reconnaisance

tools

  • pdlist - pdlist is a passive subdomain finder written in python3. this tool can be used effectively to collect information about a domain without ever sending a single packet to any of its hosts.
  • pnrsh - view hidden information in airline reservations.
  • shorteners - search exposed shortened urls

osint

  • gitjack - leak git repositories from misconfigured websites
  • gitrob - gitrob is a tool to help find potentially sensitive files pushed to public repositories on github. gitrob will clone repositories belonging to a user or organization down to a configurable depth and iterate through the commit history and flag files that match signatures for potentially sensitive files.
  • infog - information gathering tool
  • intel techniques
  • lazyrecon - this script is intended to automate your reconnaissance process in an organized fashion
  • sniffpaste - pastebin osint harvester
  • spiderfoot - spiderfoot automates osint collection so that you can focus on analysis.
  • theharvester - e-mails, subdomains and names harvester - osint
  • th3inspector - best tool for information gathering
  • trape - people tracker on the internet: osint analysis and research tool
  • userrecon - find usernames across over 75 social networks

370mx0gln0k01.jpg

Figure 1: 370mx0gln0k01.jpg