🕵️Best Paid and Free OSINT Tools for 2024
I will explore 12 paid and free OSINT tools that are publicly available and can be very useful when utilized properly and for appropriate purposes
Open Source Intelligence tools (or OSINT tools) are software applications or platforms used to collect, analyze, and interpret publicly available information from various online sources, aiding in investigations, research, and intelligence gathering.
1: EpicVIN
EpicVIN is a website dedicated to providing detailed vehicle history reports based on a vehicle’s VIN (Vehicle Identification Number) or license plate number. Established in 2012 and headquartered in Miami, Florida; the platform offers paid results with three packages starting from $14.99 for 1 report, $7.04 for 4 reports and $5.4 for 16 reports.
2: Shodan
Shodan is essentially a search engine for Internet-connected devices. It allows users to discover various types of devices, from routers to security cameras to servers, that are connected to the internet, providing valuable data about the security of these devices and potential vulnerabilities.
Shodan is available in free and paid packages.
3: Telegogo
Telegogo is a free Google-based search engine for Telegram. The tool can be used to search for public Telegram channels, groups, or content. Leveraging Google’s search capabilities helps users find Telegram-related information or discussions more efficiently than searching through Telegram’s own search features.
Telegogo is useful for anyone looking to explore public conversations or communities within Telegram around specific topics, making the platform’s vast amount of user-generated content more accessible and navigable. If you are looking for specific types of Telegram groups or channels, using a dedicated search tool like Telegogo could significantly streamline your search process.
4. GHunt
GHunt is a free OSINT tool designed to extract information from any Google Account using an email address. The data that GHunt can gather includes:
Google ID
Owner’s name
Public photos (P)
Phones models (P)
Phones firmware
Installed Softwares
Google Maps reviews
Possible physical location
Possible YouTube channel
Possible other usernames
Events from Google Calendar
If the account is a Hangouts Bot
Last time the profile was edited
Activated Google services (YouTube, Photos, Maps, News360, Hangouts, etc.)
5. FOCA
FOCA (Fingerprinting Organizations with Collected Archives) is a free OSINT tool used primarily for security auditing. It is designed to help security professionals analyze a domain’s security by finding metadata and hidden information in the documents they make available on their websites.
FOCA is popular among penetration testers and cybersecurity professionals for its ability to uncover information that can help in the early stages of a security audit or penetration test. It provides insights that can guide further testing and exploration including document analysis, metadata extraction, mapping and more.
6. SkopeNow
Skopenow is a paid analytical search engine aimed at discovering and compiling digital identities from publicly available data. The platform uses various algorithms to aggregate information from social media, websites, and other online sources to create profiles that can be used for background checks, investigative purposes, and risk assessment. This can be particularly useful for professionals in law enforcement, fraud prevention, and corporate security to obtain insights into individuals’ online presence and behaviours.
7. Maltego
Maltego is a powerful tool for performing real-time data mining and information gathering, as well as the visualization of this information in a graph format. Ideal for investigative purposes, it helps in identifying relationships and real-world links between pieces of information from various sources located on the Internet.
Maltego is available in free and paid packages.
8. Metagoofil
Metagoofil is a metadata extraction tool that is used to analyze metadata of public documents (pdf, doc, xls, ppt, etc.) and to extract information that can be useful in an OSINT investigation. This tool can be used to gather data about the documents’ authors, creation dates, software used, and more.
9. Recon-ng
Recon-ng is a full-featured free Web Reconnaissance framework written in Python. It provides a powerful environment in which open-source web-based reconnaissance can be conducted quickly and thoroughly. Recon-ng has a look and feels similar to the Metasploit Framework, reducing the learning curve significantly.
10. TheHarvester
TheHarvester is a free OSINT tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, key servers). This tool is particularly useful in the early stages of a penetration test to understand the human element of cybersecurity.
11. Arrests.org
Arrests.org is a free website aggregating booking and arrest records from various public law enforcement agencies across the United States. The site typically displays mugshots, personal information such as age and gender, and details of the charges against the individuals listed. These records are pulled from publicly available sources, such as county sheriff’s offices and police departments.
Therefore, this site can serve as a perfect OSINT tool for researchers, journalists, security professionals, and the general public seeking intelligence or information about individuals’ arrest histories. Additionally, the accessibility and range of data available on Arrests.org make it a useful tool for conducting background checks, investigating criminal activity, or monitoring crime trends, all of which are key aspects of OSINT research
12. OSINT Framework
OSINT Framework is not a tool in itself, but rather a free collection of OSINT tools that can be used for specific purposes. It organizes tools based on the type of data you are interested in and the goal of your investigation, making it an invaluable resource for anyone conducting OSINT.
Comentários
Postar um comentário