OSINT-SPY is a tool that helps in performing OSINT scans on several online resources and check information for email, domain, IP address, and organization. It can be used by Infosec Researchers, Data Miners, Penetration Testers, and cybercrime investigators to find in-depth information about their target.

To download this tool, go to the https://github.com/SharadKumar97/OSINT-SPYwebpage.


“Knock” is a python tool created to enumerate subdomains on a target system through a wordlist. It scans for DNS zone transfer and tries to bypass the wildcard DNS record automatically if it is enabled. Now Knock supports queries to VirusTotal subdomains. You can set the API_KEY within the “config.json” file.

To download the tool, visit the following GitHub page: https://github.com/guelfoweb/knock.”


InfoG is a Shell script tool used to perform information gathering. To download it, visit the following GitHub page: https://github.com/OffXec/infog

ReconSpider is a capable tool to perform Open Source Intelligence scans on email, domain, ip_address, and organization. ReconSpider accumulates all the raw data, visualizes it on a dashboard, and facilitates alerting and monitoring of the data.

To install this tool, visit the following GitHub page https://github.com/bhavsec/reconspider.”

Dracnmap is an open-source program that is utilizing to misuse the system and gathering data with Nmap help. Nmap command accompanies bunches of choices that can make the utility progressively hearty and hard to pursue new users. Subsequently, Dracnmap is intended to perform quick scanning with the using content motor of Nmap, and Nmap can perform different programmed checking systems with the propelled commands.

To install this tool, visit the https://github.com/Screetsec/Dracnmap web page and copy the downloadable link.

By TechChip

Netcraft is an internet service association that provides detailed data about the web facilitating and the Server with point-by-point data on what is running on the server alongside the IP, Whois data, server-side technologies, and so on. This information ought to be saved in your reports with the goal that you can utilize all the data to find the correct testing methodology and characterize the attack surface, which is the essential piece of a pentest.

Visit the https://www.netcraft.com/ and type your target domain name in the search bar. …

Footprinting is an ethical hacking procedure of gathering data about the objective and its condition. It is a pre-assault stage, and most significant efforts are deployed to ensure that the activities conducted are executed under stealth and the target can’t follow back you. Footprinting is a first and essential advance because, after this, a penetration tester knows how the hacker sees this system.

Visit the http://whois.domaintools.com/ website and type any domain name in the search bar then hit “Enter.” The Whois lookup tool will present you with all the necessary information regarding the target domain name.

Regardless of whether you are assaulting an objective or protecting one, you need a clear picture of the dangerous scene before you get in. This is the place where DataSploit comes into play. Using different Open Source Intelligence (OSINT) apparatuses and strategies that they have observed to be powerful, DataSploit presents to them all into one spot, connects the crude information caught, and gives the client, all the applicable data about the location, email, telephone number, individual, and so forth. It enables you to gather valuable data about an objective that can grow your assault/safeguard surface all-around rapidly.

DataSploit was…

By Lomar Lilly

When conducting a penetration test, it’s critical to take a systematic approach to data collection and divide the activity into two parts: passive data collection and active data collection. Gathering passive data should come first. It entails gathering publicly available information about the organization being evaluated from the internet without communicating with the target systems.

Passive information collecting is scouring the internet for publicly available information about the firm that can be used to exploit its systems and circumvent security safeguards while conducting the pentest. Passive information collection can be done in a variety of ways, including manually surfing public…

Another information gathering tool that can be added to your arsenal

BuiltWith is a website profiler, competitive analysis, lead generation, and business intelligence tool providing technology adoption, e-commerce data, and usage analytics for the internet. BuiltWith aims to help researchers, designers, and web developers to track what technologies are used by other websites, which can help them to decide what technologies to implement themselves.

If you want to know what types of technologies are used in the target’s website, visit the https://builtwith.com/ page and type the domain name to lookup for.

David Artykov

Cybersecurity Professional, Penetration Testing Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store