OSINT or Open Source Intelligence is an awesome technique used by security researchers where information and sensitive data is collected by excavating open source platforms like social media sites, public DNS records, etc. This blog will cover several OSINT sources that you can refer in 2020 to satisfy your aim.

google translate

Useful OSINT sources :-

🔹Virustotal: People do upload almost every software, piece of computer document that are awry off. So, enumerating the documents uploaded by people can reveal information like their software licenses, personal details and even documents containing their SSN numbers.

NOTE: Anyone(registered) can use virus-total intelligence feature and scrape the uploaded files(doc, PDF and softwares) based on YARA rules and then can find and download juicy sensitive information about you !!! So, always check before you upload anything on virustotal.

Also its owned by google, so you can easily imagine the amount of your personal data left in files unintentionally will go unnoticed :)

🔹GHunt : An OSINT tool to extract information from any Google Account using an email..

This is the data you will receive with only mail:

— Owner’s name
— Date of last edit
— Google id
— Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
— Possible YouTube channel
— Possible names
— Public photos
— Phone models
— Firmware phones
— Installed software
— Reviews about Google Maps
— Possible physical location

🔹 Email Search Thread
http://haveibeenpwned.com : Check Emails in leaked databases

🔹 http://emailrep.io : Find websites where account has been registered by email

🔹 http://dehashed.com : Checking mail in leaked Databases

🔹 http://intelx.io : Will Find Email Addresses, Domains, URLs, IP Addresses, CIDR, Bjtcoin Addresses, IPFS Hashes, etc

🔹 http://leakedsource.ru : Show from what base mail leaked

🔹 http://mostwantedhf.info : Find Skype Account

🔹 http://spiderfoot.net : Automatic search using a huge number of methods, tool available in the cloud with registration

🔹 http://reversegenie.com : find location, first letter of the name and phone numbers

🔹 http://searchmy.bio : Find Instagram account with Email In Description

🔹 Email-Osint-Ripper : https://github.com/Quantika14/email-osint-ripper

🔹 http://domainbigdata.com : Find Websites Where the Account Has Been Registered By Email and Phone Number and Name

🔹 http://search.carrot2.org : Cluster Search Engine, Identifies Objects Or Categories Associated With The Word in the Search Query

🔹 http://boardreader.com : Search engine on forums

🔹 http://searchcode.com : Search by Code in Open web

🔹 http://swisscows.com : Semantic Search Engine

🔹 http://publicwww.com : Search By Source Page Code, you can Search For Nicknames, Mail, Trackers, Wallets, Website Addresses, etc

🔹 http://kribrum.io : Social-Media Search Engine

Some Telegram OSINT Bots :-

🔹 @GetGmail_bot : Finds Gmail Linked To Any Email Address

🔹 @LinkCreatorbot : Finds group administrators by a PRIVATE link to the Telegram group. It works even if the Admins in the Telegram group are Hidden and If the link is no longer Working .

Find who created invite link . You just need to send bot the invite link to the group/channel without AAAAA in the link!

🔹 @last4mailbot : This bot can find masked phone by known email which associated with Sberbank and Odnoklassniki profiles. All you need is an email and this bot will do the rest of work for you.

🔹 @howtofind : This telegram bot is one of the most comprehensive bot in open space. It can enumerate information like phone, domain, file, or even any piece of text.

My Favorite: @trackingpixel : installation of tracking or advertising codes and your wishes will be fulfilled! {can have malicious implications}

Dark Web OSINT Tool :-

🔹 http://pwndb2am4tzkvold.onion: Search In pwndb, also Search by Password

Hi! I am a B.Tech student, whose enjoys reverse engineering and digital forensics. I relish reading anything and everything about cybersecurity.