wddadk/Offensive-OSINT-Tools

This repository consists of tools/links that a expert can use during Pentest/RedTeam. If the tool performs multiple functions, for example collecting subdomains and URLs, it will be listed in two places. Search Engines for Investigation Domains/IP Addresses.

This article provides a comprehensive list of tools and links that can be used by offensive specialists during a pentest or red team exercise. It covers a wide range of topics, from search engines to dark web intelligence, and includes tools for collecting emails, subdomains, URLs, network information, certifications, FTP servers, passive infrastructure scanners, Microsoft Exchange, Telegram, Google Dorks, nicknames, phone numbers, wifi, cloud, and information gathering.

The list of search engines includes Censys, Shodan, Greynoise.io, ZoomEye, Onyphe, Fofa, Binaryedge, FullHunt, Netlas, Quake360, Criminalip, Synapsint, Natlas, and Leakix. Tools for collecting emails include Hunter.io, Snov.io, Phonebook, Poastal, Email-format, h8mail, EmailFinder, theHarvester, Anymailfinder, Omail, Skymem, Signalhire, Rocketreach, Infoga, and Rextracter.streamlit. Tools for finding mentions in code are also included.

Subdomain collectors include Bbot, Sudomy, Amass, theHarvester, Spiderfoot, subchase, GooFuzz, SubGPT, and alterx. Tools for passive collection and analysis of URLs include Gau, Xurlfind3r, Unja, Waymore, Spiderfoot, theHarvester, GooFuzz, Rextracter.streamlit, and Uscrapper. Dark web intelligence tools are also included.

Tools for threat intelligence, IP/domain network analysis, DNS history, FTP servers, passive infrastructure scanners, Microsoft Exchange, Telegram, Google Dorks, nickname search, phone number, wifi, cloud, and information gathering are also included. Links to guide, methodologies, and other useful information are also provided. The article is inspired by the Awesome OSINT repository.

Overall, this article provides a comprehensive list of tools and links that can be used by offensive specialists during a pentest or red team exercise. It covers a wide range of topics and includes tools for collecting emails, subdomains, URLs, network information, certifications, FTP servers, passive infrastructure scanners, Microsoft Exchange, Telegram, Google Dorks, nicknames, phone numbers, wifi, cloud, and information gathering.

📓 wddadk/Offensive-OSINT-Tools

👉🏽 This repository consists of tools/links that a expert can use during Pentest/RedTeam. If the tool performs multiple functions, for example collecting subdomains and URLs, it will be listed in two places. Search Engines for Investigation Domains/IP Addresses. 👉🏽 Comprehensive list of tools and links for offensive specialists during a pentest or red team exercise. 👉🏽 Wide range of topics covered, from search engines to dark web intelligence. 👉🏽 Tools for collecting emails, subdomains, URLs, and network information. 👉🏽 Tools for identifying certifications, FTP servers, and passive infrastructure scanners. 👉🏽 Tools for Microsoft Exchange, Telegram, Google Dorks, and nickname search. 👉🏽 Tools for finding phone numbers, wifi information, and information gathering. 👉🏽 List of search engines including Censys, Shodan, and ZoomEye. 👉🏽 Tools for subdomain collection, passive URL analysis, and dark web intelligence. 👉🏽 Threat intelligence tools, IP/domain network analysis, and DNS history included. 👉🏽 Links to guide, methodologies, and other useful information provided.

🔗 source link: https://github.com/wddadk/Offensive-OSINT-Tools

🔗 summarized content: https://hut.threathunterz.com/battlefield-intel/tradecraft-tools/wddadk-offensive-osinttools

#OffensiveSpecialistTools #PentestRedTeam #ComprehensiveList #OSINTRepository #InformationGathering