OSINT Framework a Brief Introduction

OSINT Framework a Brief Introduction | by Suneet Singh


OSINT Framework

is a huge collection of available tools, websites, and other resources such as google dorks created by Justin Nordine to help people involved in Information Security in finding free OSINT resources.

OSINT is an acronym for Open Source Intelligence and refers to the gathering of publicly available Information about an Organisation or an Individual from openly and freely available resources. OSINT is used by hackers, cybersecurity red teams, pentesters, and other entities involved in the information security domain to gather information on their target.

Gathering Information is the first and most important step in accessing the cybersecurity of an organization or an asset as it helps in visualize and map the attack surface using the acquired knowledge.

OSINT Framework provides a very helpful collection of tools and approaches for gathering intelligence and doing reconnaissance of a target, available on a single platform.

OSINT framework provides a category-wise distribution of available resources in a nested format.

Along with this nested format it uses four indicators to further clarify the usage of that given resource.

These indicators along with what these imply are:


(T) – Indicate a link to a tool that must be installed and run locally (D) – Google Dork
(R) – Requires registration
(M) – Indicates a URL that contains the search term and the URL itself must be edited manually.

This categorical and nested arrangement facilitates easy and efficient navigation of the users.

Usage of the OSINT framework depends on the type of target you are assigned to and what type of information you want to gather about the target. 

For example: Consider a web application domain as a target, so to advance your testing on that web application what you would like to do is find and map all the attack surface, which can be done by finding subdomains and APIs which can be done using sublist3r, recon-ng, etc.

Then there may be different approaches like finding the open ports which can be performed using n-map, zen-map, shodan, etc.

OSINT framework helps in better time management and hassle free resource utilization.

Thank you for your time (Suneet Singh).

Contact Suneet Singh

¡Read more of his work here! (Medium profile)

Un comentario en “OSINT Framework a Brief Introduction

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Salir /  Cambiar )

Google photo

Estás comentando usando tu cuenta de Google. Salir /  Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Salir /  Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Salir /  Cambiar )

Conectando a %s