Find Juicy Data on Your Targets Using the OSINT Framework

June 28, 2016 | Views: 9261

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Greetings to all,

Let’s talk about the OSINT Framework. It’s quite interesting to search sources on an open information resource. The classification of themes and objectives is vast and offers many ideas on different investigations, based on the OSINT field. Besides knowing the different resources proposed in the OSINT Framework, it’s an important tool for a penetration tester – the OSINT Framework can be used at the Footprinting stage.

The OSINT Framework provides interesting classifications. Click on each node to see sites where you can access information. User searches, finding email addresses, IP addresses, multimedia resources and social networking profiles are typical on OSINT.

I discovered a large number of resources and sources thanks to this collection. As a simple example, we can find the “Email Address” in the Data Breach branch. There are two resources, and we could also add sites like Have I Been Pwned?

The categories of domain names and IP addresses provide sites where users can obtains lot of information. Regarding IP addresses, we see sources of information about: reputation, geolocation, open ports, IPv4 and IPv6, including maps wireless networks. A source of information as https://scans.io/ could fit into the subcategory “Open Ports” of “IP Address.”

With domain names, there are interesting subcategories that provide information on domains. The Whois, a classic, shows the reputation of the domains, sub-domains stored own domains, and so on. One that strikes me is the subcategory “vulnerabilities,” where we find sites like Shodan, Zone-H or XSSPosed.

Let’s look at social networks. Facebook and Twitter have different functions and information sources available, depending on what you want. In Facebook we have the ability to search photographs, accounts, files and people through the Facebook people directory. With Twitter, we have the ability to search patterns, users, and locations geolocations, etc.. This info can be extracted to produce a large amount of information through these sites.

The “Code Search” presents sites that allow you to search millions of lines of code. It can search companies, projects and unsafe features, such as OSB made Rastreator or Gitrob. Gitrob is among the tools recommended in “Code Search.”

The OSINT Framework shows the world of Open Source Intelligence is very large. We can have open sources of any kind. All that matters is how we process the information and intelligence they bring.

Are you considering researching a large volume of public information? You know where to look: http://osintframework.com/

 

I hope you like the article….

Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
3 Comments
  1. Thanks.

  2. Thank you!

  3. Great article , thank you.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel