Cyber Detective💙💛 Profile picture
Sep 6, 2021 14 tweets 9 min read Read on X
From this thread thread you will learn about 12 key #OSINT-services for gathering information about a website.

I'll show them with an example of most famous russian search engine "yandex.ru" and it's subdomains.
Step #1

Collect basic information about domain

IP address lookup, whois records, dns records, ping, traceroute, NSlookup.

centralops.net
Step 2

Find out what technology was used to create the site: frameworks, #javascript libraries, analytics and tracking tools, widgets, payment systems, content delivery networks etc.

builtwith.com
Step 3

Get a list of sites belonging to the same owner (having the same Yandex.Metrika and Google Analytics counter numbers, as well as other common identifiers)

builtwith.com/relationships/

Find sites with the same Facebook App ID

analyzeid.com
Step 4

Map subdomains.

dnsdumpster.com/#domainmap
Step 5

Looking for email addresses associated with the domain or subdomains

hunter.io/search/

or

snov.io/email-finder
Step 6

Collect data on search engine rankings and approximate traffic.

alexa.com/siteinfo/
similarweb.com
Step 7

Download documents (PDF, docx, xlsx, pptx) from the site and analyze their metadata. This way you can find the names of the organization's employees, user names in the system and emails.

github.com/laramies/metag…
Step 8

Use Google Dorks to look for database dumps, office documents, log files, and potentially vulnerable pages.

dorks.faisalahmed.me
Step 9

Calculate a website fingerprint for searching it in Shodan, Censys, BinaryEdge, Onyphe and others "hackers" search engines.

mmhdan.herokuapp.com
Step 10

Looking for old versions of the site in archives and caches of search engines (sometimes in this way you can find addresses and contact information of the owners, which are currently already hidden from the site).

cipher387.github.io/quickcacheanda…
Step 11

Partially automate the process of finding important data in the archives. Download archive copies of pages from web.archive.org with Waybackpack
github.com/jsvine/wayback…
Search it for phone numbers, emails and nicknames using Grep for OSINT
github.com/cipher387/grep…
Step 12

Find out the approximate geographical location of the site

iplocation.net/ip-lookup

(There is a separate 12-step thread about gathering information about a place)

This short thread is over.

But there are dozens of times more tools for gathering information about domains. In my OSINT-collection there are already more than 60 of them:

cipher387.github.io/osint_stuff_to…

Follow @cyb_detective to learn about new tools every day.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Cyber Detective💙💛

Cyber Detective💙💛 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @cyb_detective

Jun 9
One Million Dorks

A repository with text files containing a million dorks for finding potentially vulnerable web pages and sensitive data (in Google and other search engines).

Can be used with various automation tools.



Contributor @hack0Shiv github.com/HackShiv/OneDo…
Image
Read 7 tweets
Oct 17, 2023
#socmint cheatsheets from @Haax9_:

Google
LinkedIn
Twitter
Facebook
Instagram
Snapchat
TikTok
Tinder
Github
Reddit
Tumblr
Amazon & Digital Ocean Buckets
Parler

🧵🧵🧵⬇️⬇️
Google OSINT Cheatsheet



🧵🧵🧵⬇️⬇️

⚠️Some techniques may be outdated or may not work for all accounts⚠️ cheatsheet.haax.fr/open-source-in…
Image
Linkedin OSINT Cheatsheet



🧵🧵🧵⬇️⬇️

⚠️Some techniques may be outdated or may not work for all accounts⚠️ cheatsheet.haax.fr/open-source-in…
Image
Read 16 tweets
Aug 20, 2023
15 reverse face image search tips

- search engines
- AI image editing tools to enhance the quality of search results
- how to reverse face image search without photos
- quick face search on video
- protect yourself

🧵🧵🧵

#osint #socmint Image
When searching on Google, use not only Lens, but also the OLD image search (which gives very different results). You can access it using this tool:



🧵 1 googlelens.imagesniper.eu
Image


A very good tool for searching for faces and images in general, which is often more effective than Google. It also recognises text in images and translates it.

🧵 2 yandex.ru/images/
Image
Read 17 tweets
Mar 17, 2023
Is it possible to use neural networks to create a whole series of photos of one person for a fake social network profile ("sock puppet")?

I show by examples the possible way of solving the problem (this is not an easy way ).

🧵🧵🧵
In order to successfully pretend to be another person on the Internet, you need a series of photos in different places and different clothes. But it's a lot of work to make these (even with AI).

First, let's create a photo of a person's face.

huggingface.co/spaces/stabili…
Now let's try to combine this photo with different images of other men using UnCLIP_Image_Interpolation_Demo.

If you try many different variants and adjust step 12, there is a chance of getting some good-looking variants.

huggingface.co/spaces/NagaSai…
Read 7 tweets
Mar 17, 2023
Sometimes I do threads about members of the OSINT-community. For example, you may have already read about @Sox0j or @rly0nheart.

Today I want to talk about 9 tools lists made by @SerScorza, #osint and #dfir specialist from Italy.

🧵🧵🧵
Read 10 tweets
Mar 8, 2023
The #osint community includes participants from all over the world and every country has something to learn from.

6 tips for working with presentations and video reports in foreign languages

(1/7)🧵🧵🧵
You can take the easy way and just translate the presentation file using one of the many online services:

doctranslator.com/translate-ppt/
onlinedoctranslator.com
products.aspose.app/pdf/translate/…

But often this leads to poor quality results. But for some situations it is quite good.

(2/7)🧵
It is better to extract text from a presentation so you can translate it later with more advanced translators. This can be done with the help of these services:

products.aspose.app/slides/parser
zamzar.com/convert/pptx-t…
convertio.co/ppt-txt/

(3/7)🧵
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(