• Gerald Auger, PhD

Take Advantage of These 10 Open Source Intelligence OSINT Web Tools

Recon is the first step in the Cyber Kill Chain, but what tools to start with?


Let's Kickoff your OSINT toolbox with these 10 website OSINT tools that rock


Let's start with a banger that I just found out about 👇 #cybersecurity#OSINT#pentesting


  • TINFOLEAK https://tinfoleak.com This site allows you to Search for Twitter users leaks Basic info about a Twitter user (name, picture, location, followers, etc.) Devices and OS and much more.


  • Shodan! https://shodan.io Shodan is a search engine scanning the entirety of the internet for connected devices. Arguably my favorite and one that every #cybersecuirty pro should know both for recon and for educating end users on 'whats out there!'


  • BuiltWith https://builtwith.com BuiltWith® covers 60,940+ internet technologies which include analytics, advertising, hosting, CMS and many more. Basically it will allow you to plugin a website and see what the tech stack is under it.


  • Google (Dorking) http://Google.com Google is a powerful search engine, but power users know how to really utilize it. Keywords you can elicit very interesting OSINT from it. Check out this link for how to utilize Google for OSINT


  • ZoomEye https://zoomeye.org China based Internet resource aggregator. Per ZoomEye, its dataset is based on a large number of global surveying and mapping nodes, according to the global IPv4, IPv6 address and website domain name database. Think Shodan, but different.



  • OSINT Framework https://osintframework.com Great starting point mindmap of various OSINT tools and resources. This one is a bit meta on this list as its less of an OSINT tool and more of a repo of OSINT tools. Still awesome


  • Email OSINT with http://Hunter.iohttp://hunter.io Straight simple tool. You drop in a business domain and it pops out likely email naming convention based on OSINT. Tie this with LinkedIN and you can likely derive folks business email.


  • Reverse Image Search TinEYE https://tineye.com Cool tool to have in the back pocket, TinEye allows you upload an image and find other instances of it on the Internet. Useful if you're trying to build out a network or get leads with a pic.


  • Business lookup https://aihitdata.com Want to get info on a business or find other businesses in the same area as a client. This quick and simple tool will help you with that.


  • SOCK Puppet Helper - https://thispersondoesnotexist.com If you need a picture of a person but want to avoid privacy issues, and you're in a rush, this site will instantly generate someone that's completely virtual. Perfect for your sock puppets!


Want more???


Here's 25 Pentester OSINT Tools I covered in depth, check it out.




That's a wrap! If you enjoyed this thread:


1. Follow me on Twitter

@Gerald_Auger for more of these

2. Share this blog post with your audience


http://SimplyCyber.io for a ton more free #cybersecurity resources.