A somewhat curated list of links to various topics in application security.
|Feel free to add to your own investigative toolkit, however you may NOT sell or host this without obtaining prior permission.
|Gathering Open Source Intelligence
|One constant throughout my career has been my fascination with what can be learned about an organization from basic public records. The aggregation of a multitude of small pieces of information can paint a picture that is sometimes startling in its completeness.
|OSINT: How to find information on anyone
|Open Source Intelligence (OSINT) — is information gathering from publicly available sources and its analysis to produce an actionable intelligence. The scope of OSINT is not limited to cybersecurity only but corporate, business and military intelligence or other fields where information matters.
|Overview of the tool:
|Overview of the tool: Performs OSINT on a domain / email / username / phone and find out information from different sources. Correlate and collaborate the results, show them in a consolidated manner. Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, etc.
|Mitigate Digital Risks Outside Your Perimeter.
|Our patented digital fingerprinting and exact matching technology establishes secure data collection and monitoring, minimizes false positives, and ensures compliance with evolving data privacy regulations.
|A Search Engine for the Internet of Things
|Improve your business insights by enhancing operational data with nearby real-time IoT data across dozens of verticals, including weather, environment, smart city, energy and transport. Millions of connected objects & sensors across the planet generate real-time open data.
|For the Hackers, Threat Intelligence, Journalists, Private Investigators, Sleuths, Sherlocks, Business Intelligence and everyone in between. Slack Team Signup: https://openosint.signup.team Slack Team: https://openosint.slack.com
|Hunchly automatically collects, documents, and annotates every web page you visit. Online research usually starts with the "search engine shotgun approach" — and before you know it, you've got dozens of tabs open and no idea how you got from A to Z.
|Automating OSINT Blog
|More and more investigations are being conducted on Tor and many of them can also include investigating Bitcoin transactions.
|OSINT Framework (T) - Indicates a link to a tool that must be installed and run locally (D) - Google Dork, for more information: Google Hacking (R) - Requires registration (M) - Indicates a URL that contains the search term and the URL itself must be edited manually Notes OSINT framework focused on