Share your repls and programming experiences

← Back to all posts
What is OSINT ? And one of the best OSINT tools
systemctl

PLEASE NOTE : i am not the creator of spiderfoot i just thought it was cool that i could run it on repl.it and wanted to share ( because I'm extremely lonely e-learning sucks) oh and ( I decided hey why not give a little lesson here since i have a lot of time on my hands
) and its good to read

For those of you who don't know what OSINT is ...
OSINT stands for
Open
Source
INTelligence
It is used a lot in the cybersecurity world. OSINT
refers to any information that can legally be gathered from free, public sources about an individual or organization. In practice, that tends to mean information found on the internet, but technically any public information falls into the category of OSINT

Using OSINT in cybersecurity
When I'm doing a cybersecurity op I always start with target enumeration gathering as much info about the target that i can.
An example : lets you have been doing a cybersecurity op on a company's website you do a subdomian lookup (wether it be through a dns record lookup or fuzzing) you might find the domain mail.company.com (remember this) now you go surfing the main website and you find a list of employee's and there're company emails one of them is John Doe
Okay you open spiderfoot and search the name John Doe you find John Doe has there're own blog Bingo!
He gives hits birthday his pets name and his wife's name and birthday as well as his anniversary after you have all that info recorded using the knowledge that most people use passwords that have meaning to them we might be able to generate a word list (using a tool such as cup) that will give us some results in a brute force attack against mail.company.com

I hope this helps someone ( i love seeing people take there first steps into the world of cybersecurity)
Feel free to contact me privately via email with any questions
Or post them here

( also I might make a challenge (a little capture the flag) for you peeps out there reading this to test you OSINT, Cybersecurity and programming skills)

Voters
sobakarooted
un1
FrankDixon
systemctl
Comments
hotnewtop
un1

this is really cool thanks so much for the information

systemctl

@un1 so glad you like it

[deleted]

bruh, one of ur posts gave me malware

systemctl
systemctl

@HyperGamerStuds in that case report my post but i'm pretty sure i've never gave anyone malware

[deleted]

one of your proxy/unblocker things @systemctl

systemctl

@HyperGamerStuds okay and how did it give you malware or more exactly how do you know it gave you malware

systemctl

@HyperGamerStuds actually if you want to contact me via discord systemd#2934 you can do so it will be easier to get to the bottom of this

[deleted]

google malware alert @systemctl

systemctl

@HyperGamerStuds okay well you should know google is not always right just because google says a website might be malware does not mean it is and you cannot just get malware from visiting a website usually you have to download and install something which non of my projects will ever require you to download something

[deleted]

systemctl

@HyperGamerStuds yea my site does not ask you to download anything also i took it down a while back as i needed the domain for something else the reason its saying that is because g00gle.ftp.sh might look like google.com to some people and google thinks it's a phishing site, it did not give you malware and at no point will i ever try to spread malware so if you are worried about your computer don't be

[deleted]

Well google won't even let me get to that site dude @systemctl

systemctl

@HyperGamerStuds well the sites not even online anymore so that's probably why i took it down a while back

systemctl

@systemctl if you need the proxy just fork the project into your account and press run