Top 7 tools for intelligence-gathering purposes
Experts can often collect significant artifacts related to the authors behind the analyzed scenarios during cybersecurity exercises, including details such as emails, usernames, IP addresses, domains, and so on. This article will provide you with a list of online tools to help you discover and track criminals' identities, their secrets, or even geolocation.
Learn Digital Forensics
1. ';--have i been pwned?
Have I Been Pwned allows searching across multiple data breaches if a specific email address or phone number has been compromised. It can be used, for instance, to verify that an email collected during a forensics exercise exists. Because the Have I Been Pwned shows all the databases where the email is breached, it can be possible to obtain the email:password combination. With this in place, experts can get further data related to criminals or even access criminals’ systems posing as the target crook.
URL: https://haveibeenpwned.com
2. intelx.io
IntelligenceX is an open-source Intelligence and forensics arsenal that helps experts during their cyber investigations. As shown below, many features and tools are available, including the “email” tool that can help identify what leaked passwords and additional information is associated with a specific email.
3. Whois Lookup
Whois Lookup is a large database of whois information on DNS, domain names, name servers, IP addresses, registrar and owner data, and so on. Looking up the owner's information, including the email address, can be a great start during an investigation. After that, using the tools mentioned above can be a great player during this game.
URL: https://whois.domaintools.com/
4. ViewDNS
This multi-tool website can help identify all the sites hosted on a given web server, including domain and IP, reverse whois lookup, finding domain names and their owners, and so on.
URL: https://viewdns.info
5. Sherlock
Sherlock is a tool that can find valid accounts on target websites given a specific username or email address. As its authors say, it can “hunt down social media accounts by username across social networks.”
URL: https://github.com/sherlock-project/sherlock
6. Instant Username Search
Instant Username Search is a tool capable of checking more than 100 social media sites and verifying if a specific username is available. This tool can be very useful for obtaining additional details on the target usernames.
URL: https://instantusername.com/
Learn Digital Forensics
7. spiderfoot
As mentioned by its creators on the GitHub page, SpiderFoot is an open-source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilizes a range of methods for data analysis, making that data easy to navigate.
SpiderFoot is available as an embedded web server for providing a clean and intuitive web-based interface but can also be used completely via the command line.
URL: https://github.com/smicallef/spiderfoot
Sources
OSINT Tools, GitBook Segurança-Informática
In this Series
- Top 7 tools for intelligence-gathering purposes
- Digital forensics and cybersecurity: Setting up a home lab
- iOS forensics
- Kali Linux: Top 5 tools for digital forensics
- Snort demo: Finding SolarWinds Sunburst indicators of compromise
- Memory forensics demo: SolarWinds breach and Sunburst malware
- Digital forensics careers: Public vs private sector?
- Email forensics: desktop-based clients
- What is a Honey Pot? [updated 2021]
- Email forensics: Web-based clients
- Email analysis
- Investigating wireless attacks
- Wireless networking fundamentals for forensics
- Protocol analysis using Wireshark
- Wireless analysis
- Log analysis
- Network security tools (and their role in forensic investigations)
- Sources of network forensic evidence
- Network Security Technologies
- Network Forensics Tools
- The need for Network Forensics
- Network Forensics Concepts
- Networking Fundamentals for Forensic Analysts
- Popular computer forensics top 19 tools [updated 2021]
- 7 best computer forensics tools [updated 2021]
- Spoofing and Anonymization (Hiding Network Activity)
- Browser Forensics: Safari
- Browser Forensics: IE 11
- Browser Forensics: Firefox
- Browser forensics: Google chrome
- Webinar summary: Digital forensics and incident response — Is it the career for you?
- Web Traffic Analysis
- Network forensics overview
- Eyesight to the Blind – SSL Decryption for Network Monitoring [Updated 2019]
- Gentoo Hardening: Part 4: PaX, RBAC and ClamAV [Updated 2019]
- Computer forensics: FTK forensic toolkit overview [updated 2019]
- The mobile forensics process: steps and types
- Free & open source computer forensics tools
- An Introduction to Computer Forensics
- Common mobile forensics tools and techniques
- Computer forensics: Chain of custody [updated 2019]
- Computer forensics: Network forensics analysis and examination steps [updated 2019]
- Computer Forensics: Overview of Malware Forensics [Updated 2019]
- Incident Response and Computer Forensics
- Computer Forensics: Memory Forensics
- Comparison of popular computer forensics tools [updated 2019]
- Computer Forensics: Forensic Analysis and Examination Planning
- Computer forensics: Operating system forensics [updated 2019]
- Computer Forensics: Mobile Forensics [Updated 2019]
- Computer Forensics: Digital Evidence [Updated 2019]
- Computer Forensics: Mobile Device Hardware and Operating System Forensics
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Digital forensics
Digital forensics
Digital forensics
Digital forensics
Snort demo: Finding SolarWinds Sunburst indicators of compromise