كنت بتصفح منتدى Dread على TOR ولقيت واحد مشير شوية osint resources حلوين

منقول من المستخدم donsoprano في d/hacking

Username / handle reuse – search same handle on other sites; record all matches in one sheet

→ usersearch[.]org (Cross-platform username search)

→ holehe (Email-based site registration check)

→ osint[.]rocks (Automated username search)

→ breachdirectory[.]org (Breached username check) 

Social graph signals > single posts – pull top 10 interactors and scan for repeated overlap

→ INSE Chrome Plugin (Extract Instagram interactor emails)

→ castrickclues[.]com (Map shared connections)

→ GHunt (Google account connections) 

Temporal & location patterns – log 10 most recent post times, compare to timezone map 

Metadata & secondary leaks – download file/photo, check EXIF or doc properties for names/emails

→ ExifTool (External EXIF extraction)

→ leakix[.]net (Public leak detection)

Common recurring keypoints 

Reuse of elements – see if matches appear elsewhere

→ dorksearch[.]com (Pattern-based Google dorking)

→ usersearch[.]org (Keyword-based username scan) 

Visual overlaps – match objects/backgrounds in photos, save side-by-side for reference

→ Google Images (External reverse image search)

→ TinEye (External duplicate image detection) 

Public records fill gaps – check local registry to confirm address; screenshot results with source date

→ thatsthem[.]com (Public records validation)

→ criminalip[.]io (Asset/risk correlation) 

Social media OSINT – essential questions

What other accounts are linked? – search email/phone in reverse lookup; note matches

→ epieos[.]com (Email/phone profile discovery)

→ holehe (Multi-platform account verification)

→ mailcat (Email analysis)

Who are the top interactors? – pull top 10 interactors and note overlaps in multiple posts

→ INSE Chrome Plugin (Instagram interaction analysis)

Which accounts are frequently co-tagged? – list all tagged accounts in last 20 posts and rank by frequency

Do mutual connections span same domains? – tag each mutual as work, school, or hobby; see dominant group

→ castrickclues[.]com (Connection domain clustering)

→ fullhunt[.]io (Domain connection mapping)

Are posts geotagged or show landmarks? – cross-check location tag with Google Maps Street View

→ Google Maps (External location verification)

→ FOFA (Geolocated asset mapping) 

Do timestamps show routines? – plot post times on a simple chart to find regular posting windows 



 Are there employment or education cues? – collect company names, logos, school crests from images

→ Hunter Domain Search (Company role verification)

→ netlas[.]io (Organization-based discovery) 

Do reverse-image searches find duplicates? – run top 5 profile pics through reverse image search, log matches

→ Google Images

→ Onyphe (Image metadata analysis)

→ ZoomEye (Device mapping) 

All:

breachdirectory[.]org – Check breached credentials

epieos[.]com – Email-based people search

usersearch[.]org – Username/email/phone search

thatsthem[.]com – People search by details

osint[.]rocks – OSINT automation and tools

skymem[.]com – Search email addresses

castrickclues[.]com – Social media correlation tool

chromewebstore[.]google[.]com/detail/inse-instagram-email-find/hboikjnbkhkjmllgdcflmbcojbpklcca – Instagram email extractor

github[.]com/megadose/holehe – Email registration checker

github[.]com/sharsil/mailcat – Email analysis tool

github[.]com/mxrch/GHunt – Google account OSINT

zoomeye[.]org – Cyberspace search engine

onyphe[.]io – Cyber threat intelligence

binaryedge[.]io – Threat intelligence platform

fofa[.]info – Asset mapping engine

leakix[.]net – Detect exposed information

criminalip[.]io – Cyber risk assessment

netlas[.]io – Internet-wide search

fullhunt[.]io – Attack surface monitoring

greynoise[.]io – Scan noise intelligence

dorksearch[.]com – Google dork tool

hunter[.]io – Email finder and verification

packetstormsecurity[.]com – Security tools and exploits

hunter[.]io/email-finder – Hunter Email Finder

hunter[.]io/email-verifier – Hunter Email Verifier

hunter[.]io/google-sheets – Hunter Sheets Add-on

linkedin[.]com – Professional networking platform

images[.]google[.]com – Reverse image search

tineye[.]com – Reverse image search

exiftool[.]org – EXIF data tool 

تعليقي عالموضوع:

طبعا ممكن تروح على osintframework.com او تحضر كورس osint لTCM security مثلا و لكن على tor بذات الناس بتبقى مجربة الحاجات وشغالة بيها فا بنسبالي احسنلي اني اعرف ايه المخترق الغير اخلاقي بيشتغل بيه منه هو شخصيا.

ان شاء الله اول ما كورس الMalware Development for ethical hackers ينزل هشير نقاشات عن الmalware development من على dread و نتعلم منها سوا.

انت ايه رأيك فالكلام دا؟