A somewhat curated list of links to various topics in application security.
| Link | Excerpt |
|---|---|
| OSINT | Feel free to add to your own investigative toolkit, however you may NOT sell or host this without obtaining prior permission. |
| Gathering Open Source Intelligence | One constant throughout my career has been my fascination with what can be learned about an organization from basic public records. The aggregation of a multitude of small pieces of information can paint a picture that is sometimes startling in its completeness. |
| OSINT: How to find information on anyone | Open Source Intelligence (OSINT) — is information gathering from publicly available sources and its analysis to produce an actionable intelligence. The scope of OSINT is not limited to cybersecurity only but corporate, business and military intelligence or other fields where information matters. |
| Overview of the tool: | Overview of the tool: Performs OSINT on a domain / email / username / phone and find out information from different sources. Correlate and collaborate the results, show them in a consolidated manner. Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, etc. |
| Matchlight by Terbium Labs | Data breaches happen every day. The average breach takes over 200 days to discover, and 85% of breaches are detected by third parties. Matchlight’s private and automatic data intelligence system shortens detection times to minutes and brings breach detection into your organization. |
| A Search Engine for the Internet of Things | Improve your business insights by enhancing operational data with nearby real-time IoT data across dozens of verticals, including weather, environment, smart city, energy and transport. Millions of connected objects & sensors across the planet generate real-time open data. |
| OSINT Team | For the Hackers, Threat Intelligence, Journalists, Private Investigators, Sleuths, Sherlocks, Business Intelligence and everyone in between. Slack Team Signup: https://openosint.signup.team Slack Team: https://openosint.slack.com |
| HUNCHLY'S REPUTATION | Hunchly automatically collects, documents, and annotates every web page you visit. Online research usually starts with the "search engine shotgun approach" — and before you know it, you've got dozens of tabs open and no idea how you got from A to Z. |
| Automating OSINT Blog | More and more investigations are being conducted on Tor and many of them can also include investigating Bitcoin transactions. |
| OSINT Framework | OSINT Framework (T) - Indicates a link to a tool that must be installed and run locally (D) - Google Dork, for more information: Google Hacking (R) - Requires registration (M) - Indicates a URL that contains the search term and the URL itself must be edited manually Notes OSINT framework focused on |
