MindMap for OSINT - DNS Enum - Domian/Subdomain - Check the Services/Applications Running - Organization Details - Organization users - Organization Job Profiles - Google Dorks - Follow Google Hacking Database User Recon - Finding Emails - Check for the files on the website, download and exif all the files for info on the users. Use ExifTool, Strings - PowerMeta can be used to gather the data from a domain - hunter.io - Can be used to find email address available online, free for first few times - Awesome tool for finding Emails - Phonebook.cz - voilanorbert.com - Gives 50 Free emails - clearbit.com - Chrome Extension - check if the email is valid or not - Verifalia.com / verifyemailaddress.org - Find Users from Linkedn via BridgeKeeper python bridgekeeper.py -c website.com #can use the wordlist generator to create a set of wordlist "git clone https://github.com/captain-noob/username-list-generator.git" - Automated recon using SpiderFoot Gathering Breached Credential
Way to Divergence