mirror of
https://github.com/enaqx/awesome-pentest.git
synced 2024-12-31 18:16:15 -05:00
Merge pull request #330 from meitar/osint-categories
Start categorization of OSINT tools list.
This commit is contained in:
commit
17ee7e9e3c
68
README.md
68
README.md
@ -51,6 +51,12 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
|
||||
* [Network Vulnerability Scanners](#network-vulnerability-scanners)
|
||||
* [Web Vulnerability Scanners](#web-vulnerability-scanners)
|
||||
* [OSINT Tools](#osint-tools)
|
||||
* [Data broker and search engine services](#data-broker-and-search-engine-services)
|
||||
* [Dorking tools](#dorking-tools)
|
||||
* [Email search and analysis tools](#email-search-and-analysis-tools)
|
||||
* [Metadata harvesting and analysis](#metadata-harvesting-and-analysis)
|
||||
* [Network device discovery tools](#network-device-discovery-tools)
|
||||
* [Source code repository searching tools](#source-code-repository-searching-tools)
|
||||
* [Online Resources](#online-resources)
|
||||
* [Online Code Samples and Examples](#online-code-samples-and-examples)
|
||||
* [Online Exploit Development Resources](#online-exploit-development-resources)
|
||||
@ -476,43 +482,61 @@ See also [awesome-industrial-control-system-security](https://github.com/hslatma
|
||||
|
||||
## OSINT Tools
|
||||
|
||||
* [AQUATONE](https://github.com/michenriksen/aquatone) - Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.
|
||||
* [BinGoo](https://github.com/Hood3dRob1n/BinGoo) - GNU/Linux bash based Bing and Google Dorking Tool.
|
||||
* [Censys](https://www.censys.io/) - Collects data on hosts and websites through daily ZMap and ZGrab scans.
|
||||
* [DataSploit](https://github.com/upgoingstar/datasploit) - OSINT visualizer utilizing Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye behind the scenes.
|
||||
* [dorkbot](https://github.com/utiso/dorkbot) - Command-line tool to scan Google (or other) search results for vulnerabilities.
|
||||
* [FOCA (Fingerprinting Organizations with Collected Archives)](https://www.elevenpaths.com/labstools/foca/) - Automated document harvester that searches Google, Bing, and DuckDuckGo to find and extrapolate internal company organizational structures.
|
||||
* [GooDork](https://github.com/k3170makan/GooDork) - Command line Google dorking tool.
|
||||
* [Google Hacking Database](https://www.exploit-db.com/google-hacking-database/) - Database of Google dorks; can be used for recon.
|
||||
* [GyoiThon](https://github.com/gyoisamurai/GyoiThon) - GyoiThon is an Intelligence Gathering tool using Machine Learning.
|
||||
* [Hunter.io](https://hunter.io/) - Data broker providing a Web search interface for discovering the email addresses and other organizational details of a company.
|
||||
* [Intrigue](http://intrigue.io) - Automated OSINT & Attack Surface discovery framework with powerful API, UI and CLI.
|
||||
* [Maltego](http://www.paterva.com/web7/) - Proprietary software for open source intelligence and forensics, from Paterva.
|
||||
* [OWASP Amass](https://github.com/OWASP/Amass) - Subdomain enumeration via scraping, web archives, brute forcing, permutations, reverse DNS sweeping, TLS certificates, passive DNS data sources, etc.
|
||||
* [PacketTotal](https://packettotal.com/) - Simple, free, high-quality packet capture file analysis facilitating the quick detection of network-borne malware (using Bro and Suricata IDS signatures under the hood).
|
||||
* [Shodan](https://www.shodan.io/) - World's first search engine for Internet-connected devices.
|
||||
* [SimplyEmail](https://github.com/SimplySecurity/SimplyEmail) - Email recon made fast and easy.
|
||||
* [Sn1per](https://github.com/1N3/Sn1per) - Automated Pentest Recon Scanner.
|
||||
* [Spiderfoot](http://www.spiderfoot.net/) - Multi-source OSINT automation tool with a Web UI and report visualizations.
|
||||
* [creepy](https://github.com/ilektrojohn/creepy) - Geolocation OSINT tool.
|
||||
* [gOSINT](https://github.com/Nhoya/gOSINT) - OSINT tool with multiple modules and a telegram scraper.
|
||||
* [image-match](https://github.com/ascribe/image-match) - Quickly search over billions of images.
|
||||
* [recon-ng](https://github.com/lanmaster53/recon-ng) - Full-featured Web Reconnaissance framework written in Python.
|
||||
* [sn0int](https://github.com/kpcyrd/sn0int) - Semi-automatic OSINT framework and package manager.
|
||||
|
||||
### Data broker and search engine services
|
||||
|
||||
* [Hunter.io](https://hunter.io/) - Data broker providing a Web search interface for discovering the email addresses and other organizational details of a company.
|
||||
* [Threat Crowd](https://www.threatcrowd.org/) - Search engine for threats.
