Information gathering

Table of contents
  1. Command line tools
  2. Online tools
  3. Full OSINT Frameworks

Command line tools

From Use
Email holehe $email
  ghunt email $email (for google account)
  gh-recon --email $email (for github account)
Domain theHarvester -d $domain -l 100
  theHarvester -d $domain -l 100 -b all (full)
Username sherlock $username
Image exiftool $imagePath
Instagram instaloader profile $username
Github trufflehog github --org=$usernameOrOrg>
  gh-recon --username $username

Online tools

For Use
Visualiser OSINTracker
IP Shodan
  Censys
Domain Whois
Name Webmii
  BreachDirectory
  LeakLookup
  IntelX
SSID Wigle
Image PimEyes
  TinEye
  Pic2Map (exif geolocation)
Username DeHashed
  BreachDirectory
  IntelX
  LeakLookup
  Oathnet
Email DeHashed
  Hunter
  HaveIBeenPwned
  BreachDirectory
  LeakLookup
  IntelX
  Oathnet
Phone Epieos
Misc Goosint
  OSINT Framework
  OSINT Dojo

Full OSINT Frameworks

  • Recon-ng is a modular Python framework for automating OSINT collection via many built-in modules
  • SpiderFoot is an open-source tool aggregating dozens of data sources to profile domains, IPs, or identifiers