Recon

Reconnaissance is the phase where the attacker has to collect as much information as possible about his victim, for this there are many tools and methodologies.

Emails, Domains, Users & URLs

Hunter.io

Hunter.io is a web application that allows from the company's domain to search for emails and then make a Phishing Attack on them.

Phonebook

Phonebook.cz is another application that performs searches for emails, URLs and domains like hunter.

Intelligence X

Intelligence X has a large database of breaches, for which current credentials can be obtained for a fee.

Images & Persons

PimEyes

PimEyes is a reverse engineering search engine in images of people.

Google Lens

Google lens is also a great search engine for images of all kinds.

LinkedIn

LinkedIn can also indirectly provide us with information about employers and their presumed hierarchies within the company.

Subdomains & Directories

Phonebook.cz

Lots of subdomains for famous sites. Enlace

CTFR

This proyect of github has a tool that passively harvests subdomains

Gobuster

Gobuster is a pre-installed tool in Kali and Parrot that allows you to enumerate Directories, Subdomains and more, using pre-installed dictionaries.

Wfuzz

Wfuzz is also a tool very similar to Gobuster, they change only in some aspects.

Credentials & Breaches

Dehashed

Dehashed is a large database with millions of company data.

Technologies in a Web

Wappalyzer

Wappalyzer is an ADD-ON that provides information about the website you are on.

BuiltWith

BuiltWith is a web site that provides information on what technologies a web site uses.

Whatweb

Whatweb is a pre-installed tool in Kali and Parrot that gives us the same information as the two pages above.

Google Dorks / Google Hacking

Google hacking refers to an advanced search technique using Google filters.

Pentest-Tools

Pentest-tools is a site that offers this advanced search much faster and predefined with filters.

OSINT Pages

This page contains all kinds of tools and APIs that collect public information, from security cameras to data breaches.

The best OSINT Tools:

  1. CheckUserNames

  2. BeenVerified

  3. Censys

  4. BuiltWith

  5. Google Dorks

  6. Maltego

  7. Recon-Ng

  8. theHarvester

  9. Shodan

  10. Jigsaw

  11. SpiderFoot

  12. Creepy

Ver documentación completa: https://securitytrails.com/blog/osint-tools

Previous¿Start in Hacking?NextEnumeration/Scan

Last updated

Was this helpful?