Advanced OSINT Attacks
- recon-ng framework for Targets Reconnaissance: https://bitbucket.org/LaNMaSteR53/recon-ng/downloads
- Tapir Framework "TAPIR is a framework designed to make it easy to discover data about entities - organizations, users, computers, and networks - on the web, using common (and not so common) OSINT techniques" https://github.com/intrigueio/tapir
- Search Engines for OSINT and Recon http://daveshackleford.com/?p=999
- "The OSINT OPSEC Tool monitors multiple 21st Century OSINT sources real-time for keywords, then analyses the results, generates alerts, and maps trends of the data, finding all sorts of info people probably don't want others to see." https://github.com/hyprwired/osint-opsec-tool
- Automated Open Source Intelligence (OSINT) Using APIs http://raidersec.blogspot.co.uk/2012/12/automated-open-source-intelligence.html
- Video: "OSInt, Cyberstalking, Footprinting and Recon: Getting to know you" http://www.irongeek.com/i.php?page=videos/osint-cyberstalking-footprinting-recon
- OSInt more for Journalists: http://www.scoop.it/t/osint-sources-tools-and-methods
- Insane list of Military links for conducting OSINT http://www.academia.edu/2897000/OSINT_Tools_Research
- Compilation of tools put together for you: http://www.subliminalhacking.net/2012/12/27/osint-tools-recommendations-list/
- Free Resources list for the book "Hiding from the Internet: Eliminating Personal Online Information." written buy Michael Bazzell http://computercrimeinfo.com/cleaningid.html
- OSINT Training by Michael Bazzell http://inteltechniques.com/links.html
- One-Stop Resource for Open Source Intelligence http://www.osintinsight.com/shared.php?user=Mediaquest#.VAX4HPl5OOw
Security Vulnerabilities discovered for you by the Internet Communities:
- Automated Security Analyser for ASP.NET Websites https://asafaweb.com/
- PunkSPIDER a global web application vulnerability search engine http://punkspider.hyperiongray.com/
- Compromised emails' credentials: https://pwnedlist.com/query Use this converter to protect your email: http://www.convertstring.com/Hash/SHA512
According to this link http://prezi.com/hkgnpskw_w5l/automated-osint-in-2012-ear/ the steps for conducting the OSINT research are:
Finding information
Acquiring information
Selecting data
Analyzing data
Producing intelligence
Managing the data
When "Acquiring data" we use:
DNS/Whois/Robtex
Hoovers
Web Scraping
EDGAR
IP Geolocation
Email address scraping
SocNet scraping
PublicData.com, et al
OSS Databases
State Websites
Job Sites
Gathering tools:
nslookup/dig/whois
Fierce
SEAT/Goolag
theHarvester
Metagoofil
Serversniff
Hoovers
DomainTools
CentralOps
Robtex
Pipl
Wigle.net
Hybrid Tools
FOCA
Maltego
EAR
Cree.py
Netglub
Tapir https://github.com/intrigueio/tapir
Might not needed but worth knowing them:
Palantir Government https://www.youtube.com/watch?v=UQvfM9TsGpQ
Microstrategy
Trilogy Software
Mapview
Archview
Omniture's Discover on Premises
Recorded Future
Basis Technology
Kapow
Encase
Analysis Notebook
KnightX+
Cogito
OSINT Jobs http://www.careerjet.co.uk/search/jobs?s=osint&l=london
"Here is the newest class of tools that you can’t afford to overlook, coming soon to an enterprise near you" http://techcrunch.com/2012/10/27/big-data-right-now-five-trendy-open-source-technologies/
Information Brokers
Acxiom
LexisNexis
ChoicePoint
KnowX
Docusearch
DiscreetData
MasterFiles
Infochimps