Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is!
A directory of tools for domain, network, and PII reconaissance. Includes some Google searching tricks.
A service which tracks changes to Twitter profiles, name changes, pinned tweet changes... authenticate with Twitter or Github.
Every user account has its onw RSS feed, incidentally.
This updated guide aims to provide introduction to various tracking techniques, id verification techniques and guidance to creating and maintaining anonymous identities online including social media accounts safely.
Will this guide help you protect yourself from the NSA, the FSB, Mark Zuckerberg or the Mossad if they’re out to find you? Probably not … Mossad will be doing “Mossad things” and will probably find you no matter how hard to try to hide.
Github: https://github.com/AnonymousPlanet/thgtoa
Creative Commons Attribution 4.0 International (cc-by-4.0)
This project goes around the internet and finds services, webapps, and credential leaks to index them. No user profile/sessions information shared. JSON search API. Can register for an API key.
A search engine for public records archives and sub-searches around the country.
Intelligence X differentiates itself from other search engines in these unique ways:
The search works with selectors, i.e. specific search terms such as email addresses, domains, URLs, IPs, CIDRs, Bitcoin addresses, IPFS hashes, etc.
It searches in places such as the darknet, document sharing platforms, whois data, public data leaks and others.
It keeps a historical data archive of results, similar to how the Wayback Machine from archive.org stores historical copies of websites.
You can use Intelligence X to perform any kind of open source intelligence. We deliver fast, high-quality results and make the deepest parts of the internet accessible with a few clicks. Intelligence X searches billions of selectors in a matter of milliseconds. Combined with our data archive this is a powerful new tool.
Do you want to get threat intelligence data about a file, an IP or a domain? Do you want to get this kind of data from multiple sources at the same time using a single API request? Can be integrated easily in your stack of security tools to automate common jobs. Composed of analyzers that can be run to retrieve data from external sources or to generate intel from internal analyzers (like Yara or Oletools).
Free and open threat intel feeds. Reputation, malware identification, blacklists, known bad IP ranges, blocklists, and more.
Twint is an advanced Twitter scraping tool written in Python that allows for scraping Tweets from Twitter profiles without using Twitter's API.
Twint utilizes Twitter's search operators to let you scrape Tweets from specific users, scrape Tweets relating to certain topics, hashtags & trends, or sort out sensitive information from Tweets like e-mail and phone numbers. I find this very useful, and you can get really creative with it too.
Twint also makes special queries to Twitter allowing you to also scrape a Twitter user's followers, Tweets a user has liked, and who they follow without any authentication, API, Selenium, or browser emulation.
Does not require you to have a Twitter account.
A curated list of amazingly awesome open source intelligence tools and resources. Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources)
A maintained collection of free actionable resources for those conducting OSINT investigations. None of the links below should point to paid software or services, these are for actual OSINT investigations.
ONYPHE is a search engine for open-source and cyber threat intelligence data collected by crawling various sources available on the Internet or by listening to Internet background noise. ONYPHE correlates this information with data gathered by performing active Internet scanning for connected devices. It then normalizes information and make it available via an API and its search language.
Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Webapp, uses Flask. Has a REST API.
A visual directory, source map, and explorer for OSINT sources and utilities. If you're not sure what you need or what to try, browse the categories until you find something that looks useful.
Github repo for the page: https://github.com/lockfale/OSINT-Framework
IntelTechniques Search Tool. Use the links to the left to access all of the custom search tools and resources. This repository contains hundreds of online search utilities. Click any category to expand the selection. The first option offers an automated search tool, while the remaining options offer additional resources if needed.
A collection of open source and commercial tools that aid in red team operations.