20618
Every day I write about #osint (Open Source Intelligence) tools and techniques. Also little bit about forensics and cybersecurity in general. Work in https://t.me/netlas
urldna.io
Free online tool for gathering info about URL:
- screenshot
- SSL certificates
- IP addresses
- title/body text
- cookies
- technologies
- http requests
- headers
- console messages
- metatags
and more.
OSINTQUEST Investigation Platform
Free online tool (in development):
- graph data visualisation
- data acquisition from various social media platforms (Telegram, YouTube)
- collect information about email, company or website
and more.
Creator twitter.com/OsintQuest
FELT
FREE online tool for creating map-based visualizations:
- put labels with names and descriptions
- draw lines and routes
- choose from hundreds of backgrounds
- download your work as PDF, image, GeoJSON or share link to online version
felt.com
#geoint
Florence-2
A very good free online tool for recognising handwritten text (select the "More detailed caption" option for recognition).
https://huggingface.co/spaces/gokaygokay/Florence-2
Tip by twitter.com/dylfreed
🔥 A new tool to uncover website ownership and investigate information campaigns using various technical indicators and searching for similar content 🔍
👉 https://informationlaundromat.com/
Functionality:
🔸 Search by text snippets and get a list of websites that post the same content, through a few search engines
🔸 Compare and search similar websites by many technical indicators (using DNS, Shodan, Urlscan, metatags, links, IDs, and classes of HTML elements) to reveal hidden connections and common ownership
🔸 Use in-group match for a list of your links
🔸 Use the Domain Forensics Comparison Corpus
Learn more about the need for detecting copied content in OSINT in my SOWEL encyclopedia: https://sowel.soxoj.com/copying-content
#community #sowel
How to use Overpass Turbo
Quick (15 minutes of reading), but very detailed guide how to find places on OpenStreetMap that match certain parameters, using the Overpass Query Language (by /channel/dukera_ch).
https://publish.obsidian.md/dukera-gewel/How+to+Use+Overpass+Turbo
* Part of GEWEL - GEoint Weaknesses Enumeration List
What Telegram channels about #OSINT would you advise me to read?
Читать полностью…
Advanced Search Tools
- regional search engines
- privacy search engines
- search engines dorking
- fact checking tools
- database search tools
and more.
https://start.me/p/nRADzL/advanced-search-tools
Contributor twitter.com/intel0logist
#osint
LAZYEGG
Tool for extracting different data from web pages:
- cookies
- leaked credentials
- domains
- ips
- images
- links
and more.
https://github.com/schooldropout1337/nuclei-templates/blob/main/lazyegg.py
Creator twitter.com/gudetama_bf
#python #osint
ChatGPT for #OSINT Analysts: Your AI-Powered Assistant for Organizing Collected Intelligence
- Structured ChatGPT Prompts
- Extracting Key Intel
- Achieving OSINT Excellence
Author twitter.com/ervin_zubic
(since May 2024 ChatGPT-4 is free)
https://publication.osintambition.org/chatgpt-for-osint-analysts-your-ai-powered-assistant-for-organizing-collected-intelligence-33bbe4b1fac5
Partly free tools for gathering info by VIN and US License Plates numbers:
faxvin.com
epicvin.com
Where can you find the VIN?
- on the car or a picture of it
- in data or document leaks
Incident Response Projects for Beginners
Hands-on projects designed to enhance your cybersecurity skills:
- Phishing Attack Investigation
- Malware Analysis and Containment
- Network Intrusion Detection and Response
- DDoS Attack Detection and Response
https://github.com/0xrajneesh/Incident-Response-Projects-for-Beginners
Github Dorks
A simple free online query builder to search for different sensitive data in the repositories of a particular user or organisation.
https://github-dorks.vercel.app/
Contributor twitter.com/wthmanas
Partly free online tool for Instagram profile analyze.
- profile growth
- posts interactions
- hashtags
and more.
app.notjustanalytics.com
#osint #socmint
🤖 Botnadzor.com - a platform to detect bots in VK.com by account, post, or group. API and browser extensions are available.
❓ The project is designed to disclose the scale of hidden propaganda, misinformation publicly, and lies coming from seemingly real profiles of existing people. The photos on these profiles are stolen from dating sites or other social networks.
