OSINT Opensource Intelligence

Google Dorks

intitle:cybersecurity filetyoe:pdf

site:.com filetype:pdf


The Harvester

The Harvester is a simple to use, yet powerful tool designed to be used during the reconnaissance stage of a red team assessment or penetration test.
It performs open source intelligence (OSINT) gathering to help determine a domain’s external threat landscape.

The tool gathers names, emails, IPs, subdomains, and URLs by using multiple public resources.




Maltego is a link analysis software used for open-source intelligence, forensics and other investigations, originally developed by Paterva from Pretoria, South Africa.

Maltego offers real-time data mining and information gathering, as well as the representation of this information on a node-based graph, making patterns and multiple order connections between said information easily identifiable.

In 2019, the team of Maltego Technologies headquartered in Munich, Germany took over responsibility for all global customer-facing operations, and in 2023 complete technology development and management.



Free for non-commercial or $1.000

Recon -NG


Recon in Metasploit [Python code]

Information gathering or reconnaissance (recon) is the most crucial and time-consuming phase in the penetration testing cycle.

Search DNS Zone.

By default on Kali Linux.


Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,docx,pptx,xlsx) belonging to a target company.

Metagoofil will perform a search in Google to identify and download the documents to local disk.




Search by image solutions for you

TinEye’s computer vision, image recognition and reverse image search products power applications that make your images searchable.


Plugin for: Chrome, Firefox, Edge, Safari


SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.

SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It’s written in Python 3 and MIT-licensed.



Searchcode is a free source code search engine.

Code snippets and open source (free software) repositories are indexed and searchable.


Wayback Machine

You can use the Wayback Machine in any web browser to view old versions of websites.

Although not all websites are archived by the Wayback Machine, it’s the most reliable way to see old versions of websites dating back to 1996!


Sherlock Project

Sherlock, a powerful command line tool provided by Sherlock Project, can be used to find usernames across many social networks.

It requires Python 3.6


Tools for searchoing email, phone, address

';--have i been pwned?

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.


Epieos, the ultimate OSINT tool

An OSINT search engine that allows you to perform reverse email search, find related google reviews, use Holehe online, and many other things.

Search email or phone.


Castrick - Find clues about anyone

An OSINT platform to discover valuable insights about anyone through reverse email, username, and phone number lookups, leaving no trace behind.


Can find a photo and a gravatar used with the email address.

Now use a reverse image search.


SignalHire – find email or phone number
SignalHire Extension is a great way to find email and phone numbers in a couple of clicks. Free extension for your needs. Available in Chrome and Firefox.
See if email is on LinkedIn.


Some More Cool Projects