|
||||
* [Virus Total](https://www.virustotal.com/) - Free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
|
||||
* [ZoomEye](https://www.zoomeye.org/) - Search engine for cyberspace that lets the user find specific network components.
|
||||
* [creepy](https://github.com/ilektrojohn/creepy) - Geolocation OSINT tool.
|
||||
* [surfraw](https://github.com/kisom/surfraw) - Fast UNIX command line interface to a variety of popular WWW search engines.
|
||||
|
||||
### Dorking tools
|
||||
|
||||
* [BinGoo](https://github.com/Hood3dRob1n/BinGoo) - GNU/Linux bash based Bing and Google Dorking Tool.
|
||||
* [dorkbot](https://github.com/utiso/dorkbot) - Command-line tool to scan Google (or other) search results for vulnerabilities.
|
||||
* [github-dorks](https://github.com/techgaun/github-dorks) - CLI tool to scan GitHub repos/organizations for potential sensitive information leaks.
|
||||
* [GooDork](https://github.com/k3170makan/GooDork) - Command line Google dorking tool.
|
||||
* [Google Hacking Database](https://www.exploit-db.com/google-hacking-database/) - Database of Google dorks; can be used for recon.
|
||||
* [dork-cli](https://github.com/jgor/dork-cli) - Command line Google dork tool.
|
||||
* [dorks](https://github.com/USSCltd/dorks) - Google hack database automation tool.
|
||||
* [fast-recon](https://github.com/DanMcInerney/fast-recon) - Perform Google dorks against a domain.
|
||||
* [gOSINT](https://github.com/Nhoya/gOSINT) - OSINT tool with multiple modules and a telegram scraper.
|
||||
* [github-dorks](https://github.com/techgaun/github-dorks) - CLI tool to scan GitHub repos/organizations for potential sensitive information leaks.
|
||||
* [image-match](https://github.com/ascribe/image-match) - Quickly search over billions of images.
|
||||
* [metagoofil](https://github.com/laramies/metagoofil) - Metadata harvester.
|
||||
* [pagodo](https://github.com/opsdisk/pagodo) - Automate Google Hacking Database scraping.
|
||||
* [recon-ng](https://github.com/lanmaster53/recon-ng) - Full-featured Web Reconnaissance framework written in Python.
|
||||
* [sn0int](https://github.com/kpcyrd/sn0int) - Semi-automatic OSINT framework and package manager.
|
||||
* [snitch](https://github.com/Smaash/snitch) - Information gathering via dorks.
|
||||
* [surfraw](https://github.com/kisom/surfraw) - Fast UNIX command line interface to a variety of popular WWW search engines.
|
||||
* [theHarvester](https://github.com/laramies/theHarvester) - E-mail, subdomain and people names harvester.
|
||||
* [vcsmap](https://github.com/melvinsh/vcsmap) - Plugin-based tool to scan public version control systems for sensitive information.
|
||||
|
||||
### Email search and analysis tools
|
||||
|
||||
* [SimplyEmail](https://github.com/SimplySecurity/SimplyEmail) - Email recon made fast and easy.
|
||||
* [WhatBreach](https://github.com/Ekultek/WhatBreach) - Search email addresses and discover all known breaches that this email has been seen in, and download the breached database if it is publicly available.
|
||||
|
||||
### Metadata harvesting and analysis
|
||||
|
||||
* [FOCA (Fingerprinting Organizations with Collected Archives)](https://www.elevenpaths.com/labstools/foca/) - Automated document harvester that searches Google, Bing, and DuckDuckGo to find and extrapolate internal company organizational structures.
|
||||
* [metagoofil](https://github.com/laramies/metagoofil) - Metadata harvester.
|
||||
* [theHarvester](https://github.com/laramies/theHarvester) - E-mail, subdomain and people names harvester.
|
||||
|
||||
### Network device discovery tools
|
||||
|
||||
* [AQUATONE](https://github.com/michenriksen/aquatone) - Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.
|
||||
* [Censys](https://www.censys.io/) - Collects data on hosts and websites through daily ZMap and ZGrab scans.
|
||||
* [OWASP Amass](https://github.com/OWASP/Amass) - Subdomain enumeration via scraping, web archives, brute forcing, permutations, reverse DNS sweeping, TLS certificates, passive DNS data sources, etc.
|
||||
* [Shodan](https://www.shodan.io/) - World's first search engine for Internet-connected devices.
|
||||
* [ZoomEye](https://www.zoomeye.org/) - Search engine for cyberspace that lets the user find specific network components.
|
||||
|
||||
### Source code repository searching tools
|
||||
|
||||
* [vcsmap](https://github.com/melvinsh/vcsmap) - Plugin-based tool to scan public version control systems for sensitive information.
|
||||
* [Yar](https://github.com/Furduhlutur/yar) - Clone git repositories to search through the whole commit history in order of commit time for secrets, tokens, or passwords.
|
||||
|
||||
## Online Resources
|
||||
|
Loading…
Reference in New Issue
Block a user