OSINT(Open Source Intelligence) means every piece of information that can legally be gathered from any free or public sources about an individual or organization.
In Cybersecurity fields, Hacker or attacker collects every information about the target before attacking it. Information like IP addresses, Phone numbers, Names of employees, every little information is important for the attacker. He collects every information of the target system which is available for free and open-source on the internet and then creates a plan about attacking the system.
Information can be collected from various sources like websites of the target, social media accounts on Twitter, Facebook, LinkedIn, etc.
it is 100% legal and ethical.
- theHarvester -> Helps to scrape emails, names, subdomains, and IP’s or the company.
- Sublist3r -> Use to enumerate subdomains of the target website.
- Google Dorks – > Google dorks is not a tool but it is the way of searching google for valuable information.
- Ghunt -> this tool can find every information related to google id.
- Social Mapper: developed by Trustwave Spiderlabs, Social Mapper uses facial recognition, as well as usernames, to track targets across platforms.
The list goes on..
There are lots of tools for OSINT.
How can you find relative tools?
If you are doing research and don’t know the tools or website where to find good and valuable information about the target then there is a website known as OSINT Framework click here to visit.
This website will tell the best way to find valuable information with a help of a mind map which will definitely save your time for finding tools.
To Know more about OSINT you have to do some OSINT on OSINT.
wrapping up the article with some websites to practice your skills.
1.)https://osint-i1.thinkific.com/courses/osint-challenge – real world challenges.
2.) Hack the box challenges.
3.) Play CTF (Capture the flags)
4.) Defend the web