instagram OSINT:
Convert ID to Username/Username to ID
Download photos from the feed
Download post comments and followers
and more.
(be careful, use "sock puppets" accounts, there is a risk of blocking)
TOSINT (Telegram OSINT)
Tool to extract valuable information from Telegram bots and channels.
It is extremely rare for an OSINT tool to continue to be updated by its creator two years after its release.
👏👏👏
@AndreaDraghetti
SIM HIJACKING
A detailed explanatory long read by
@sensepost
:
- Attacks Using Just A Phone Number
- Subscriber Identification Module (SIM)
- AT Commands
- SIM Application Toolkit (STK)
- TAR (Toolkit Application Reference)
Tip by
@0xor0ne
Surveillance under Surveillance
World map of surveillance camera locations (mostly Europe and neighbor countries)
For some cameras detailed information is given: geo coordinates, type, mount, timestamp etc
Email OSINT
Free online tool from
@OsintIndustries
. Enter email and get a list of accounts that may be associated with it (accounts for which this email was used to register or those where the email in the profile description).
Tft
@0xtechrock
Email Finder
Enter a person's first and last name, domain name of a company or email service, and then get a list of possible email addresses with their status (free).
#osint
Welcome to my profile!♥️♥️♥️
Please take a look at my three main projects:
OSINT stuff tools (1000+) collection:
Worldwide OSINT tools map:
Netlas CookBook:
7 free online
#OSINT
Tools
GHUNT - Google account info
Sherlock - nickname enumeration
Holehe - search accounts by email
Ignorant - search accounts by phone
Whois domain lookup
WhatsApp profile info
HudsonRock - email leaks lookup
Tip by
@0xtechrock
Digital Forensics Guide
Getting Started
Certifications & Courses
Digital Forensics and Threat Intelligence Tools, Libraries, and Frameworks
Virtualization
File systems
Networking
User and Entity Behavior Analytics (UEBA)
Detection & Response Types
Contributor
@MikeR256
#dfir
You've probably heard about the fact that a password can be deduced from the audio recordings of keyboard. Here you can read more about how it works and see list of acoustic keyboard eavesdropping tools
Demo
Contributor
@ggerganov
Meanwhile, my Github profile already has a 1K followers:
Collection of 1000+ OSINT tools
Worldwide OSINT tools interactive map
Dorks collection list
Advanced search operators list
and more.
JSLEAK
Extreme fast
#Go
tool to find secrets (emails, API keys etc), paths, links in the source code during domain recon.
Contributor
@bytehx343
#osint
Today is the 28th of December. Linus Torvalds birthday.
I've been preparing for this day for six months and I present to you my new FREE book:
Linux for OSINT. 21-day course for beginners
Only 12,000 words in the book (1 hour to read).
#linux
#osint
GoFindWhois
More than 180 online tool for domain investigaions in one. What's not to be found here: reverse whois, hosting history, cloudfare resolver, redirect check, reputation analyze...
Can be used as a workflow.
Creator
@netbootcamp
#osint
Offensive AI Compilation
Everything about AI and cybersecurity:
- exploiting the vulnerabilities of AI models;
- use of AI to accomplish a malicious task and boost classic attacks
- detection and content generation tools.
Contributor
@MiguelHzBz
Awesome Cybersecurity ChatGPT Prompts
A list of examples of ChatGPT usage for different cybersecurity purposes:
Сode audit
Improve work efficiency and generate mind maps
Tools using instructions
Tools recommendations
Historical vulnerability tracking