From 458d99184908c03adc2ee205bd95f0d6e66adcea Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sat, 12 Oct 2019 15:53:55 +0700 Subject: [PATCH] Separate OSINT section from Social Engineering --- README.md | 154 +++++++++++++++++++++++++++--------------------------- 1 file changed, 76 insertions(+), 78 deletions(-) diff --git a/README.md b/README.md index e716cda..fcf1e86 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ This repository is created as an online bookmark for useful links, resources and - [Malware Analysis](#malware-analysis) - [Mobile Security](#mobile-security) - [Network Security](#network-security) +- [Open-source Intelligence (OSINT)](#open-source-intelligence-osint) - [Password Cracking and Wordlists](#password-cracking-and-wordlists) - [Post Exploitation](#post-exploitation) - [Social Engineering and OSINT](#social-engineering-and-osint) @@ -1332,6 +1333,79 @@ This repository is created as an online bookmark for useful links, resources and +## Open-source Intelligence (OSINT) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
BuscadorBuscador is an OSINT Linux Virtual Machine that is pre-configured for online investigations
CellID FinderFind GSM base stations cell id coordinates
CellMapperCellular Coverage and Tower Map
DataSploit/datasploitAn #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
FOFA ProThe Cyberspace Search Engine, Security Situation Awareness
GreyNoise VisualizerGreyNoise Visualizer
haccer/twintAn advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
InQuest/omnibusThe OSINT Omnibus
jofpin/trapePeople tracker on the Internet: OSINT analysis and research tool.
leapsecurity/InSpyA python based LinkedIn enumeration tool
OCCRP DataSearch 102m public records and leaks from 179 sources
OpenCelliDOpenCelliD - Largest Open Database of Cell Towers & Geolocation - by Unwired Labs
OWASP/AmassIn-depth Attack Surface Mapping and Asset Discovery
SpiderFootSpiderFoot - Opensource Intelligence Automation
superhedgy/AttackSurfaceMapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Recon-NGRecon-ng is a reconnaissance tool with an interface similar to Metasploit. Running recon-ng from the command line you enter a shell like environment where you can configure options, perform recon and output results to different report types.
woj-ciech/kamerkaBuild interactive map of cameras from Shodan
+ ## Password Cracking and Wordlists @@ -1537,29 +1611,9 @@ This repository is created as an online bookmark for useful links, resources and - - - - - - - - - - - - - - - - - - - - @@ -1577,38 +1631,14 @@ This repository is created as an online bookmark for useful links, resources and - - - - - - - - - - - - - - - - - - - - - - - - @@ -1621,18 +1651,6 @@ This repository is created as an online bookmark for useful links, resources and - - - - - - - - - - - - @@ -1645,18 +1663,6 @@ This repository is created as an online bookmark for useful links, resources and - - - - - - - - - - - - @@ -1666,12 +1672,8 @@ This repository is created as an online bookmark for useful links, resources and - - + + @@ -1681,10 +1683,6 @@ This repository is created as an online bookmark for useful links, resources and - - - -
boxug/trape People tracker on the Internet: Learn to track the world, to avoid being traced.
CellID FinderFind GSM base stations cell id coordinates
CellMapperCellular Coverage and Tower Map
dafthack/MailSniper MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
BuscadorBuscador is an OSINT Linux Virtual Machine that is pre-configured for online investigations
Dark Web MapDark Web Map - A visualization of 6.6k Tor onion services
DataSploit/datasploitAn #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
drk1wi/Modlishkafireeye/ReelPhish ReelPhish: A Real-Time Two-Factor Phishing Tool
FOFA ProThe Cyberspace Search Engine, Security Situation Awareness
gophish/gophish Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training
GreyNoise VisualizerGreyNoise Visualizer
haccer/twintAn advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
InQuest/omnibusThe OSINT Omnibus
jofpin/trapePeople tracker on the Internet: OSINT analysis and research tool.
kgretzky/evilginx2 Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
leapsecurity/InSpyA python based LinkedIn enumeration tool
Mailsploit TL;DR: Mailsploit is a collection of bugs in email clients that allow effective sender spoofing and code injection attacks. The spoofing is not detected by Mail Transfer Agents (MTA) aka email servers, therefore circumventing spoofing protection mechanisms such as DMARC (DKIM/SPF) or spam filters.muraenateam/muraena Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
OCCRP DataSearch 102m public records and leaks from 179 sources
OpenCelliDOpenCelliD - Largest Open Database of Cell Towers & Geolocation - by Unwired Labs
OWASP/AmassIn-depth Attack Surface Mapping and Asset Discovery
Phishing Frenzy Phishing Frenzy is an Open Source Ruby on Rails application that is leveraged by penetration testers to manage email phishing campaignssecurestate/king-phisher Phishing Campaign Toolkit
SpiderFootSpiderFoot - Opensource Intelligence Automation
superhedgy/AttackSurfaceMapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Recon-NGRecon-ng is a reconnaissance tool with an interface similar to Metasploit. Running recon-ng from the command line you enter a shell like environment where you can configure options, perform recon and output results to different report types.
thelinuxchoice/blackeye The most complete Phishing Tool, with 32 templates +1 customizablePhishing Tool for 18 social media: Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest
- Undeadsec/EvilURL - - An unicode domain phishing generator for IDN Homograph Attack - Undeadsec/EvilURLAn unicode domain phishing generator for IDN Homograph Attack
UndeadSec/SocialFishustayready/CredSniper CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
woj-ciech/kamerkaBuild interactive map of cameras from Shodan
## Vulnerable