From 7bed5b4607c2358658313cb2732a2d844d40a368 Mon Sep 17 00:00:00 2001
From: Omar Santos <santosomar@gmail.com>
Date: Wed, 17 Jan 2018 22:45:47 -0500
Subject: [PATCH] adding OSINT resources

---
 osint/README.md                          |  7 +++++++
 useful_commands_and_scripts/dns_recon.md | 21 +++++++++++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 osint/README.md
 create mode 100644 useful_commands_and_scripts/dns_recon.md

diff --git a/osint/README.md b/osint/README.md
new file mode 100644
index 0000000..5a9732b
--- /dev/null
+++ b/osint/README.md
@@ -0,0 +1,7 @@
+# Open Source
+
+Open-source intelligence (OSINT) is data collected from open source and publicly available sources. The following are a few OSINT resources and references:
+
+* [GOSINT](https://github.com/ciscocsirt/gosint) - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
+* [Awesome Threat Intelligence](https://github.com/santosomar/awesome-threat-intelligence) - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.
+* [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html) - most queried domains based on passive DNS usage across our Umbrella global network of more than 100 Billion requests per day with 65 million unique active users, in more than 165 countries.
diff --git a/useful_commands_and_scripts/dns_recon.md b/useful_commands_and_scripts/dns_recon.md
new file mode 100644
index 0000000..0b25f52
--- /dev/null
+++ b/useful_commands_and_scripts/dns_recon.md
@@ -0,0 +1,21 @@
+# DNS Reconnassaince
+
+## DNSRECON
+* [dnsrecon](https://github.com/darkoperator/dnsrecon) - DNS Enumeration Script created by Carlos Perez (darkoperator)
+
+Reverse lookup for IP range:
+`./dnsrecon.rb -t rvs -i 10.1.1.1,10.1.1.50`
+
+Retrieve standard DNS records:
+`./dnsrecon.rb -t std -d example.com`
+
+Enumerate subdornains:
+`./dnsrecon.rb -t brt -d example.com -w hosts.txt`
+
+DNS zone transfer:
+`./dnsrecon -d example.com -t axfr`
+
+
+## Parsing NMAP Reverse DNS Lookup
+
+`nmap -R -sL -Pn -dns-servers dns svr ip range | awk '{if( ($1" "$2" "$3)=="NMAP scan report")print$5" "$6}' | sed 's/(//g' | sed 's/)//g' dns.txt `