Skip to content
Sign UpLog In
This post is read-only. Explore Repls and connect with other creators on Community.View Community
The info in this post might be out of date, check out our docs instead. View docs
4

What is OSINT ? And one of the best OSINT tools

systemctl
systemctl

PLEASE NOTE : i am not the creator of spiderfoot i just thought it was cool that i could run it on repl.it and wanted to share ( because I'm extremely lonely e-learning sucks) oh and ( I decided hey why not give a little lesson here since i have a lot of time on my hands
) and its good to read

For those of you who don't know what OSINT is ...
OSINT stands for
Open
Source
INTelligence
It is used a lot in the cybersecurity world. OSINT
refers to any information that can legally be gathered from free, public sources about an individual or organization. In practice, that tends to mean information found on the internet, but technically any public information falls into the category of OSINT

Using OSINT in cybersecurity
When I'm doing a cybersecurity op I always start with target enumeration gathering as much info about the target that i can.
An example : lets you have been doing a cybersecurity op on a company's website you do a subdomian lookup (wether it be through a dns record lookup or fuzzing) you might find the domain mail.company.com (remember this) now you go surfing the main website and you find a list of employee's and there're company emails one of them is John Doe
Okay you open spiderfoot and search the name John Doe you find John Doe has there're own blog Bingo!
He gives hits birthday his pets name and his wife's name and birthday as well as his anniversary after you have all that info recorded using the knowledge that most people use passwords that have meaning to them we might be able to generate a word list (using a tool such as cup) that will give us some results in a brute force attack against mail.company.com

I hope this helps someone ( i love seeing people take there first steps into the world of cybersecurity)
Feel free to contact me privately via email with any questions
Or post them here

( also I might make a challenge (a little capture the flag) for you peeps out there reading this to test you OSINT, Cybersecurity and programming skills)

2 years ago
You are viewing a single comment. View All
1
systemctl
systemctl

@HyperGamerStuds
yea my site does not ask you to download anything also i took it down a while back as i needed the domain for something else the reason its saying that is because g00gle.ftp.sh might look like google.com to some people and google thinks it's a phishing site, it did not give you malware and at no point will i ever try to spread malware so if you are worried about your computer don't be

2 years ago