• Join CraxPro and earn real money through our Credit Rewards System. Participate and redeem credits for Bitcoin/USDT. Start earning today!
    Read the detailed thread here

Ultimate OSINT Ressources

Currently reading:
 Ultimate OSINT Ressources

oxtf69

Member
LV
1
Joined
Jun 17, 2023
Threads
23
Likes
33
Awards
5
Credits
18,449©
Cash
0$

Section 1: Note Keeping Tools for OSINT


Effective note-keeping is the backbone of successful OSINT investigations. In this section, we will explore the tools used for note-keeping. Discover how these tools work, how can they help to organize the collected data in an efficient way which can be later used for analysis, and a lot more.

KeepNote: http://keepnote.org/

CherryTree: https://www.giuspen.com/cherrytree/

Joplin: https://joplinapp.org/

Notion: https://www.notion.so/

Greenshot: https://getgreenshot.org/

Flameshot: https://github.com/flameshot-org/flameshot

Section 2: Sock Puppets and Anonymity


Explore the concept of sock puppets and anonymity in online investigations. This is an Alternate Identity used for OSINT so that we do not draw attention to ourselves. These accounts on social media look legitimate and have some posts and data of their own that should not tie back to us and keep us anonymous from any kind of trackback.

Sock Puppets​

Intro to Creating an Effective Sock Puppet: https://web.archive.org/web/20210125191016/https://jakecreps.com/2018/11/02/sock-puppets/

The Art Of The Sock: https://www.secjuice.com/the-art-of-the-sock-osint-humint/

My Process for Setting up Anonymous Sock Puppet Accounts(reddit): https://www.reddit.com/r/OSINT/comments/dp70jr

Anonymity​

Fake Name Generator: https://www.fakenamegenerator.com/

This Person Does not Exist: https://www.thispersondoesnotexist.com/

Privacy.com 1: https://privacy.com/

Section 3: Search Engine and Image OSINT


Use different search engines like Google, Bing, Yandex, and DuckDuckGo for gathering information. Each search engine has its capabilities Yandex is better than Google in terms of image searching as I have used it and gives better results than Google. Also, TinEye works great for reverse image searching.

Search Engines​

Google: https://www.google.com/

Google Advanced Search: https://www.google.com/advanced_search

Bing: https://www.bing.com/

Bing Search Guide: https://www.bruceclay.com/blog/bing-google-advanced-search-operators/

DuckDuckGo: https://duckduckgo.com/

DuckDuckGo Search Guide: https://help.duckduckgo.com/duckduckgo-help-pages/results/syntax/

Image​

Google Image Search: https://images.google.com

Yandex: https://yandex.com

TinEye: https://tineye.com

Section 4: Email, Password, and Username OSINT


Tools like Hunter.io 2, Dehashed, NameChk, and Email Hippo can be used for email and username investigation, along with password-checking resources. Some of them are paid services but they are worth it like Dehashed giving them a try can be very useful if you are investigating a large group of people and the company they work for.

Email

Hunter.io 2: https://hunter.io/

Phonebook.cz: https://phonebook.cz/

VoilaNorbert: https://www.voilanorbert.com/

Email Hippo: https://tools.verifyemailaddress.io/

Email Checker: https://email-checker.net/validate

Clearbit Connect: https://chrome.google.com/webstore/...percha/pmnhcgfcafcnkbengdcanjablaabjplo?hl=en

Password

Dehashed: https://dehashed.com/

WeLeakInfo: https://weleakinfo.io/

LeakCheck: https://leakcheck.io/

SnusBase: https://snusbase.com/

Scylla.sh: https://scylla.so/

HaveIBeenPwned: https://haveibeenpwned.com/

Username

NameChk: https://namechk.com/

WhatsMyName: https://whatsmyname.app/

NameCheckup: https://namecheckup.com/

Section 5: People and Social Media OSINT


Social media is a goldmine of publicly available information. This focuses on harnessing data from various platforms like Twitter, Facebook, and LinkedIn, providing insights into individuals’ online presence. These resources allow investigators, researchers, and analysts to track digital footprints, behavioral patterns, and connections, forming a critical aspect of understanding an individual’s or entity’s digital identity and activities.

People OSINT​

WhitePages: https://www.whitepages.com/

TruePeopleSearch: https://www.truepeoplesearch.com/

FastPeopleSearch: https://www.fastpeoplesearch.com/

FastBackgroundCheck: https://www.fastbackgroundcheck.com/

WebMii: https://webmii.com/

PeekYou: https://peekyou.com/

411: https://www.411.com/

Spokeo: https://www.spokeo.com/

That’s Then: https://thatsthem.com/

Voter Records: https://www.voterrecords.com

TrueCaller: https://www.truecaller.com/

Social Media OSINT​

Twitter Advanced Search: https://twitter.com/search-advanced

Social Bearing: https://socialbearing.com/

Twitonomy: https://www.twitonomy.com/

Tinfoleak: https://tinfoleak.com/

TweetDeck: https://tweetdeck.com/

IntelligenceX Facebook Search: https://intelx.io/tools?tab=facebook

Code of a Ninja: https://codeofaninja.com/tools/find-instagram-user-id/

InstaDP: https://instadp.io/

ImgInn: https://imginn.com/

Snapchat Maps: https://map.snapchat.com

Section 6: Website and Business OSINT


Here are some detailed resources like BuiltWith, Shodan, and OpenCorporates for investigating websites and businesses, along with their technological footprint. My personal favorites are BuiltWith, Shodan, Wayback Machine, also the Wappalyzer a chrome extension is also great you should give all of them a try!

Website OSINT​

BuiltWith: https://builtwith.com/

Domain Dossier: https://centralops.net/co/

DNSlytics: https://dnslytics.com/reverse-ip

SpyOnWeb: https://spyonweb.com/

Virus Total: https://www.virustotal.com/

Visual Ping: https://visualping.io/

View DNS: https://viewdns.info/

Pentest-Tools Subdomain Finder: https://pentest-tools.com/information-gathering/find-subdomains-of-domain#

Spyse: https://spyse.com/

crt.sh: https://crt.sh/

Shodan: https://shodan.io

Wayback Machine: https://web.archive.org/

Business OSINT​

Open Corporates: https://opencorporates.com/

AI HIT: https://www.aihitdata.com/

Section 7: Working with OSINT Tools


Finding more information about a website, business, etc. can be more useful so here are some tools like Subfinder, Amass, and httprobe, offering guidance on their usage for OSINT purposes which can save a lot of time, we can even run these tools simultaneously while we are investigating something else.

breach-parse: https://github.com/hmaverickadams/breach-parse

httprobe: https://github.com/tomnomnom/httprobe

Subfinder: https://github.com/projectdiscovery/subfinder

Assetfinder: https://github.com/tomnomnom/assetfinder

Amass: https://github.com/OWASP/Amass

GoWitness: https://github.com/sensepost/gowitness/wiki/Installation
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Tips

Similar threads

Top Bottom