mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-12-19 19:36:08 +00:00
Update README.md
This commit is contained in:
parent
8cfd5066e8
commit
8c87ab2a23
@ -25,8 +25,22 @@ Open-source intelligence (OSINT) is data collected from open source and publicly
|
|||||||
- [GOSINT](https://github.com/ciscocsirt/gosint) - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
|
- [GOSINT](https://github.com/ciscocsirt/gosint) - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
|
||||||
- [Awesome Threat Intelligence](https://github.com/santosomar/awesome-threat-intelligence) - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.
|
- [Awesome Threat Intelligence](https://github.com/santosomar/awesome-threat-intelligence) - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.
|
||||||
|
|
||||||
|
## Active and Passive Reconnaissance Tips and Tools
|
||||||
|
|
||||||
## IP address and DNS Lookup Tools
|
### Passive Recon
|
||||||
|
|
||||||
|
#### Website Exploration and "Google Hacking"
|
||||||
|
* censys - https://censys.io
|
||||||
|
* Spyse - https://spyse.com
|
||||||
|
* netcraft - https://searchdns.netcraft.com
|
||||||
|
* Google Hacking Database (GHDB) - https://www.exploit-db.com/google-hacking-database
|
||||||
|
* ExifTool - https://www.sno.phy.queensu.ca/~phil/exiftool
|
||||||
|
* Certficate Search - https://crt.sh/
|
||||||
|
* Huge TLS/SSL certificate DB with advanced search - https://certdb.com
|
||||||
|
* Google Transparency Report - https://transparencyreport.google.com/https/certificates
|
||||||
|
* SiteDigger - http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx
|
||||||
|
|
||||||
|
### IP address and DNS Lookup Tools
|
||||||
- [bgp](https://bgp.he.net/)
|
- [bgp](https://bgp.he.net/)
|
||||||
- [Bgpview](https://bgpview.io/)
|
- [Bgpview](https://bgpview.io/)
|
||||||
- [DataSploit (IP Address Modules)](https://github.com/DataSploit/datasploit/tree/master/ip)
|
- [DataSploit (IP Address Modules)](https://github.com/DataSploit/datasploit/tree/master/ip)
|
||||||
@ -41,4 +55,34 @@ Open-source intelligence (OSINT) is data collected from open source and publicly
|
|||||||
- [Viewdns](https://viewdns.info/)
|
- [Viewdns](https://viewdns.info/)
|
||||||
- [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html)
|
- [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html)
|
||||||
|
|
||||||
|
#### Social Media
|
||||||
|
* A tool to scrape LinkedIn: https://github.com/dchrastil/TTSL
|
||||||
|
* cree.py http://ilektrojohn.github.com/creepy
|
||||||
|
|
||||||
|
#### Whois
|
||||||
|
WHOIS information is based upon a tree hierarchy. ICANN (IANA) is the authoritative registry for all of the TLDs and is a great starting point for all manual WHOIS queries.
|
||||||
|
* ICANN - http://www.icann.org
|
||||||
|
* IANA - http://www.iana.com
|
||||||
|
* NRO - http://www.nro.net
|
||||||
|
* AFRINIC - http://www.afrinic.net
|
||||||
|
* APNIC - http://www.apnic.net
|
||||||
|
* ARIN - http://ws.arin.net
|
||||||
|
* LACNIC - http://www.lacnic.net
|
||||||
|
* RIPE - http://www.ripe.net
|
||||||
|
|
||||||
|
### BGP looking glasses
|
||||||
|
* BGP4 - http://www.bgp4.as/looking-glasses
|
||||||
|
* BPG6 - http://lg.he.net/
|
||||||
|
|
||||||
|
### DNS
|
||||||
|
* dnsenum - http://code.google.com/p/dnsenum
|
||||||
|
* dnsmap - http://code.google.com/p/dnsmap
|
||||||
|
* dnsrecon - http://www.darkoperator.com/tools-and-scripts
|
||||||
|
* dnstracer - http://www.mavetju.org/unix/dnstracer.php
|
||||||
|
* dnswalk - http://sourceforge.net/projects/dnswalk
|
||||||
|
|
||||||
|
#### Other Great Intelligence Gathering Sources and Tools
|
||||||
|
* Resources from Pentest-standard.org - http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines#Intelligence_Gathering
|
||||||
|
|
||||||
|
### Active Recon
|
||||||
|
* Tons of references to scanners and vulnerability management software for active reconnaissance - http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines#Vulnerability_Analysis
|
||||||
|
Loading…
Reference in New Issue
Block a user