OSINT Tools for Security Auditing
Open Source Intelligence with python tools
The talk would aim about making an introduction to open source intelligence automation tools(OSINT) developed in Python, commenting the process we can follow to obtain, analyze and exploit public information in social networks and public servers.The final objective is obtain the maximum possible of knowledge in the context we are auditing.
The talking points could be:
-Introduction searching information from multiples sources with OSINT tools. -OSINT tools developed with python for extracting public information from servers and domains. -Advantages and limitations these tools from the user point of view. -Comment how these tools are developed and the main modules used in their development.
Some of the tools to comment are:
-Censys and Shodan Python API as search engine server information. -SpiderFoot and recon-ng as a tools for extracting information from multiple sources and automate the footprinting process. -the Harvester as Python script for extracting emails and hostnames in a particular domain. -Osrframework and Maltego OSINT visualisation tool -Libraries and modules for collecting information from Tor and ZeroNet networks -Tinfoleak and Tweepy as Python scripts for data extraction on twitter. -FullContact API for obtain social networks profiles associated with an email address.
|José Manuel Ortega|
- Github code repository
- Presentation for python conference
- Automating OSINT
- Shodan Developer API
- OSR framework
- WebApp Information gatherer
- OSINT Framework
- FullContact API
- OSINT guide
- Video recording (mp4)
- Video recording (WebM/VP8)
- Submit feedback