OSINT

Useful Websites

• The holy bible https://osintframework.com/

• Wifi Connections: https://wigle.net/

• Pull LetsEncrypt Certs: https://crt.sh

• Default passwords: https://default-password.info/

• DNS Info: https://dnsdumpster.com/

• More DNS stuff: https://intodns.com/

• DNS Whois: https://who.is/

• Photo Forensics: https://29a.ch/photo-forensics/#noise-analysis

• Google dork cheatsheet: sundowndev

• Google Earth: https://earth.google.com/

• Custom Google Maps: https://www.google.com/maps/d/u/0/?hl=en

Scripts / tools

• Phone number info: PhoneInfoga.py https://github.com/sundowndev/PhoneInfoga

• Profile Name Checker: Sherlock.py https://github.com/sherlock-project/sherlock

• metadata viewer: https://exiftool.org/

• Keeping Track of everything: https://www.maltego.com/

• Crawler: https://github.com/s0md3v/Photon

• DNS info: whois <domain name or ip>

• theHarvester

• https://hunter.io/

Phishing

You can hide the origin of a URL by first lengthening the URL then shortening it. Adds a layer of obscurity and hides origin from discord embeds.

• URL Lengthener https://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com/

• IP Grabber https://grabify.link/

Social Engineering

• You can validate a lot of information by making a phone ring.

• Provide incorrect information, and people will correct you