OSINT

@sirpedrotavares seguranca-informatica.pt 0xSI_f33d
Search…
OSINT
​FavFreak: Weaponizing favicon.ico for BugBounties , OSINT and what not.
1
$ git clone https://github.com/devanshbatham/FavFreak
2
$ cd FavFreak
3
$ virtualenv -p python3 env
4
$ source env/bin/activate
5
$ python3 -m pip install mmh3
6
$ cat urls.txt | python3 favfreak.py 
Copied!
Result - hashes
Pwning with Shodan
1
$ cat urls.txt | python3 favfreak.py -o output
Copied!
http.favicon.hash:[Favicon hash here]
1
$ shodan search org:"Target" http.favicon.hash:116323821 --fields ip_str,port --separator " " | awk '{print $1":"$2}'
Copied!
Reference: https://medium.com/@Asm0d3us/weaponizing-favicon-ico-for-bugbounties-osint-and-what-not-ace3c214e139​
 Goohak: Automatically launch google hacking queries against a target domain to find vulnerabilities and enumerate a target.
1
./goohak domain.com
Copied!
 urlhunter: urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl. The project is written in Go.
​//grep.app: Search across a half million git repos.
​domain-check-2: Domain Expiration Check Shell Script Forked and Maintained by nixCraft.
​dns-domain-expiration-checker: Send notifications when DNS domains are about to expire.
Expired Domains | Daily Updated Domain Lists for 477 TLDs
sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine.
GitHub - signedsecurity/sigurlfind3r: A passive reconnaissance tool for known URLs discovery - it gathers a list of URLs passively using various online sources.
GitHub
​
Tools
DNS
Last modified 5mo ago
Copy link