mirror of
https://github.com/Jieyab89/OSINT-Cheat-sheet.git
synced 2026-01-12 21:13:38 -08:00
416 lines
12 KiB
Markdown
416 lines
12 KiB
Markdown
# OSINT CHEAT SHEET
|
||
|
||
[](https://github.com/Jieyab89)
|
||
|
||
OSINT RESOURCES DATASET
|
||
|
||
# SOCMINT
|
||
|
||
- [Instagram](https://github.com/Datalux/Osintgram)
|
||
Be carefull using this tool
|
||
|
||
- [SOCMINT tool](https://osint.support/chrome-extensions/2019/09/29/osint-socmint-tooling.html)
|
||
- [Graph Search](http://socmint.tools/graph.htm)
|
||
|
||
# Collection Dataset
|
||
|
||
- [Kaggle](https://www.kaggle.com/)
|
||
|
||
|
||
# Forums
|
||
|
||
- [Bellingcat Discord](https://discord.com/invite/nTaNPmz)
|
||
- [Independent OSINT](https://discord.com/invite/2DGJ2EC)
|
||
- [OSINT.Team](https://osint.team)
|
||
- [Seccodeid](https://forum.seccodeid.com)
|
||
- [/r/OSINT](https://www.reddit.com/r/OSINT)
|
||
- [TraceLabs Slack](https://tracelabs.slack.com)
|
||
|
||
|
||
# General Search
|
||
|
||
- [ASK](http://www.ask.com)
|
||
- [Baidu](http://www.baidu.com)
|
||
- [DuckDuckGo](https://duckduckgo.com)
|
||
- [Yandex](https://www.yandex.com)
|
||
- [Infospace](http://www.infospace.com)
|
||
|
||
# Meta Search
|
||
|
||
- [100SearchEngines](https://www.100searchengines.com)
|
||
- [Bing vs. Google](http://bvsg.org)
|
||
- [DADgogo](http://dadgogo.com)
|
||
- [Etools](http://www.etools.ch)
|
||
- [WebCrawler](http://www.webcrawler.com)
|
||
|
||
# Code Search
|
||
|
||
- [Chromium Code Search](https://source.chromium.org/chromium)
|
||
- [Android Code Search](https://cs.android.com)
|
||
- [Code Finder](http://codefinder.org)
|
||
- [CodeSeek](https://www.codeseek.co)
|
||
- [Debian Code Search](http://codesearch.debian.net)
|
||
- [Scala](https://www.programcreek.com/scala)
|
||
- [SearchCode](https://searchcode.com)
|
||
- [SourceCodeOnline](http://www.sourcecodeonline.com)
|
||
- [Woboq](https://code.woboq.org)
|
||
|
||
# Competitive Programming
|
||
|
||
- [Hackerrank](https://www.hackerrank.com/)
|
||
- [Code chef](https://www.codechef.com/)
|
||
- [Code war](https://www.codewars.com/)
|
||
|
||
# File & FTP
|
||
|
||
- [Archie](http://archie.icm.edu.pl/archie_eng.html)
|
||
- [4shared](https://www.4shared.com)
|
||
- [FileSearching](http://www.filesearching.com)
|
||
- [File chef](https://www.filechef.com)
|
||
- [Global File Search](http://globalfilesearch.com)
|
||
- [Search Shared](https://www.searchshared.info)
|
||
- [MMNT](http://www.mmnt.ru)
|
||
|
||
# Social Media Search and Monitoring
|
||
|
||
- [AIDR](http://aidr.qcri.org)
|
||
- [Awario](https://awario.com)
|
||
- [Brand24](https://brand24.com)
|
||
- [Mention](https://mention.com)
|
||
- [Samdesk](https://www.samdesk.io)
|
||
- [Social Links](https://www.mtg-bi.com)
|
||
|
||
# Social Media Management and Content Discovery
|
||
|
||
- [Agora pulse](https://www.agorapulse.com)
|
||
- [Buffer](https://buffer.com)
|
||
- [Coosto](https://www.coosto.com)
|
||
- [Falcon](https://www.falcon.io)
|
||
- [tailwind](https://www.tailwindapp.com)
|
||
- [Revive Social](https://revive.social)
|
||
|
||
# Web Intelligence
|
||
|
||
- [Better Whois](http://www.betterwhois.com)
|
||
- [DNS History](http://dnshistory.org)
|
||
- [DNS Spy](https://dnsspy.io)
|
||
- [DNS Checker](https://dnschecker.org)
|
||
- [HackerTarget](https://hackertarget.com/ip-tools)
|
||
- [Shodan](https://www.shodan.io)
|
||
|
||
# Analysing URLs
|
||
|
||
- [unfurl](https://github.com/obsidianforensics/unfurl)
|
||
|
||
# Researching Cyber Threats
|
||
|
||
- [Apility.io](https://apility.io)
|
||
- [Alien Vault](https://otx.alienvault.com)
