XRay: a great network OSINT gathering tool

Really useful in the first phases of a penetration test XRay is a tool for network OSINT gathering developed by Simone Margaritelli, useful to make initial tasks of information gathering and network mapping. It make a bruteforce of subdomains using a wordlist and DNS requests, and for every subdomain/ip found retrieves from Shodan the open…

Google Dorks, a brief list of resources

Google hacking for fun and profit In 2002, Johnny Long began to collect interesting Google search queries that uncovers vulnerable systems or sensitive information, and calls them “Google dorks”. We identify with “Google Dorking” the method for finding vulnerable targets using the google dorks in order to obtain usernames and passwords, email lists, sensitive documents and…

Vulnerabilities and Exploits, my own list of OSINT resources

Website and mailing lists: any other suggestions would be very welcome. Today i’m glad to share a list of OSINT sources focused on Exploits and Vulnerabilities search. Enjoy! CVEdetails “The ultimate security vulnerability datasource” CVE.mitre Common Vulnerabilities and Exposures is a dictionary of common names for publicly known cybersecurity vulnerabilities. CVE’s common identifiers make it easier…

OSINT Tools for Fact Checking

My own list Another (brief) list of OSINT sources, this time focused on fact checking services. Fact-Check Investigate (an issue) in order to verify the facts. ‘I didn’t fact-check the assertions in the editorial’ ‘reporters can’t be expected to fact-check every quotation’ Source Here the list About Urban Legends Debunk urban legends, fake news sites, and internet hoaxes CheckdeskCheck…

Open Source Intelligence tools for social media: my own list

A constantly updated list of OSINT Sources   I continue the publication of my lists of OSINT sources, this time with a list focused on social networks public data. Twitter AllMyTweets View all tweets from any Twitter user on one page. Backtweets A twitter time machine which enables you to search through a tweet history for…