Jump to content

Search the Community

Showing results for tags 'recon'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Cyber Security
    • Application Security
    • Information Security
    • Network Security
    • Penetration Testing
    • Social Engineering
    • OSINT
  • Computer Science
    • Hardware
    • Software
    • Operating Systems
    • Programming
    • IT, Engineering, Mathematics
    • Design, Modeling, Animation
  • General
    • Other Discussions
    • Linktionary
    • Media & Games

Calendars

  • Community Calendar

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 8 results

  1. A lot of people use "people" search engines and Google dorks to find people or information about people, but you can actually find out quite a bit of information via public registries. Consider some of these: The Knot - Wedding Registry Search RegistryFinder - Baby Shows and Graduation Search MyRegistry - Wedding, Baby, and Gift List Search Amazon - Registries for Any Occasion Search Bed, Bath, and Beyond - Gift Registry Search The Bump - Baby Registry Search You can also find out PII of anyone in the United States who is registered to vote, by looking at local election registries. Does anyone know other registries to include?
  2. Shodan is an Internet of Things search engine that allows you to search and scan a wide variety of devices using a wide array of filters. Some will limit their information gathering to things that they see on the web. You can go beyond this, and Shodan is a tool to help with that: phones, controllers, refrigerators, etc. Shodan has powerful dashboards, community curated filters, and a powerful API to let you plug right into their platform. Here is a HackerSploit video covering some of the basics of Shodan: And if you want to check out the engine for yourself...well, here you go! Link to website: https://www.shodan.io/
  3. I'd recommend checking this tool out if you are conducting some recon to gain an overview of HTTP-based attack surface. According to the Aquatone Github repository, You can also use it alongside other tools, like Amass, Nmap, Masscan, etc. Link to the tool: https://github.com/michenriksen/aquatone
  4. The Recon-ng Framework provides a web-based environment to conduct reconnaissance quickly and easily. It is written in python and has a look similar to Metasploit, is modular, and has a development guide for building new modules. Here is an included video introduction to help you learn more about and get started with Recon-ng: Link to the repository: https://github.com/lanmaster53/recon-ng
  5. emailrep.io is a simple tool with a nice API that will tell you information about an email address, including: Reputation Level Is it suspicious? References Is it blacklisted? Has its credentials been leaked? Has it been part of any data breach? Is it a spammer? Is it spoofable? And much more. A further description from their website states: As this is posted in pentesting, some of the offensive usecases of this tool might include: Conduct recon on a target to prepare for credential bruteforcing Constructing targeted phishing attacks Avoid the spam folder There are also defenses ways in which this tool might be used, like to detect phishing attacks, prevent fraud, require additional layer of verification during registration, etc. Check it out! Link to site: https://emailrep.io/
  6. What are some dorks and APIs that you find useful for username/profile gathering? Post them all here! Here's a couple to get started. Amazon Usernames: https://www.google.com/search?q=site:amazon.com+%3Cusername%3E Github Usernames: https://api.github.com/users/%3Cusername%3E/events/public
  7. cwade12c

    Email Permutator+

    The email permutator is a quick tool used to generate permutations of common email addresses. You specify a first name, last name, optional middle name, optional nick name, and one or more domain names. It uses these inputs to generate permutations, which you can then use for.....whatever you'd like. Their site also suggests the following: Link: http://metricsparrow.com/toolkit/email-permutator/#
  8. This is a nice and quick information gathering tool to perform a reverse email lookup, to see who owns an email address and gather more information about them. From their site: Link: https://thatsthem.com/reverse-email-lookup
×
×
  • Create New...