Information Gathering
Essential cybersecurity cheatsheet for Information Gathering and Open Source Intelligence (OSINT). Discover data related to emails, domains, usernames, and images using both command line and online tools.
§
table of contents
Information Gathering, often referred to as Open Source Intelligence (OSINT) in the context of ethical hacking, is the systematic collection and analysis of publicly available data about a target, providing the foundational knowledge necessary to identify potential vulnerabilities and craft targeted security assessments.
Command line tools
| From | Use |
|---|---|
holehe $email | |
ghunt email $email (for google account) | |
github-recon $email (link, for github account) | |
| Domain | theHarvester -d $domain -l 100 |
theHarvester -d $domain -l 100 -b all (full) | |
| Username | sherlock $username |
| Image | exiftool $imagePath |
instaloader profile $username | |
| Github | trufflehog github --org=$usernameOrOrg |
github-recon $username (link) |
Online tools
| For | Use |
|---|---|
| Visualiser | OSINTracker |
| IP | Shodan |
| Censys | |
| Domain | Whois |
| crt.sh (certificate transparency) | |
| Name | Webmii |
| BreachDirectory | |
| LeakLookup | |
| IntelX | |
| Genealogic.review | |
| SSID | Wigle |
| Image | PimEyes (faces) |
| Lenso (faces) | |
| TinEye | |
| Pic2Map (exif geolocation) | |
| Username | DeHashed |
| BreachDirectory | |
| IntelX | |
| LeakLookup | |
| Oathnet | |
| DeHashed | |
| Hunter | |
| HaveIBeenPwned | |
| BreachDirectory | |
| LeakLookup | |
| IntelX | |
| Oathnet | |
| Phone | Epieos |
| Dumpor | |
| Misc | Goosint |
| OSINT Framework | |
| OSINT Dojo |
OSINT Aggregation Tool
IKnowYou
Self-hosted OSINT aggregation platform: Run dozens of open-source intelligence tools against a single target in parallel; all from one clean web interface.