|
||
- [AutoShun](https://www.autoshun.org)
|
||
- [Blacklist Check Tool](http://www.blchecktool.com)
|
||
- [Censys](https://censys.io)
|
||
- [CVE Details](https://www.cvedetails.com)
|
||
- [IBM X-Force Exchange](https://exchange.xforce.ibmcloud.com)
|
||
- [JoeSandbox Cloud](https://www.joesandbox.com)
|
||
- [Is It Hacked?](http://www.isithacked.com)
|
||
- [Is It Phishing](https://isitphishing.org)
|
||
- [Kaspersky Threat](https://opentip.kaspersky.com)
|
||
- [Malware Domain List](http://www.malwaredomainlist.com/mdl.php)
|
||
- [Malware URL Website](https://www.malwareurl.com/listing-urls.php)
|
||
- [Quttera](https://quttera.com)
|
||
- [Virus total](https://www.virustotal.com/gui/home/upload)
|
||
- [Virus Share](https://virusshare.com)
|
||
- [Web Cookies Scanner](https://webcookies.org)
|
||
|
||
# IoT Search Engines
|
||
|
||
- [LeakIX](https://leakix.net)
|
||
- [Binary Edge](https://www.binaryedge.io)
|
||
- [Purplepee.com](https://purplepee.co)
|
||
- [Shodan](https://www.shodan.io)
|
||
- [Shodan Filters](https://github.com/T43cr0wl3r/shodan-filters)
|
||
- [Shodan Scripts](https://github.com/random-robbie/My-Shodan-Scripts)
|
||
|
||
# IP Addresses
|
||
- [Whats my ip](https://whatismyipaddress.com/)
|
||
This tools can show your ip address isp provider
|
||
- [Ip 2 location](https://www.ip2location.com/)
|
||
This tools can show your ip address isp provider and geo location
|
||
|
||
# Wireless Network
|
||
- [Wigle](https://www.wigle.net/)
|
||
Maps and database of 802.11 wireless networks, with statistics, submitted by wardrivers, netstumblers, and
|
||
net huggers
|
||
|
||
# SOC or Threat Hunting
|
||
|
||
- [Alien Vault](https://otx.alienvault.com/)
|
||
- [Exploit db](https://www.exploit-db.com/)
|
||
|
||
# Dorking
|
||
Dorking is a wonderful thing, you can use this technique to search for anything such as index of a website, looking for live online camera server and other specifics, as for dorking commands that you can do for example
|
||
|
||
1. intitle: Search for specific titles
|
||
2. inurl: Search for specific urls or paths
|
||
3. intext: Search for specific words or contects
|
||
4. filetype: Search for files
|
||
5. site: Search from a specified target
|
||
6. Wildcard or symbol * (star) Find all web pages, for example: seccodeid*
|
||
7. Define:term Search for all things with specified terms, example define:seccodeid
|
||
8. cache page Take a snapshot of an indexed page. Google uses this to find the right page for the query you're looking for. Website or target specifically
|
||
|
||
example
|
||
> intext:"hacking" site:seccodeid.com
|
||
|
||
# Google Advanced Search Tools
|
||
|
||
- [Advanced google search](https://www.google.com/advanced_search)
|
||
- [Google Scholar](https://scholar.google.com)
|
||
- [Google Alerts](https://www.google.com/alerts)
|
||
- [Google Search History](https://myactivity.google.com/myactivity)
|
||
|
||
# Other Search Engines
|
||
|
||
- [us.searchboth.net](http://us.searchboth.net)
|
||
- [Archive.org](http://www.arhive.org)
|
||
- [Yandex](Yandex.com)
|
||
- [Pastebin](http://www.pastebin.com)
|
||
- [Topix.com](http://www.topix.com)
|
||
- [search.carrot2.org/stable/search](http://search.carrot2.org/stable/search)
|
||
- [Shodan](https://www.shodan.io/)
|
||
|
||
# Jurnals
|
||
|
||
- [sciencedirect](https://www.sciencedirect.com/)
|
||
- [Scopus](https://www.scopus.com/)
|
||
- [Sinta](https://sinta.kemdikbud.go.id/)
|
||
- [ieeexplore](https://ieeexplore.ieee.org)
|
||
|
||
# Crack Jurnals
|
||
|
||
- [SCI HUB](https://sci-hub.hkvisa.net/)
