XRay: a great network OSINT gathering tool

Really useful in the first phases of a penetration test XRay is a tool for network OSINT gathering developed by Simone Margaritelli, useful to make initial tasks of information gathering and network mapping. It make a bruteforce of subdomains using a wordlist and DNS requests, and for every subdomain/ip found retrieves from Shodan the open…

Information gathering tools

Using OSINT sources for penetration testing In early stages of a penetration test is a best practice the gathering of the most detailed information about the target, also using public data and search engines.

Google Dorks, a brief list of resources

Google hacking for fun and profit In 2002, Johnny Long began to collect interesting Google search queries that uncovers vulnerable systems or sensitive information, and calls them “Google dorks”. We identify with “Google Dorking” the method for finding vulnerable targets using the google dorks in order to obtain usernames and passwords, email lists, sensitive documents and…