Really useful in the first phases of a penetration test XRay is a tool for network OSINT gathering developed by Simone Margaritelli, useful to make initial tasks of information gathering and network mapping. It make a bruteforce of subdomains using a wordlist and DNS requests, and for every subdomain/ip found retrieves from Shodan the open […]
Using OSINT sources for penetration testing In early stages of a penetration test is a best practice the gathering of the most detailed information about the target, also using public data and search engines.
Google hacking for fun and profit In 2002, Johnny Long began to collect interesting Google search queries that uncovers vulnerable systems or sensitive information, and calls them “Google dorks”. We identify with “Google Dorking” the method for finding vulnerable targets using the google dorks in order to obtain usernames and passwords, email lists, sensitive documents and […]
Website and mailing lists: any other suggestions would be very welcome. Today i’m glad to share a list of OSINT sources focused on Exploits and Vulnerabilities search. Enjoy! CVEdetails “The ultimate security vulnerability datasource” CVE.mitre Common Vulnerabilities and Exposures is a dictionary of common names for publicly known cybersecurity vulnerabilities. CVE’s common identifiers make it easier […]
My own list Another (brief) list of OSINT sources, this time focused on fact checking services. Fact-Check Investigate (an issue) in order to verify the facts. ‘I didn’t fact-check the assertions in the editorial’ ‘reporters can’t be expected to fact-check every quotation’ Source Here the list About Urban Legends Debunk urban legends, fake news sites, and internet hoaxes CheckdeskCheck […]