ETHICAL HACKING TOOLS AND RESOURCES

-

 INFORMATION GATHERING

Website Information Gathering with metadata extraction using FOCA & Metagoofil.

-by this we can find or see hidden information of company such as pdf xls etc filetype.

-FOCA and metagoofil these are the tools 

-foca is gui apps and metagoofilis cli.


HOW TO INSTALL AND USE OSINT GATHERING TOOL SPIDERFOOT IN WINDOWS ,MAC OS, LINUX.

WINDOWS

-tool:- spiderfoot(spiderfoot.net)

-it collect data from varios source like whois ,nslookup, reverse lookup, vulnerability etc. 

-opensource tool it is based on cli and gui

-prerequisites:-

              python is installed

-download spiderfoot and extract it.

-goto folder of the spiderfoot ,here is one exe file open it or run it on local server.

-it gives like 127.0.0.1:5555(copy and paste in browser)

-go ahead


LINUX

-GITHUB REPO :-spiderfoot,NOTE:- python should be installed

-step 1 pip install -r requirements.txt

-rest of process is same as windows

FIND SOCIAL MEDIA ACCOUNTS BY USERNAME

-tool:-sherlock (github repo-sherlock-project)

-python3 sholud be installed

-python3 install -r requirements.txt


TRAPE:EASILY TRACK LOCATION ,IP,OS,BROWSER OF PEOPLE,BROWSER HOOKING IN KALI LINUX

-github repo(trape)

-pip install -r requirements.txt


All in one Osint tools solution

-to find important information from publicly available information

-phone ,email etc 

-tools:-

            trace labs osint VM

Find someone's social media profile,email,domain,using osint tools

-profiler:- github repo profil3r 

-after install setup this by using cmd:-sudo python3 setup.py install

-to show options:- python3 profil3r -h

HTTrack Website copier

-website copier,mirror website

-extract website data, plugins,themes


ALL IN ONE OSINT search engine for cyber security

-spyse search engine 

-dns,whois lookup,vulnerabilities,used technology etc

-spyse.com

-this is very usefull for bug hunters.

Website Time Machine

- facebook,google,youtube.

-recover deleted or old websites.

Top 10 Best OSINT Tools

Google Dorks

TheHarvester

Shodan

Maltego

Metagoofil

Recon-Ng

Check Usernames

TinEye

SpiderFoot

Creepy


IMP TOOLS or WEBSITES

SecList

Thisislegal.com 

KitPloit.com 

Wapplyzer extension

PingDom.com 

PageInsight 

Subbrute github tool-- to find subdomain

VirusTotal.com,Pen test tool.com - scanning through website

 https://www.cyberick.com/post/look-for-these-low-hanging-fruits-in-bug-bounty



Comments

Post a Comment