23 results tagged
osint
✕
Do you want to get threat intelligence data about a file, an IP or a domain? Do you want to get this kind of data from multiple sources at the same time using a single API request? Can be integrated easily in your stack of security tools to automate common jobs. Composed of analyzers that can be run to retrieve data from external sources or to generate intel from internal analyzers (like Yara or Oletools).
Free and open threat intel feeds. Reputation, malware identification, blacklists, known bad IP ranges, blocklists, and more.
Twint is an advanced Twitter scraping tool written in Python that allows for scraping Tweets from Twitter profiles without using Twitter's API.
Twint utilizes Twitter's search operators to let you scrape Tweets from specific users, scrape Tweets relating to certain topics, hashtags & trends, or sort out sensitive information from Tweets like e-mail and phone numbers. I find this very useful, and you can get really creative with it too.
Twint also makes special queries to Twitter allowing you to also scrape a Twitter user's followers, Tweets a user has liked, and who they follow without any authentication, API, Selenium, or browser emulation.
Does not require you to have a Twitter account.
Twint utilizes Twitter's search operators to let you scrape Tweets from specific users, scrape Tweets relating to certain topics, hashtags & trends, or sort out sensitive information from Tweets like e-mail and phone numbers. I find this very useful, and you can get really creative with it too.
Twint also makes special queries to Twitter allowing you to also scrape a Twitter user's followers, Tweets a user has liked, and who they follow without any authentication, API, Selenium, or browser emulation.
Does not require you to have a Twitter account.
A curated list of amazingly awesome open source intelligence tools and resources. Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources)
A maintained collection of free actionable resources for those conducting OSINT investigations. None of the links below should point to paid software or services, these are for actual OSINT investigations.
ONYPHE is a search engine for open-source and cyber threat intelligence data collected by crawling various sources available on the Internet or by listening to Internet background noise. ONYPHE correlates this information with data gathered by performing active Internet scanning for connected devices. It then normalizes information and make it available via an API and its search language.
Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Webapp, uses Flask. Has a REST API.
A visual directory, source map, and explorer for OSINT sources and utilities. If you're not sure what you need or what to try, browse the categories until you find something that looks useful.
Github repo for the page: https://github.com/lockfale/OSINT-Framework
Github repo for the page: https://github.com/lockfale/OSINT-Framework
IntelTechniques Search Tool. Use the links to the left to access all of the custom search tools and resources. This repository contains hundreds of online search utilities. Click any category to expand the selection. The first option offers an automated search tool, while the remaining options offer additional resources if needed.
A collection of open source and commercial tools that aid in red team operations.
An OSINT collection utility which gathers information about domains. Hunts for subdomains, searches SHODAN for hits, grabs banners and headers, web UI. Don't know if there's an API yet.
A tool which digs up OSINT on a target. Domain names, usernames, phones, credentials API keys, and correlates them. Performs active scans to collect data. Generates HTML, JSON, plain text reports.
A web portal linking to dozens of sources of freely available OSINT for anyone to make use of. Put the pieces together yourself, if you've a mind to.
An online application that lets you search for the e-mail addresses of people, even though their addresses may not be publically known.
A blog about automating the gathering and analysis of OSINT data. Lots of howto stuff. Lifeline's grabbing the RSS feed already.
An open source OSINT collection system written in Python. Web interface. Collect information about sites, IP addresses, or IP blocks. Public data sources are pluggable and grow in number with each release. Runs on Linux, BSD, or Windows. Modular. Visualization engine with Gephi integration. Easy to install dependencies, aware of distro-provided packages of most of them. No authentication by default but it can be turned on. Supports the use of API keys for some of the services it can integrate with. SQLite back-end database.