Table of Contents
What is Open Source Intelligence(OSINT)?
Security analyst uses OSINT to harvest publicly available information which may aid analysis and investigation
There are tools that can be used to discover information that are publicly available.Knowing that information is available is one thing, the ability to collect this information and makes intelligence out of them is a great thing..Aside this tools,there are other OSINT tools on github.However,some of this tools are
Open Source Intelligence Tools
just like google and bing, Yandex is a great source for open source intelligence and my best usage so far is on image search.It works like magic.Like Google, Yandex is so much more than a search engine. It offers email, cloud, and online payment services, streaming music, news aggregation, and live traffic maps
If you know how to use the right syntax, google is a very good tool for gathering open source information about people and organizations. Syntax on google dorks
Shodan is the search engine for hackers.it keeps track of all the computers and assets on the network that are directly accessible from the internet. It doesn’t present results like other search engines. ,rather it shows result to make sense to a security professional. It provides information about assets that have been connected online. This helps security analyst to identify assets and test it for vulnerabilities. This OSINT tool lets you understand your digital footprint
This is a pre- bundled tool on the kali Linux operating system and it is an excellent tool for getting email and domain related information
This is used to perform an image related search on the web. You can search to check if an image has being available online and where it appeared
Spider foot automates open source intelligence to find out everything possible about your target
This is a digital archive of the world wide web and other information on the internet. It consists of snapshots of webpages over time.
This analyze suspicious files and URLs to detect types of malware, automatically share them with the security community. All you need to do is visit Virus Total file, URl or search for IP address that have being blacklisted.
This is another great open source intelligence tool,it delivers great threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.