Gerald Auger, Ph.D. Profile picture
Passionate About Cybersecurity | Sharing Passion to Help Individuals Discover, Engage, and Level Up A Cyber Career | Tweets Sharing Cyber Tips, Tools, Love💙

Sep 30, 2022, 14 tweets

Recon is the first step in the Cyber Kill Chain, but what tools to start with?

Let's Kickoff your OSINT toolbox with these 10 website OSINT tools that rock

Let's start with a banger that I just found out about ...
#cybersecurity #OSINT #pentesting

[1] TINFOLEAK tinfoleak.com

This site allows you to Search for Twitter users leaks 😱

Basic info about a Twitter user (name, picture, location, followers, etc.)

Devices and OS and much more.

[2] Shodan! shodan.io

Shodan is a search engine scanning the entirety of the internet for connected devices. 🌎

Arguably my favorite and one that every #cybersecuirty pro should know both for recon and for educating end users on 'whats out there!'

[3] BuiltWith builtwith.com

BuiltWith® covers 60,940+ internet technologies which include analytics, advertising, hosting, CMS and many more. ⚒️

Basically it will allow you to plugin a website and see what the tech stack is under it.

[4] Google (Dorking) Google.com

Google is a powerful search engine, but power users know how to really utilize it. 🔍

Keywords you can elicit very interesting OSINT from it. Check out this link for how to utilize Google for OSINT

securitytrails.com/blog/google-ha…

[5] ZoomEye zoomeye.org

China based Internet resource aggregator.👀

Per ZoomEye, its dataset is based on a large number of global surveying and mapping nodes, according to the global IPv4, IPv6 address and website domain name database. Think Shodan, but different.

[6] OSINT Framework osintframework.com

Great starting point mindmap of various OSINT tools and resources. 🖼️

This one is a bit meta on this list as its less of an OSINT tool and more of a repo of OSINT tools. Still awesome

[7] Email OSINT with Hunter.io hunter.io

Straight simple tool. You drop in a business domain and it pops out likely email naming convention based on OSINT. Tie this with 📨

LinkedIN and you can likely derive folks business email.

[8] Reverse Image Search TinEYE tineye.com

Cool tool to have in the back pocket, TinEye allows you upload an image and find other instances of it on the Internet. 📷

Useful if you're trying to build out a network or get leads with a pic.

[9] Business lookup aihitdata.com

Want to get info on a business or find other businesses in the same area as a client. 🏭

This quick and simple tool will help you with that.

[10] SOCK Puppet Helper - thispersondoesnotexist.com

If you need a picture of a person but want to avoid privacy issues, and you're in a rush, this site will instantly generate someone that's completely virtual. Perfect for your sock puppets! 🥺

[BONUS Material] I'm not a pentester, so my use of OSINT tools isn't to the max, but considering following these accounts for conversations of this nature or just GREAT cybersecurity content: @thecybermentor @bettersafetynet @C_3PJoe @_JohnHammond @vxunderground @GossiTheDog 💪

@thecybermentor @bettersafetynet @C_3PJoe @_JohnHammond @vxunderground @GossiTheDog That's a wrap!

If you enjoyed this thread:

1. Follow me @Gerald_Auger for more of these
2. RT the tweet below to share this thread with your audience

SimplyCyber.io for a ton more free #cybersecurity resources. 💙

If you like this tweet, you'll love my exclusive email that helps you crush work, delivering 3 actionable cyber tasks every Monday morning to your inbox.

Join here: simplycyber.io/newsletter

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling