You Don't Have To Be The CIA To Gather Intelligence On The Web!
Open Source Intelligence (OSINT) is a different type of intelligence discipline. The difficulty is in identifying relevant, reliable sources from the vast amount of publicly available information. However, this is not as great a challenge for those who know how to access local knowledge and how to leverage human experts who can create new tailored knowledge on the fly. In this blog, we are going to provide you with a list of basic sources of OSINT or better yet the source of information that is widely used to gather intelligence on the web.
While our intention is to provide free resource, some of these might require subscriptions or payment to utilize their full features.
- Spokeo – People search engine and free white pages finds phone, address, email, and photos. Find people by name, email, address, and phone for free.
- theHarvester – This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their organization.
- Foca – FOCA 3.2 Free is a fingerprint and information gathering tool for pen-testers. It searches for servers, domains, URLS and public documents and print out discovered information in a network tree. It also searches for data leaks such as metadata, directory listing, un-secure HTTP methods, .listing or .DS_Store files, active cache in DNS Serves, etc…
- Shodan – Search for computers based on software, geography, operating system, IP address and more
- Maltego – Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.
- Deep Magic – Search for DNS records and other fun stuff
- Jigsaw – Jigsaw is a prospecting tool used by sales professionals, marketers and recruiters to get fresh and accurate sales leads and business contact information.
- Hoovers – Search over 85 million companies within 900 industry segments; Hoover’s Reports Easy-to-read reports on key competitors, financials, and executives
- Market Visual – Search Professionals by Name, Company or Title
- FoxOne Scanner – Non- Invasive and Non-Detectable WebServer Reconnaissance Scanner
- Stalker – STALKER is a tool to reconstruct all captured traffic (wired or wireless alike) and parse out all of the “interesting” information disclosures. It goes beyond just grabbing passwords and emails out of the air as it attempts to build a complete profile of your target(s). You would be amazed at how much data you can collect in 15 minutes.
- LittleSis – LittleSis is a free database of who-knows-who at the heights of business and government.
- Entity Cube – EntityCube is a research prototype for exploring object-level search technologies, which automatically summarizes the Web for entities (such as people, locations and organizations) with a modest web presence.
- TinEye – TinEye is a reverse image search engine built by Idée currently in beta. Give it an image and it will tell you where the image appears on the web.
- Google Hacking DB – Google Search Query Fu to find the secret sauce
- Social Mention – Social Mention is a social media search engine that searches user-generated content such as blogs, comments, bookmarks, events, news, videos, and more
- Glass Door – Search jobs then look inside. Company salaries, reviews, interview questions, and more – all posted anonymously by employees and job seekers.
- NameCHK – Check to see if your desired username or vanity url is still available at dozens of popular Social Networking and Social Bookmarking websites.
- Scythe – The ability to test a range of email addresses (or account names) across a range of websites (e.g. social media, blogging platforms, etc…) to find where those “targets” have active accounts.
Of course, you also have the popular social networks as well:
And also eCommerce related sites:
If you have others you use, please comment below and we will add them to the list for a follow-up blog. Thanks for visiting us…