OSINT-Search - Useful For Digital Forensics Investigations Or Initial Black-Box Pentest Footprinting


OSINT-Search is a useful tool for digital forensics investigations or initial black-box pentest footprinting.

OSINT-Search Description

Functionality
  • Presents personal information like full name, age, gender, location, languages, social networks, etc...
  • Presents information related to data breaches.
  • Presents information related to pastes of data breaches made public.
  • Presents which country a phone number belongs to.
  • Presents results of google hackings searches.
  • Presents results related to a domain or an IP address.
  • Presents CMS for a certain website.
  • Presents DNS Records information for a certain domain.
  • Presents Facebook ID and a facebook page full of photos after getting a facebook profile URL.
  • Presents digital certificates for a certain domain.
The script allows specfic searches and in bulk.
More functionalities to be added later.

Tested On
  • Kubuntu 18.04.2 LTS
  • Kali Linux 2019.1
  • Windows 10

Requirements (Install)

Run
  • On the first run of the script you need to submit your API fields to get all the functionality of the script. I suggest you create the accounts mentioned in the description.
  • A configuration file called 'osintSearch.config.ini' is created with your data and can be edited by you.

Usage
$ osintS34rCh v1.0

USAGES
Email
./osintS34rCh -e <[email protected]> # All Searches: Pipl, FullContact, Haveibeenpwnded Data Breaches and Credentials Pastes
./osintS34rCh -e <[email protected]> --pipl # Pipl
./osintS34rCh -e <[email protected]> --fullcontact # FullContact
./osintS34rCh -e <[email protected]> --pwned # Haveibeenpwnded Data Breaches and Credentials Pastes

Domain
./osintS34rCh.py -t <domain> # All Searches: Shodan Recon, crt.sh, DNSDumpster, All Google Hacking Dorks
./osintS34rCh.py -t <domain> --shodan # Shodan Recon
./osintS34rCh.py -t <domain> --crt # crt.sh
./osintS34rCh.py -t <domain> --dns # DNSDumpster
./osintS34rCh.py -t <domain> -d <dork> -n <num_pages> # Google Hacking
./osintS34rCh.py -t & lt;domain> -d --all # All Google Hacking Dorks

IP
./osintS34rCh.py -t <IP> # All Searchs: Shodan and Censys Recon
./osintS34rCh.py -t <IP> --shodan # Shodan Recon
./osintS34rCh.py -t <IP> --censys # Censys Recon

URL
./osintS34rCh.py -u <url> --censys # Censys Recon
./osintS34rCh.py -u <url> --cms # WhatCMS Check
./osintS34rCh.py -u <url> --facebook # Facebook

Phone
./osintS34rCh.py -p <phonenumber> --callerID # CallerID

OPTIONS:
-h or --help
-e <email> [--pipl] [--fullcontact] [--pwned]
-p <phone> --calledID
-t <target IP or Domain> [--shodan] [--crt] [--dns] [-d] [<dork>] [--all] [-n <num_pages>]
-u [--cms] [--censys] [--facebook]

DORKS:
dir_list
files
docs
db
login
sql
sensitive
php

CONFIG_FILE:
/you rdirectory/osintSearch.config.ini


Disqus Comments