Advanced Search
Search Results
34 total results found
Open Technical Infomation
HackerOne
https://hackerone.com/bug-bounty-programs Bug Bounty Programs Bug bounty programs offer monetary rewards to ethical hackers for successfully discovering and reporting a vulnerability or bug to the application's developer. Bug bounty programs allow companies ...
Nikto
https://github.com/sullo/nikto Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 serv...
CNAME Records
Maltego
https://www.maltego.com/ Maltego is an open source intelligence and graphical link analysis tool for gathering and connecting information for investigative tasks. Maltego is a Java application that runs on Windows, Mac and Linux.
Recon-ng Framework
https://github.com/lanmaster53/recon-ng Recon-ng is a full-featured reconnaissance framework designed with the goal of providing a powerful environment to conduct open source web-based reconnaissance quickly and thoroughly. Recon-ng has a look and feel simil...
Ahmia.fi
Tor search engine out of scope for this round
Wayback Machine
theHarvester
https://github.com/laramies/theHarvester theHarvester is a simple to use, yet powerful tool designed to be used during the reconnaissance stage of a redteam assessment or penetration test. It performs open source intelligence (OSINT) gathering to help determi...
TinEye
https://tineye.com/ for researching images online. If you have an image on your local device, you can upload it into TinEye and see if and how that image is being used on the web.
OSINT Framework
https://osintframework.com/ OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources. Some of the sites included might require registration or offer more data for $$$, but you sho...
What is OSINT?
OSINT stands for open source intelligence. The “open source” part refers to publicly available information, and “intelligence” refers to finding relationships between individual pieces of information from which we can create specific patterns and profiles a...
References
https://attack.mitre.org/ https://attack.mitre.org/tactics/TA0043/
Consists of
Active Scanning Scanning IP Blocks Vulnerability Scanning Wordlist Scanning Gather Host Information Hardware Software Firmware Confguration Identity Information Credentials Email Addresses Employee Names Network Information ...