OSINT Collections and tools || Check Lists
| Site | Description |
|---|---|
| WebCheck | An all-in-one tool for discovering information about a website or host. |
| CIRCL - AIL Framework | The Analysis Information Leak (AIL) framework for analyzing leaks of sensitive information. |
| Leakcorp.com | An online community focused on discussions and information related to data breaches. |
| Leaked.site | A platform to check if your email or data has been compromised. |
| Leakedsource.ru | A resource for accessing data from past data breaches. |
| Hashes.org | A repository for cryptographic hash values commonly used in password cracking. |
| Dehashed.com | A platform offering access to breached databases and password cracking services. |
| Joe.black/leakengine.htm | A website related to data leak analysis and information. |
| Intelx.io | An intelligence search engine providing access to various data sources. |
| Weleakinfo.to | A site known for sharing information from various data breaches. |
| Metagoofil | A tool for extracting metadata from public documents (PDF, DOC, XLS, PPT, etc.) available on the web. |
| Scatteredsecrets.com | A service that searches for exposed personal data and credentials. |
| Maltego | A comprehensive tool for gathering information from various public sources and visualizing the relationships between entities. |
| ZoomEye | A search engine for cyberspace, enabling searches for specific network components and vulnerabilities. |
| Private-base.info | A source for leaked databases and personal information. |
| IntelTechniques | A website offering various OSINT tools and resources for online investigations. |
| Leak-lookup.com | A tool to check if your personal information is part of any public data breaches. |
| DataSploit | An OSINT framework to perform various reconnaissance techniques on companies, individuals, and employees. |
| Haveibeenpwned.com | A widely recognized tool for checking if your email has been involved in data breaches. |
| Shodan | A search engine allowing users to find specific types of computers, services, and information connected to the internet. |
| Ghostproject.fr | A French website known for sharing data from various breaches. |
| Snusbase.com | A database of leaked credentials and data, useful for security and research. |
| Leakcheck.net | Another website to check if your email has been part of a data breach. |
| Services.normshield.com | A service offering cybersecurity solutions and breach monitoring. |
| Leakpeek.com | A platform providing insights into leaked data and breaches. |
| SpiderFoot | An open-source OSINT automation tool for gathering data from various sources for reconnaissance purposes. |
| Gephi | An open-source platform for visualizing and analyzing large networks, useful for understanding social connections. |
| TheHarvester | A tool for gathering information like email addresses, subdomains, hosts, employee names, open ports, and banners from different public sources. |
| Leakcheck.io | A tool to verify if your email address has been involved in data breaches. |
| Leak-sx | A platform known for sharing information about data leaks and breaches. |
| Breachchecker.com | A website for checking if your email address has been compromised in data breaches. |
| Haveibeensold.app | A service helping you check if your personal data is being sold online. |
| FOCA | A tool for metadata analysis and information gathering from public documents, including Word, PDF, and PowerPoint files. |
| Pipl | A people search engine that allows you to find detailed information about a person based on their online presence. |
| Leakcheck.io | A tool to verify if your email address has been involved in data breaches. |
| Leak-sx | A platform known for sharing information about data leaks and breaches. |
| Breachchecker.com | A website for checking if your email address has been compromised in data breaches. |
| Haveibeensold.app | A service helping you check if your personal data is being sold online. |
| FOCA | A tool for metadata analysis and information gathering from public documents, including Word, PDF, and PowerPoint files. |
| Pipl | A people search engine that allows you to find detailed information about a person based on their online presence. |
| PeekYou | A search engine that provides comprehensive people search, including social media profiles and public records. |
| IntelTechniques | A website offering various OSINT tools and resources for online investigations. |
| Echosec | A social media monitoring platform that enables real-time threat detection by analyzing publicly available social media posts. |
| Recon-ng | A full-featured web reconnaissance framework written in Python, providing a powerful environment for conducting reconnaissance. |
| TheHarvester | A tool for gathering information like email addresses, subdomains, hosts, employee names, open ports, and banners from different public sources. |
| Echosec | A social media monitoring platform that enables real-time threat detection by analyzing publicly available social media posts. |
| Recon-ng | A full-featured web reconnaissance framework written in Python, providing a powerful environment for conducting reconnaissance. |
| Echosec | A social media monitoring platform that enables real-time threat detection by analyzing publicly available social media posts. |
| Recon-ng | A full-featured web reconnaissance framework written in Python, providing a powerful environment for conducting reconnaissance. |
| Echosec | A social media monitoring platform that enables real-time threat detection by analyzing publicly available social media posts. |
| Recon-ng | A full-featured web reconnaissance framework written in Python, providing a powerful environment for conducting reconnaissance. |
Check lists for OSINT
Information Gathering
Define Objectives
- Clearly define the objectives and scope of the OSINT investigation.
Legal Considerations
- Ensure compliance with legal and ethical guidelines.
- Respect privacy and terms of service.
Target Identification
- Identify the target(s) or subject(s) of the investigation.
Online Sources
Search Engines
- Conduct online searches using search engines like Google, Bing, and DuckDuckGo.
Social Media
- Search for information on social media platforms (e.g., Facebook, Twitter, LinkedIn, Instagram, etc.).
Forums and Communities
- Explore relevant forums, discussion boards, and online communities.
Blogs and Personal Websites
- Look for blogs and personal websites related to the target.
News Articles
- Search for news articles or mentions related to the target.
Public Records
- Access public records, such as property records, court documents, and business registrations.
WHOIS Lookup
- Use WHOIS databases to gather information about domain registrations.
- Tool: WHOIS Lookup
DNS Enumeration
- Enumerate DNS records to identify subdomains and related services.
Email Addresses
- Search for email addresses associated with the target.
Social Engineering
Phishing
- Use ethical phishing techniques to gather information (obtain informed consent).
In-Person Engagement
- Attend events, conferences, or gatherings where the target may be present.
Dark Web
Dark Web Monitoring
- If relevant, monitor dark web marketplaces and forums for mentions of the target.
Onion Sites
- Explore Tor network (.onion) sites for hidden information.
Tools and Resources
OSINT Tools
- Utilize OSINT tools and frameworks for automated data collection.
- Tools: Maltego, theHarvester, SpiderFoot
Wayback Machine
- Check archived web pages for historical data.
- Tool: Wayback Machine
Google Dorks
- Use advanced Google search operators to refine search results.
Social Media Scraping
- Employ tools or scripts to scrape social media profiles and content.
Publicly Available Data
- Explore public datasets, such as data.gov and data repositories.
APIs
- Access APIs of social media platforms or data providers for information retrieval.
Verification
Cross-Reference Data
- Verify information from multiple sources to ensure accuracy.
Source Reliability
- Assess the reliability and credibility of information sources.