Downloadable Tools

The following are some downloadable links which might help you all. Pentesters use a wide range of tools for OSINT, with consultants often using their own tools. Some of these, such as Pentest People’s Athena, are available on GitHub. Here are some other popular OSINT tools:

1. HTTPCS (By Ziwit) :

Detection of Data Leaks and Threat Intelligence

HTTPCS CYBERVIGILANCE watches continuously the web, deep web and dark web to collect information (documents, data leakage, sensitive information, security flaws…) which relates to your company and alerts your teams in real time.

With its entirely automated approach, HTTPCS CYBERVIGILANCE is the most reliable and cost-effective cyberwatch and Cyber Threat Intelligence (CTI) solution in the market.

2. Faststone Capture :

FastStone Capture is a powerful, lightweight, yet full-featured screen capture tool and screen video recorder. It allows you to easily capture and annotate anything on the screen including windows, objects, menus, full screen, rectangular / freehand / fixed regions as well as scrolling windows / web pages. It also allows you to record all screen activities including onscreen changes, speech from microphone, audio from speakers, mouse movements and clicks into highly compressed video files. FastStone Capture saves images in BMP, GIF, JPEG, PCX, PNG, TGA, TIFF, FSC and PDF formats. Built-in screen recorder saves videos in WMV (Windows Media Video) format. The Link to its webpage is Faststone Capture.

3. Google Earth Pro :

With Google Earth for Chrome, fly anywhere in seconds and explore hundreds of 3D cities right in your browser. Roll the dice to discover someplace new, take a guided tour with Voyager, and create your own maps and stories. Coming soon to more browsers. It basically will help in Physical Location OSINT.

4. HashCalc :

HashCalc is a free-of-charge desktop utility that allows you to easily calculate hashes, checksums, and HMAC values for texts, hex strings, and other file types. It presents the 13 most popular hash and checksum algorithms for computation that you can freely choose from. This includes MD2, MD4, MD5, SHA-1, SHA-2 (256, 384, 512), RIPEMD-160, PANAMA, TIGER, ADLER32, and CRC32.

5. HashMyFiles :

HashMyFiles is small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system. You can easily copy the MD5/SHA1 hashes list into the clipboard, or save them into text/html/xml file.

HashMyFiles can also be launched from the context menu of Windows Explorer, and display the MD5/SHA1 hashes of the selected file or folder.

6. QuickHash :

QuickHash GUI is an open-source graphical interface data hashing tool for Linux, Windows, and Apple Mac OSX. Originally designed for Linux, but also available for Windows and Apple Mac OSX.

Hash algorithms currently available :

• MD5,

• SHA1,

• SHA-3 (256 bit),

• SHA256,

• SHA512,

• xxHash,

• Blake2B (256 bit) and

• Blake3

• CRC32

7. Gateway :

Its a great platform to find hidden email gateways. Completely Open Source. Article on gateways and firewalls is https://www.secjuice.com/osint-detecting-enumerating-firewalls-gateways/ .

8. Voldata :

This is a panel of volatilities with daily data for the 30 Dow stocks estimated using a garch(1,1) for each serie. The returns used on the garch are from the dataset dji30ret from te package rugarch.

9. Vera Crypt :

VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux. Brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a.

VeraCrypt main features:

• Creates a virtual encrypted disk within a file and mounts it as a real disk.

• Encrypts an entire partition or storage device such as USB flash drive or hard drive.

• Encrypts a partition or drive where Windows is installed (pre-boot authentication).

• Encryption is automatic, real-time(on-the-fly) and transparent.

• Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.

• Encryption can be hardware-accelerated on modern processors.

• Provides plausible deniability, in case an adversary forces you to reveal the password: Hidden volume (steganography) and hidden operating system.

• More information about the features of VeraCrypt may be found in the documentation .

10. OSINT Framework :

A website directory of data discovery and gathering tools for almost any kind of source or platform.

11. SpiderFoot :

An OSINT tool to scrape data from over 100 data sources on personal, network, and business entities.

12. Google Dorks :

OSINT data gathering method using clever Google search queries with advanced arguments.

13. Shodan :

A search engine for online devices and a way to get insights into any weaknesses they may have.

14. Maltego :

15. An OSINT tool for gathering information and bringing it all together for graphical correlation analysis.

16. Metasploit :

17. A powerful penetration testing tool that can find network vulnerabilities and even be used to exploit them.

18. Recon-ng :

19. An open-source web reconnaissance tool developed in Python and continues to grow as developers contribute to its capabilities.

20. Aircrack-ng :

21. A wifi network security testing and cracking tool that can be used both defensively and offensively to find compromised networks.

22. Scrapesy: Scrapes both the clear web and dark web for exposed credentials

23. O365 Squatting: Generates typosquatting permutations and cross-references them against Office 365 infrastructure to find potential phishing websites

24. ZMap: Network scanner that discovers devices and services exposed to the internet

25. Ghunt: Finds information associated with a Google ID

26. Intel Owl: Pulls together threat analysis tool feeds into a single API

27. ReNgine: Open source tool for aggregating recon feeds

28. Shodan: IoT device search engine used to find unsecured equipment on LANs and other hardware-based weak spots

29. Social Mapper: Developed by Trustwave Spiderlabs, Social Mapper uses facial recognition, as well as usernames, to track targets across platforms

30. Spiderfoot: OSINT automation tool, available in open source and commercial versions

31. Sublist3r: Python-based sub-domain enumerator

32. theHarvester: Helps to “determine a company's external threat landscape on the internet” by gathering “emails, names, subdomains, IPs and URLs”

33. Google dorking: Less a tool than a technique, Google Dorking involves using specialist search terms to find results not visible to natural language search.

The SANS Institute has also published a detailed list of OSINT tools. Check out our Latest Hacking Tools page to keep track of the latest open source releases.