seela logo

TOP 10 best OSINT tools - Guide 2023

October 23, 2023

Reading time : 5 min

Contents

Whether you're a cybersecurity professional, an investigative journalist or simply a curious person, having access to the right OSINT tools is essential. In this article, we'll explore the TOP 10 OSINT tools, providing insights and recommendations that can improve your information-gathering capabilities.

๐Ÿ” Google Dorks, find more by searching less

Google Dorks are special queries you can use in the Google search engine to find specific information. They are essential for online information seekers.

For example, if you have special queries, you can search for all .pdf files containing the keyword "secret".

At your own risk, even if these requests are authorized, access to these resources may not be permitted.

โžก๏ธ Discover our complete guide to Google Dorks

๐Ÿš€ Sherlock, find anyone with a username

Sherlock is an OSINT tool specialized in searching for social network accounts using a username. It can be very useful for tracking individuals or investigating online profiles.

Simply enter a person's username, and the tool will bring up all the accounts associated with that username.ย 

Inevitably, several people may have the same username, so false positives may be generated. It's a fairly effective tool, but it needs to be coupled with others to ensure the veracity of the information obtained.

๐Ÿ“ฉ Holehe, find anyone by email

Same principle as Sherlock, but this time the tool is based on email rather than username! So it's bound to be much more reliable.

How does it work? Holehe will simply try to create an account with the email to see if it's already taken, or use the forgotten password request function. If the site gives no error, an account is associated with that email address. Clever!

๐Ÿ‘€ Shodan, the search engine for connected objects

Shodan is often referred to as the "search engine for hackers".

It scans the Internet for connected devices, providing valuable information on servers, webcams and more. A useful tool for identifying potential vulnerabilities.

It's on this engine that you'll find countless unsecured connected objects such as printers, cameras, servers... Which just goes to show why it's so important to configure all your tools properly to prevent them from ending up within everyone's reach.

๐ŸŒ theHarvester

theHarvester is a tool developed in Python. It is used to extract information from various public sources, including search engines such as Shodan and PGP key servers. Data collected includes e-mail addresses, subdomains, hosts, employee names, open ports and banners. The tool is mainly used for passive reconnaissance, enabling anyone to understand what an attacker might discover about an organization.

The name "theHarvester" in French literally means "the harvester", which perfectly reflects the tool's function: to harvest publicly accessible data from the Internet.

				
					# apt install git python3 
# cd /opt
# git clone https://github.com/laramies/theHarvester
# cd theHarvester 
# python3 -m pip install -r requirements/base.txt
# python3 theHarvester.py
*******************************************************************
*  _   _                                            _             *
* | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
* | __|  _ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
*  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
*                                                                 *
* theHarvester 3.2.2                                              *
* Coded by Christian Martorella                                   *
* Edge-Security Research                                          *
* cmartorella@edge-security.com                                   *
*                                                                 *
******************************************************************* 


usage: theHarvester.py [-h] -d DOMAIN [-l LIMIT] [-S START] [-g] [-p] [-s] [--screenshot SCREENSHOT] [-v] [-e DNS_SERVER] [-t DNS_TLD] [-r] [-n] [-c]
                       [-f FILENAME] [-b SOURCE]
theHarvester.py: error: the following arguments are required: -d/--domain
#
				
			

๐Ÿ“ธ PimEyes, a single photo to find anyone

PimEyes is OSINT's image search tool. It allows you to search the Internet for similar images or specific faces.ย 

Based on a photo, PimEyes is able to find all the other photos of this person on the Internet that are publicly available. Whether it's on social networks, on a company's website... everything is examined with a fine-tooth comb!ย 

If you value your privacy, you can of course ask this service to de-index your results.

โžก๏ธ Discover our complete guide to PimEyes

๐Ÿ“– WHOIS Lookup

The WHOIS Lookup service is an essential tool for open source inquiries (OSINT). It provides crucial information on domain names and IP addresses, including owner name, address, contact e-mail, creation and expiration date.

This makes it possible to verify the legitimacy of a website, investigate suspicious online activity and strengthen cybersecurity. WHOIS Lookup is a major asset for understanding and protecting online space.

๐Ÿ“š OSINT Framework, the bible of OSINT resources

OSINT Framework is an essential tool for Open Source Investigation (OSINT). It provides an interface that brings together various OSINT resources and tools in one place, simplifying online research.

Whether you're a security researcher, cybersecurity professional or intelligence enthusiast, OSINT Framework provides fast access to a multitude of data sources, including search engines, social networks, geolocation tools and much more.

This makes it a reference tool for conducting in-depth investigations, verifying online information and gathering vital intelligence. All in all, OSINT Framework is a valuable companion for exploring and analyzing the digital world.

These tools are generally legal for legitimate purposes, such as cybersecurity, research and investigation. However, always make sure you comply with relevant laws and ethical guidelines.

Although some tools are more user-friendly, having some technical knowledge can be beneficial for effective use. Fortunately, there are tutorials and resources to help you get started.

Using these OSINT tools involves privacy and ethical considerations. Always respect privacy and use these tools responsibly.

logo cyber training

Start your cybersecurity training!

Launch your career in cybersecurity and train for the job that fits you. Our online platform allows you to train at your own pace for a quick and efficient increase in skills.

100% online

Theory & Practice

Customized by level

Start your cybersecurity training

Training

Career

Cybersecurity

100% online

Breathe new life into your career with our cybersecurity training courses

Mail

information@seela.io