User Controls

What sort of tools would you want in an OSINT framework?

  1. #1
    Sophie Pedophile Tech Support
    So lately i've been writing a lot of OSINT oriented tools and i figured it might be cool to write a bunch and collect some more and combine them into an awesome open source intelligence framework. A lot of intel gathering is usually just googling for information that might come in handy. Of course with special search operators you can do all kinds of cool stuff with google and various other search engines. Which is why i wrote a tool to automate google dorking. I've written a CLI for Shodan as well and i am thinking i will write one for censys.io too.

    Furthermore i made a bot that gathers a list of name server IPs from public-dns.info and checks to see if they respond for zones for which they are none authoritative. In which case there is a good chance they're suitable for use in DNS Amplification DoS.

    Now i also saw a pastebin CLI on github and was thinking about integrating it into the framework as well, in order to look for pastes that might contain valuable information. On top of that, i figure i need a DB lookup tool as well. The guy from https://databases.today/ is building an API for his website so that might be worth my while. Although it would be pretty easy to just write a bot that searches for specific databases on it's own. So far i have also found an FB crawler and i was thinking i would incorporate "The Harvester" as well.


    In any case, got any ideas for other OSINT must haves tools? What would you add if you were planning an OSINT framework?

    Also if you are interested in one or more of the tools i already finished building go ahead and check them out below.

    Shodan CLI
    Dork Bot
    DNS checker


    Please let me know what you think, also feel free to contribute any tool you have made or may have laying around if you'd like.
  2. #2
    aldra JIDF Controlled Opposition
    what sort of information are you interested in mining?
  3. #3
    Sophie Pedophile Tech Support
    Originally posted by aldra what sort of information are you interested in mining?

    Everything, credentials, vulnerable web apps, data leaks, PI. The idea is to automate as much intel gathering as possible and later perhaps perform data analysis on what i've gathered.
  4. #4
    aldra JIDF Controlled Opposition
    yeah but you need to at least have a target. what's your goal, type in a name and have it bring up as much data as possible on them?
  5. #5
    Sophie Pedophile Tech Support
    Originally posted by aldra yeah but you need to at least have a target. what's your goal, type in a name and have it bring up as much data as possible on them?

    Yeah, or type in a certain service or product and have the framework look on Exploit-DB to find exploits or whatever. Or the name of an organization and have it return a bunch of info on them basically. I could add some logic to the Shodan CLI to have it do the same but i'd like the framework to be more versatile and in depth, swiss army knife for OSINT. Your one stop shop for intel and recon.
  6. #6
    Sophie Pedophile Tech Support
    This is also the reason why i asked how an OSINT framework would look like if you'd put one together. What is some core functionality you'd include.
Jump to Top