OSINT Tools

Here's a list of additional helpful tools that can be used for OSINT and Sand-boxing for Cyber Security Analysts and Researchers. These tools can be used to looking up information on Domains, IPs, URLs, File Hashes, etc.

Resources to find various OSINT platforms:

• OSINT4ALL

• OSHINT

• AwesomeOSINT

Business OSINT

• Open Corporate

• AI HIT

Wireless OSINT

• WiGLE

Frameworks

• Recon-ng

• Maltego

  • Requires an account.

Additional OSINT

• Spiderfoot - automates OSINT for threat intelligence and mapping your attack surface.

• CyberChef - Decode Base64, Convert data from a hexdump, then decompress, Decrypt and disassemble shellcode, and more.

• TorWhoIs - Look up an .onion address and see basic information such as date last seen, open ports, running software and banners

• IntelligenceX - Search Tor, I2P, data leaks, domains, and emails

• GreyNoise - Search for devices connected to the internet

• Dehashed - View leaked credentials and compromised assets

  • DeHashed-API-Tool by Heath Adams(TCM)

• Fast-Google-Dorks-Scan

• Ultimate Windows Security - View Windows Event codes, CVE's, and multiple other tools relating to WIndows Security.

• AlienVaultOTX - Extensive threat intelligence feed

• Censys - Assessing attack surface for internet connected devices

• URL2PNG - Get a screenshot of a website rather than browsing to it.

• DNSChecker - A wide variety of DNS, IP, and other tools.

• Bash.ws - Whois, host, dig, nslookup, ping, traceroute, and geoiplookup tool on IPs and Domains

• NSLookup.io - Find all name servers for a domain name with this online DNS NS checker

• Malware Bazaar - Search file hashes to see if they have been flagged as malicious.

• HaveIBeenPwned - Check if your email or phone is in a data breach

• DorkSearch - Faster Google dorking.

• ExploitDB - Archive of various exploits

• WayBackMachine - View content from edited, deleted and older websites

• Maltiverse - Search for indicators of compromise or something related

• HoneyDB - Provides real time data of honeypot activity.

• SecurityTrails - Extensive and historical DNS data

• ZoomEye - Gather information about targets

• Pulsedive - Search for threat intelligence

• GrayHatWarfare - Search public S3 buckets

• MHA Azure Websites - Message Head Analyzer

• PolySwarm - Scans files and URLs for threats

• LeakIX - Search publicly indexed information

• FullHunt - Search and discovery attack surfaces

• ONYPHE - Collects cyber-threat intelligence data

• Grep App - Git repository search

• Vulners - Search vulnerabilities in a large database

• Netlas - Search and monitor internet connected assets

• CRT sh - Search for certs that have been logged by CT

• Wigle - Database of wireless networks, with statistics

• PublicWWW - Marketing and affiliate marketing research

• Binary Edge - Scans the internet for threat intelligence

• Hunter.io - Search for email addresses belonging to a website

• Packet Storm Security - Browse latest vulnerabilities and exploits

• SearchCode - Search 75 billion lines of code from 40 million projects