MindMap for OSINT
- DNS Enum - Domian/Subdomain
- Check the Services/Applications Running
- Organization Details
- Organization users
- Organization Job Profiles
- Google Dorks - Follow Google Hacking Database
User Recon - Finding Emails
- Check for the files on the website, download and exif all the files for info on the users. Use ExifTool, Strings
- PowerMeta can be used to gather the data from a domain
- hunter.io - Can be used to find email address available online, free for first few times
- Awesome tool for finding Emails - Phonebook.cz
- voilanorbert.com - Gives 50 Free emails
- clearbit.com - Chrome Extension
- check if the email is valid or not - Verifalia.com / verifyemailaddress.org
- Find Users from Linkedn via BridgeKeeper
python bridgekeeper.py -c website.com
#can use the wordlist generator to create a set of wordlist "git clone https://github.com/captain-noob/username-list-generator.git"
- Automated recon using SpiderFoot
Gathering Breached Credentials
- Use heathadams breach-parse to find breached creds from a credential dump
- Haveibeenpwned.com - Check if the email is present in some breach
- Dehashed.com
-
Organization Technology Finder
#Similar to Wappalyzer but gives detailed information
https://builtwith.com/
Search Social Media Accounts of a user
git clone https://github.com/sherlock-project/sherlock.git
python3 sherlock username --timeout 1
Twitter OSINT
https://github.com/twintproject/twint
pip3 install twint
twint -u username
Comments
Post a Comment