|
||
This domain will always change
|
||
|
||
# Blogs Search Engine
|
||
|
||
- [Google Blog](www.google.com/blogsearch)
|
||
- [technorati](www.technorati.com)
|
||
- [omgili.com](http://omgili.com/)
|
||
|
||
# DeepWeb Search Engines
|
||
|
||
- [thehiddenwiki](http://thehiddenwiki.org)
|
||
- [onion link](http://www.onion.link)
|
||
- [MEMEX]()
|
||
- [onion](https://onion.cab)
|
||
|
||
# Tracking Website Changes
|
||
|
||
- [Changedetection](http://www.changedetection.com)
|
||
- [Followthatpage](http://www.followthatpage.com)
|
||
|
||
# Company Reconnaissance Sites (Passive)
|
||
|
||
- [whois](http://www.whois.net)
|
||
- [Netcraft](http://www.netcraft.com)
|
||
|
||
# People Searching
|
||
|
||
- [spokeo](http://www.spokeo.com)
|
||
- [123people](http://www.123people.com)
|
||
- [zoominfo](http://www.zoominfo.com)
|
||
- [peepdb](http://www.peepdb.com)
|
||
- [reversegeni](http://www.reversegenie.com/plate.php)
|
||
- [PDDIKTI](https://pddikti.kemdikbud.go.id/)
|
||
- [SINTA](https://sinta.kemdikbud.go.id/)
|
||
|
||
# Phone Numbers
|
||
|
||
- [argali](http://www.argali.com)
|
||
- [ciddb](http://www.ciddb.com/index.php)
|
||
- [cellrevealer](http://www.cellrevealer.com)
|
||
- [spydialer](http://www.spydialer.com)
|
||
|
||
# Public Records
|
||
|
||
- [Public Record](http://publicrecords.searchsystems.net)
|
||
- [Fam Watchdog](http://Familywatchdog.us)
|
||
- [Crime Reports](http://www.crimereports.com)
|
||
|
||
# Finding Usernames
|
||
|
||
- [Namechk](http://www.namechk.com)
|
||
- [Knowem](http://www.knowem.com)
|
||
|
||
# Social Networks
|
||
|
||
- [Facebook](https://facebook.com/livemap)
|
||
- [Sherlock]()
|
||
|
||
# Google Queries for Facebook
|
||
|
||
> Group Search: site:facebook.com inurl:group
|
||
>
|
||
> Group Wall Posts Search: site:facebook.com inurl:wall
|
||
>
|
||
> Pages Search: site:facebook.com inurl:pages
|
||
>
|
||
> Public Profiles: allinurl: people ‘‘name’’ site:facebook.com
|
||
>
|
||
|
||
# Facebook Query Language (FQL)
|
||
|
||
- [Findmyfbid](http://www.findmyfbid.com/)
|
||
|
||
> Photos By - https://www.facebook.com/search/taget_id/photos-by
|
||
>
|
||
> Photos Liked - https://www.facebook.com/search/taget_id/photos-liked
|
||
>
|
||
> Photos Of - https://www.facebook.com/search/taget_id/photos-of
|
||
>
|
||
> Comments - https://www.facebook.com/search/taget_id/photos-commented
|
||
>
|
||
> Friends - https://www.facebook.com/search/taget_id/friends
|
||
>
|
||
> Videos Tagged - https://www.facebook.com/search/taget_id/videos
|
||
>
|
||
> Videos By - https://www.facebook.com/search/taget_id/videos-by
|
||
>
|
||
> Videos Liked - https://www.facebook.com/search/taget_id/videos-liked
|
||
>
|
||
> Videos Commented - https://www.facebook.com/search/taget_id/videos-commented
|
||
>
|
||
> Events Attended - https://www.facebook.com/search/taget_id/events-joined
|
||
>
|
||
> Relatives - https://www.facebook.com/search/taget_id/relatives
|
||
>
|
||
|
||
# The Ultimate Facebook Investigation Tool
|
||
|
||
- [Intel Technique](https://inteltechniques.com/osint/facebook.html)
|
||
|
||
# Twitter
|
||
|
||
- [search.twitter.com](https://twitter.com/search-home)
|
||
- [twitter advanced](https://www.twitter.com/search-advanced)
|
||
- [twitter who_to_follow](https://www.twitter.com/who_to_follow)
|
||
|
||
# Twitter Search Engines
|
||
|
||
- [tweetpaths](http://www.tweetpaths.com)
|
||
- [allmytweets](http://www.allmytweets.com)
|
||
- [Sleepingtime](http://www.sleepingtime.org)
|
||
- [twicsy](http://www.twicsy.com)
|
||
- [Twimemachine](https://www.twimemachine.com)
|
||
