Greetings to all,
Let's talk about the OSINT Framework. It's quite interesting to search sources on an open information resource. The classification of themes and objectives is vast and offers many ideas on different investigations, based on the OSINT field. Besides knowing the different resources proposed in the OSINT Framework, it's an important tool for a penetration tester
- the OSINT Framework can be used at the Footprinting
stage.The OSINT Framework provides interesting classifications. Click on each node to see sites where you can access information. User searches, finding email addresses, IP addresses, multimedia resources and social networking profiles are typical on OSINT.I discovered a large number of resources and sources thanks to this collection. As a simple example, we can find the "Email Address" in the Data Breach branch. There are two resources, and we could also add sites like Have I Been Pwned?
The categories of domain names and IP addresses provide sites where users can obtains lot of information. Regarding IP addresses, we see sources of information about: reputation, geolocation, open ports, IPv4 and IPv6, including maps wireless networks. A source of information as https://scans.io/
could fit into the subcategory "Open Ports"
of "IP Address."
With domain names, there are interesting subcategories that provide information on domains. The Whois, a classic, shows the reputation of the domains, sub-domains stored own domains, and so on. One that strikes me is the subcategory "vulnerabilities," where we find sites like Shodan
.Let's look at social networks. Facebook and Twitter have different functions and information sources available, depending on what you want. In Facebook we have the ability to search photographs, accounts, files and people through the Facebook people directory. With Twitter, we have the ability to search patterns, users, and locations geolocations, etc.. This info can be extracted to produce a large amount of information through these sites.The "Code Search"
presents sites that allow you to search millions of lines of code. It can search companies, projects and unsafe features, such as OSB
Gitrob is among the tools recommended in "Code Search."The OSINT Framework shows the world of Open Source Intelligence is very large. We can have open sources of any kind. All that matters is how we process the information and intelligence they bring.Are you considering researching a large volume of public information? You know where to look: http://osintframework.com/
I hope you like the article....