20618
Every day I write about #osint (Open Source Intelligence) tools and techniques. Also little bit about forensics and cybersecurity in general. Work in https://t.me/netlas
Today twitter.com/K_2SOsint informed me that filetype:pdf stopped working in Google (and it's not working for me too 😱😱😱).
But fortunately, filetype:pdf still works in other search engines (Bing, Duckduckgo, Yandex etc).
Useful #linux commands for working with PDF files in command line:
ocrmypdf - OCR text
pdftotext - extract text
pdfimages - extract images
exiftool - extract metadata
pdfgrep - search matches with keyword/regular expression
pdfunite - merge PDFs in one file (for quick view)
Tools for AI analysis of PDF content (partially free, free trial or free)
reeder.ai
pdf.ai
hipdf.com/ai-read-pdf
docalysis.com
chatpdf.com
chatdoc.com
pdfinspect.com
brainypdf.com
And another free online tool that can identify city and country from a photo.
https://huggingface.co/spaces/visheratin/mc-llava-3b
#geoint
Articles about using Overpass Turbo in my Medium:
GeoSpy + OpenStreetMap search = super power
A 1-minute way to geolocate road signs that show the distance to the nearest cities
How to geolocate public transport photo using OverPass Turbo and AI
cyb_detective" rel="nofollow">https://medium.com/@cyb_detective
Welcome to my channel!♥️♥️♥️
Please take a look at my three main projects:
OSINT stuff tools (1000+) collection:
https://github.com/cipher387/osint_stuff_tool_collection
Worldwide OSINT tools map:
https://cybdetective.com/osintmap/
Netlas CookBook:
https://github.com/netlas-io/netlas-cookbook
Github Dorks Cheat sheet
- finding files
- finding API keys, tokens and passwords
- Github dorks automation tools
Creator twitter.com/therceman
Worldwide #OSINT Tools map
747 links (50 new) - national registries, phone books, yellow pages, cadastral maps and much more.
Almost 300 countries, cities, states and regions.
https://cybdetective.com/osintmap/
Awesome Bug Bounty Writeups
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)
Clickjacking (UI Redressing Attack)
Local File Inclusion (LFI)
Subdomain Takeover
Authentication Bypass
SQL injection
and more.
https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
Contributor twitter.com/0xAsm0d3us
Password hash decryption tools:
crackstation.net
hashes.com/en/decrypt/hash
cmd5.org
md5decrypt.net
onlinehashcrack.com (paid, but has lot of additional functionality)
#cli
HashCat https://github.com/hashcat/hashcat
Search That Hash https://github.com/HashPals/Search-That-Hash
How to check what your passwords are in leaks
exposed.lol search leaked passwords by email (may be unstable)
breachdirectory.org search password's sha1 hashes by email or nickname (md5decrypt.net/en/Sha1/)
search.0t.rocks search emails by password
Tools to search for people's contacts (free or trial free):
x-ray.contact
datalead.ai
signalhire.com
predictasearch.com
usersearch.org
snov.io
castrickclues.com
osint.industries
epieos.com
cvecrowd.com
Alternative to Cvetrends (stopped working due to Twitter API restrictions). Shows the most popular CVEs in Fidverse for the last 24 h.
Don't forget that servers with different vulnerabilities can be searched for free at app.netlas.io.
When I started my Github profile in the summer of 2021, I didn't even think about the login, since I assumed no one would look at it. But today my repositories have garnered over 10,000 stars!
https://github.com/cipher387
Thanks to all my readers for your support!
New section in API for #osint: AI Geolocation.
If you need to determine the approximate location of more photos, you can automate this process using GeoSpy API or Picarta API.
https://github.com/cipher387/API-s-for-OSINT/
Added more reactions to posts in the settings. Which ones do I need to add more?
Читать полностью…
Useful CSVKit (https://github.com/wireservice/csvkit) commands for working with CSV files in command line:
in2csv - convert xls to csv
csvcut - extract columns
csvgrep - find rows with matches keyword/regex
csvjson - convert csv to json
csvstat - stats info
csvsql - SQL query to csv
0-click account takeover on Facebook
In January 2024, Samip Aryal🇳🇵 twitter.com/samiparyal_ discovered a vulnerability that allowed quick takeover of any Facebook account. The problem has now been fixed🧑🔧 and the researcher described it in detail in a write-up
https://samiparyal.medium.com/0-click-account-takeover-on-facebook-e4120651e23e
Awesome Overpass Turbo
All for using Overpass Turbo - web based tool for OpenStreetMap that runs Overpass API query and shows the results on map
- Servers
- Tutorials
- Articles
- Videos
- Tools (AI, command line, online, GeoJSON visualizers)
https://github.com/cipher387/awesome-overpass-turbo
OVERPASS ULTRA
Reimagining of Overpass Turbo powered by MapLibre GL JS
- visualize larger datasets than Overpass Turbo
- support live mode (automatically make Overpass API queries as you pan & zoom the map)
and more.
https://overpass-ultra.trailsta.sh/
#geoint
#DFIR Regular Expressions
List of #regex for searching and extracting:
- ip adresses
- nicknames
- passwords
- phone numbers
- emails
- filenames
- URLs
and more.
https://github.com/joshbrunty/DFIR-Regular-Expressions
Contributor twitter.com/joshbrunty
A Beginner’s Guide to Tracking Malware Infrastructure using Censys.io
Indicators that we can use:
- TLS Certificates
- HTTP Response Titles
- Service Banners
- Locations and ASN Providers
- Open Directories
https://censys.com/a-beginners-guide-to-tracking-malware-infrastructure/
Author twitter.com/embee_research
Mass Hunting for Leaked Sensitive Documents
Detailed article from twitter.com/ott3ly:
- Project discovery’s public bug bounty programs
- BBSCOPE tool from sw33tLie
- Preparing VPS for Mass Hunting PDF Files
- Scanning the Targets For Big Bucks
https://ott3rly.com/mass-hunting-for-leaked-sensitive-documents/
Many tools for #osint (Waymore, Katana, Maigret etc) return long lists of URLs as results. Here's an article on how to work with them a bit more efficiently:
5 very simple tricks to quickly analyze a larger list of URLs
cyb_detective/5-simple-tricks-to-quickly-analyze-a-larger-list-of-urls-860c9b718b34" rel="nofollow">https://medium.com/@cyb_detective/5-simple-tricks-to-quickly-analyze-a-larger-list-of-urls-860c9b718b34
Valid8Proxy
- retrieve proxies from popular proxy sources
- efficiently validate proxies
- save the list of validated proxies to a file
https://github.com/spyboy-productions/Valid8Proxy
Creator twitter.com/itisspyboy
Tip by twitter.com/akaclandestine ♥️
#python
exposed.lol
Leaked databases search tool.
14 billion accounts + (emails and passwords)
Check yourself
Tip by twitter.com/ManuelBot59 #ff
#osint #leaks
ONYPHE CHEAT SHEET
Examples of queries for searching:
- services and networks
- systems & devices
- TLS & Certificates
- IPs by geolocation
High quality:
https://www.onyphe.io/files/onyphecheatsheetfreeview.pdf
Cheat sheets for other IP search engines:
https://github.com/cipher387/awesome-ip-search-engines/
RIS Propeller Intelligence Cycle
Alternative to the traditional Intelligence Cycle. Includes descriptions of actions for the three phases of an investigation:
- preparation cycle
- intelligence cycle
- report cycle
Detailed article by twitter.com/ArnoReuser:
https://rieas.gr/images/jmbi/ReuserArno.pdf
Awesome Threat Detection and Hunting
- Detection, Alerting and Automation Platforms
- Endpoint Monitoring
- Network Monitoring
- Email Monitoring
- Detection Rules
and much more.
https://github.com/0x4D31/awesome-threat-detection
Contributor twitter.com/0x4d31
Tip by twitter.com/akaclandestine
One of the strengths of http://app.netlas.io is its integrations with different services:
Reingine
Subfinder
Tines Automation
Owasp Amass
Uncover
Maltego
Integrations for other IP search engines can be found here:
https://github.com/cipher387/awesome-ip-search-engines/