search

Recon

Reconnaissance is the phase where the attacker has to collect as much information as possible about his victim, for this there are many tools and methodologies.

hashtag
Emails, Domains, Users & URLs

hashtag
Hunter.io

Hunter.ioarrow-up-right is a web application that allows from the company's domain to search for emails and then make a Phishing Attack on them.

hashtag
Phonebook

Phonebook.czarrow-up-right is another application that performs searches for emails, URLs and domains like hunter.

hashtag
Intelligence X

Intelligence Xarrow-up-right has a large database of breaches, for which current credentials can be obtained for a fee.

hashtag
Images & Persons

hashtag
PimEyes

PimEyesarrow-up-right is a reverse engineering search engine in images of people.

hashtag
Google Lens

Google lensarrow-up-right is also a great search engine for images of all kinds.

hashtag
LinkedIn

LinkedIn can also indirectly provide us with information about employers and their presumed hierarchies within the company.

hashtag
Subdomains & Directories

Phonebook.cz

Lots of subdomains for famous sites. Enlacearrow-up-right

CTFR

This proyect of githubarrow-up-right has a tool that passively harvests subdomains

Gobuster

Gobuster is a pre-installed tool in Kali and Parrot that allows you to enumerate Directories, Subdomains and more, using pre-installed dictionaries.

Wfuzz

Wfuzz is also a tool very similar to Gobuster, they change only in some aspects.

hashtag
Credentials & Breaches

hashtag
Dehashed

Dehashedarrow-up-right is a large database with millions of company data.

hashtag
Technologies in a Web

hashtag
Wappalyzer

Wappalyzerarrow-up-right is an ADD-ON that provides information about the website you are on.

hashtag
BuiltWith

BuiltWitharrow-up-right is a web site that provides information on what technologies a web site uses.

hashtag
Whatweb

Whatweb is a pre-installed tool in Kali and Parrot that gives us the same information as the two pages above.

hashtag
Google Dorks / Google Hacking

Google hacking refers to an advanced search technique using Google filters.

hashtag
Pentest-Tools

Pentest-toolsarrow-up-right is a site that offers this advanced search much faster and predefined with filters.

hashtag
OSINT Pages

This pagearrow-up-right contains all kinds of tools and APIs that collect public information, from security cameras to data breaches.

The best OSINT Tools:

  1. CheckUserNames

  2. BeenVerified

  3. Censys

  4. BuiltWith

  5. Google Dorks

  6. Maltego

  7. Recon-Ng

  8. theHarvester

  9. Shodan

  10. Jigsaw

  11. SpiderFoot

  12. Creepy

Ver documentación completa: https://securitytrails.com/blog/osint-tools

Previous¿Start in Hacking?NextEnumeration/Scan

Last updated