👉 Link: https://botnadzor.org/
👉 How to detect botnets and artificial content: https://sowel.soxoj.com/artificial-content-botnets
#botnet #sowel
I continue to advise usersearch.ai on the implementation of new features.
This month they added a module to collect information about Instagram users (without the need to authorise in Instagram): locations, statistics, interactions with other users.
Deleted Tweet Finder V1.7
A tool for trying to search for deleted tweets in different sources:
- Google Cache
- Wayback Machine
- Archive is
- Ghost Archive
- User Search
https://cache.digitaldigging.org/
Creator twitter.com/henkvaness
ATLAS
A free online tool for visualising geodata:
add datasets (from downloaded files or Atlas Data Hub) to the map
add drawings, photos, diagrams
analyse data on the map (count the number of objects of a certain type, etc.)
app.atlas.co
Tip by twitter.com/Techjournalisto
60 indicators to find potentially related sites
informationlaundromat.com analyses the html code of a website and extracts 60+ indicators from it to help find other related sites (using IP search engines like Shodan, Netlas, Censys or source code search engines like PublicWWW).
GeoSpy + OpenStreetMap search = super power
https://publication.osintambition.org/geospy-openstreetmap-search-super-power-a5c0a4028cdc
A 1-minute way to geolocate road signs that show the distance to the nearest cities
https://publication.osintambition.org/a-1-minute-way-to-geolocate-road-signs-that-show-the-distance-to-the-nearest-cities-9e8d4d08b93b
How to geolocate public transport photo using OverPass Turbo and AI
https://publication.osintambition.org/how-to-geolocate-public-transport-photo-using-overpass-turbo-and-ai-32fd3dfc1849
Building a Versatile Threat Intelligence Program for Any Environment
A very detailed and in-depth article by twitter.com/ervin_zubic on how to put the Threat Intelligence Cycle to work with examples of tools for each stage.
https://publication.osintambition.org/building-a-versatile-threat-intelligence-program-for-any-environment-fe2d6935baa2
Google & Shodan Dorks for web cameras search
Large list of search queries to find internet-connected webcams. Can be used in Google as well as various IP search engines (Shodan, Netlas, Censys etc).
https://github.com/ExploitXpErtz/WebCam-Google-Shodan-Dorks
SUBPROBER
A simple tool for scanning a list of websites. Allows you to collect a lot of data - IP address, status code, title, response length, content type, redirect info etc.
https://github.com/RevoltSecurities/SubProber
Tip by twitter.com/Dinosn
TEETO
A simple and completely free extension to quickly analyse a web page.
Finds endpoints (URLs), secrets (API-keys etc) and URL parameters.
https://chromewebstore.google.com/detail/teeto/jkonpljnfkapenfcfdhmilkbmnbalnml
VATINT (Vehicle and Transportation Intelligence) Tools
Online services for search by VIN or License Plates numbers in different countries;
Stolen car database (Europe);
Container and ships tracking;
Flights, trains, drones tracking
and much more.
https://github.com/CScorza/Tool-VATINT
Wednesday Updates #1, our weekly newsletter is out now.
Highlights: 7 Interesting blogs, 7 awesome videos, 9 new tools, 5 job openings, one free eBook and many more.
https://osintambition.substack.com/p/wednesday-updates-1
Subscribe to the newsletter for receiving all OSINT updates directly in your inbox.
Join @osintambition for more.
One Million Dorks
A repository with text files containing a million dorks for finding potentially vulnerable web pages and sensitive data (in Google and other search engines).
Can be used with various automation tools.
https://github.com/HackShiv/OneDorkForAll/tree/main/dorks/1M_dork
Contributor twitter.com/hack0Shiv
Awesome Google Dorks
List of operators and example queries in Google to search for:
- IOT devices
- google drive documents
- movies
- login pages
- files with emails and other contact info
and more.
https://github.com/Tobee1406/Awesome-Google-Dorks
The Man in Seat 61.
Mark Smith's (twitter.com/seatsixtyone) train seat maps collection
A website with a huge variety of information about European trains. Its creator has been working on the project for over 17 years.
seat61.com
#osint #geoint
HASHMOB
Multifunctional online tool to search password hashes.
Search for hashes (copy the text or load the list from a file, 500 hashes per hour for free), verify hashes against a certain algorithm, check password strength, download hashes lists.
hashmob.net