OSINT

​FavFreak: Weaponizing favicon.ico for BugBounties , OSINT and what not.
$ git clone https://github.com/devanshbatham/FavFreak
$ cd FavFreak
$ virtualenv -p python3 env
$ source env/bin/activate
$ python3 -m pip install mmh3
$ cat urls.txt | python3 favfreak.py 
Result - hashes
Pwning with Shodan
Result - hashes
$ cat urls.txt | python3 favfreak.py -o output
Pwning with Shodan
http.favicon.hash:[Favicon hash here]
$ shodan search org:"Target" http.favicon.hash:116323821 --fields ip_str,port --separator " " | awk '{print $1":"$2}'
Reference: https://medium.com/@Asm0d3us/weaponizing-favicon-ico-for-bugbounties-osint-and-what-not-ace3c214e139​
 Goohak: Automatically launch google hacking queries against a target domain to find vulnerabilities and enumerate a target.
./goohak domain.com
 urlhunter: urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl. The project is written in Go.
​//grep.app: Search across a half million git repos.
​domain-check-2: Domain Expiration Check Shell Script Forked and Maintained by nixCraft.
​dns-domain-expiration-checker: Send notifications when DNS domains are about to expire.
Expired Domains | Daily Updated Domain Lists for 477 TLDs
Information about Expired Domain Names. Check the Availability of thousands of Expired Domains every day before they Drop and after. Just pick what you like!
www.expireddomains.net
sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine.
GitHub - signedsecurity/sigurlfind3r: A passive reconnaissance tool for known URLs discovery - it gathers a list of URLs passively using various online sources.
A passive reconnaissance tool for known URLs discovery - it gathers a list of URLs passively using various online sources. - GitHub - signedsecurity/sigurlfind3r: A passive reconnaissance tool for ...
github.com
​
Tools
DNS
Last updated 1 month ago