- [inteltechniques](http://inteltechniques.com/osint/twitter.html)
|
||
|
||
# LinkedIn
|
||
|
||
Google queries for LinkedIn
|
||
> Public Profiles: site:linkedin.com inurl:pub
|
||
>
|
||
> Updated Profiles: site:linkedin.com inurl:updates
|
||
>
|
||
> Company Profiles: site:linkedin.com inurl:companies
|
||
>
|
||
|
||
# MySpace
|
||
|
||
Google queries for MySpace
|
||
|
||
> Profiles: site: myspace.com inurl:profile
|
||
>
|
||
> Blogs: site:myspace.com inurl:blogs
|
||
>
|
||
> Videos: site:myspace.com inurl:vids
|
||
>
|
||
> Jobs: site:myspace.com inurl:jobs
|
||
>
|
||
> Videos: site:myspace.com ‘‘TARGET NAME’’ ‘‘videos’’
|
||
>
|
||
> Comments: site:myspace.com ‘‘TARGET NAME’’ ‘‘comments’’
|
||
>
|
||
> Friends: site:myspace.com ‘‘TARGET NAME’’ ‘‘friends’’
|
||
>
|
||
|
||
# Social Network Search Engines
|
||
|
||
- [kurrently](http://www.kurrently.com)
|
||
- [socialmention](http://www.socialmention.com)
|
||
- [whostalkin](http://www.whostalkin.com)
|
||
- [twoogel](http://www.twoogel.com)
|
||
- [social mention](http://www.mention.com)
|
||
- [whostalkin](http://www.whostalkin.com)
|
||
|
||
# Monitoring & Alerting
|
||
|
||
- [Pastebin Alerts](http://pastebin.com/u/alerts)
|
||
- [HaveIBeenPwned](http://www.haveIbeenpwned.com)
|
||
- [breachorclear](http://breachorclear.jesterscourt.cc)
|
||
|
||
# Images Search Engine
|
||
|
||
- [Images google](https://images.google.com)
|
||
- [Facesaerch](http://facesaerch.com/)
|
||
- [Tineye](http://www.tineye.com)
|
||
- [Flickr](http://Flickr.com/map)
|
||
- [7photos](http://www.7photos.net)
|
||
- [Worldc](http://www.worldc.am)
|
||
- [Yandex](https://yandex.com/images/)
|
||
|
||
# EXIF Analysis
|
||
|
||
- [regex](http://regex.info/exif.cgi)
|
||
- [FindExif](http://www.findexif.com)
|
||
- [metapicz](http://metapicz.com)
|
||
- [imageforensic](http://www.imageforensic.org)
|
||
- [metapicz](http://metapicz.com)
|
||
- [jimpl](https://jimpl.com/)
|
||
- [pic2map](https://www.pic2map.com/)
|
||
|
||
# Documents
|
||
|
||
- [Metashield Analyzer](https://metashieldanalyzer.elevenpaths.com/)
|
||
- [forensicswiki](http://www.forensicswiki.org/wiki/Document_Metadata_Extraction)
|
||
- [foca](https://www.elevenpaths.com/labstools/foca/index.html)
|
||
|
||
# Email Tracing
|
||
|
||
- [ip-adress](http://www.ip-adress.com/trace_email/)
|
||
- [whatismyipaddress](http://www.whatismyipaddress.com/trace-email)
|
||
|
||
# Tracking People
|
||
|
||
- [getnotify](http://www.getnotify.com)
|
||
|
||
# IoT – Internet of Things
|
||
|
||
- [Insecam](http://Insecam.org)
|
||
- [Shodan](https://Shodan.io)
|
||
|
||
# Shodan Query Options
|
||
|
||
> https://pen-testing.sans.org/blog/2015/12/08/effective-shodan-searches
|
||
>
|
||
> https://danielmiessler.com/study/shodan/#gs.VBVsyo0
|
||
>
|
||
|
||
# Capturing Information
|
||
|
||
- [DownloadHelper](https://www.downloadhelper.net/)
|
||
Firefox plugin that will assist in downloading all media from a website
|
||
- [Exif Viewer](https://addons.mozilla.org/en-US/firefox/addon/exif-viewer/)
|
||
- [HTTrack](https://www.httrack.com/)
|
||
|
||
# OSINT TOOLS
|
||
|
||
- [Shrelock]()
|
||
- [Maltego](https://www.maltego.com/)
|
||
- [OSINT Framework](https://osintframework.com/)
|
||
- [Creepy](https://www.geocreepy.com/)
|
||
- [Twint](https://forum.seccodeid.com/d/twint-twitter-intelligence-tool)
|
||
- [Telegram OSINT](https://forum.seccodeid.com/d/telegram-nearby-map)
|
||
- [Recon-Ng](https://github.com/lanmaster53/recon-ng)
|
||
- [Metagoofil](https://www.kali.org/tools/metagoofil/)
|
||
- [More](https://forum.seccodeid.com/?q=osint)
|