A somewhat curated list of links to various topics in application security.
| Link | Excerpt |
|---|---|
| Open Source Intelligence Gathering: Techniques, Automation, and Visualization | One constant throughout my career has been my fascination with what can be learned about an organization from basic public records. The aggregation of a multitude of small pieces of information can paint a picture that is sometimes startling in its completeness. |
| OSINT: How to find information on anyone | Open Source Intelligence (OSINT) — is information gathering from publicly available sources and its analysis to produce an actionable intelligence. The scope of OSINT is not limited to cybersecurity only but corporate, business and military intelligence or other fields where information matters. |
| DataSploit/datasploit | Overview of the tool: Performs OSINT on a domain / email / username / phone and find out information from different sources. Correlate and collaborate the results, show them in a consolidated manner. Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, etc. |
| Matchlight by Terbium Labs | Data breaches happen every day. The average breach takes over 200 days to discover, and 85% of breaches are detected by third parties. Matchlight’s private and automatic data intelligence system shortens detection times to minutes and brings breach detection into your organization. |
| A Search Engine for the Internet of Things | Thingful is built for real-world problems that exist today. Legacy systems need to interoperate with modern deployments but connected objects like smart meters, cars, mobile phones, weather stations, smart homes & building management systems are spread across thousands of different networks |
| IVMachiavelli/OSINT_Team_Links | For the Hackers, Journalists, Private Investigators, Sleuths, Sherlocks, and everyone in between. Bookmarks for the Open OSINT Slack Team for OSINT collaberation. This is already in .html format and ready to be imported into your browser as bookmarks under the folder name OSINT. |
| Hunchly is Perfect for | Hunchly automatically collects, documents, and annotates every web page you visit. Online research usually starts with the "search engine shotgun approach" — and before you know it, you've got dozens of tabs open and no idea how you got from A to Z. |
| Automating OSINT Blog | More and more investigations are being conducted on Tor and many of them can also include investigating Bitcoin transactions. |
| OSINT Framework | OSINT Framework (T) - Indicates a link to a tool that must be installed and run locally (D) - Google Dork, for more information: Google Hacking (R) - Requires registration (M) - Indicates a URL that contains the search term and the URL itself must be edited manually Notes OSINT framework focused on |
