How to Find OSINT on Tinder

Introduction A big intel gap I've noticed in the OSINT space has been Tinder and other dating apps. By intel gap, I mean there's information available but it's hard to access and difficult to verify. Tinder is probably the most popular and notorious of the dating apps. However, because of it's nature of being connected … Continue reading How to Find OSINT on Tinder →

InstaLoader – an OSINT Tool for Scraping Instagram Metadata

Introduction There are a lot of Instagram OSINT tools out there. InstaLoader is one of my favorites. It's achieved this status by providing a massive amount of data while maintaining its user-friendliness. InstaLoader does the following: downloads public and private profiles, hashtags, user stories, feeds and saved media, downloads comments, geotags and captions of each post, automatically detects profile … Continue reading InstaLoader – an OSINT Tool for Scraping Instagram Metadata →

SkipTracer – an OSINT Scraping Framework

Introduction Skiptracer is an OSINT scraping framework that utizes basic python webscraping of PII paywall sites to compile information (passively) on a target. This is especially useful if you are operating on a very small budget. Skiptracer allows you to search by specific input including: Email Name Phone Screen Name License Plate Domain It's primarily … Continue reading SkipTracer – an OSINT Scraping Framework →

LinkedIn2Username – an OSINT Tool for Red Teams

Introduction LinkedIn2Username is an OSINT tool that generates username lists from companies on LinkedIn. What's great about LinkedIn2Username is it's easy to setup and doesn't require an API key. You need only supply your LinkedIn username and password to operate it. One disclaimer before we get started is this tool will likely not deliver quality … Continue reading LinkedIn2Username – an OSINT Tool for Red Teams →

Twint – an OSINT Tool for Collection on Twitter at Scale

Introduction Twint is an advanced Twitter scraping tool written in Python that allows for scraping Tweets from Twitter profiles without using Twitter's API. That being said, it does violate Twitter's TOS so use of this tool should be used with caution. I recommend research purposes only. Twint solves one big problem with Twitter: the API … Continue reading Twint – an OSINT Tool for Collection on Twitter at Scale →

h8mail – an OSINT Tool for Finding Passwords in Data Breaches

Introduction h8mail is a powerful, user-friendly OSINT tool that allows you to hunt for passwords through different breach and reconnaissance services. It's open source and written in Python with one of the most robust README files I've ever seen. This tool is loaded with features including: 🔎 Email pattern matching (reg exp), useful for reading from … Continue reading h8mail – an OSINT Tool for Finding Passwords in Data Breaches →

PaGoDo – an OSINT Tool that Automates Google Dorks

Introduction PaGoDo (Passive Google Dork) is an OSINT tool that lets you automate Google hacking (dorking) by scraping Google Search with a predefined list of vulnerabilities and useful information. According to the developer, the goal of this project was to develop a passive Google Dork script to collect potentially vulnerable web pages and applications on the … Continue reading PaGoDo – an OSINT Tool that Automates Google Dorks →