Data Gathering Resources

Today, I’m going to share a few “Information Gathering” resources I use as my daily driver to obtain specific data on various subjects. This could include domain information, pDNS, whois, category of services, owner, etc. As always this isn’t a conclusive list and may others exists in this space. All of these tools run natively on OSX with Homebrew and the necessary dependencies.

Tool Purpose
machinae Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data including IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints
aws-bucket-dump AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot
domain_analyzer Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way
lans Automatically find the most active WLAN users then spy on one of them
just-metadata Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.
shodan-cli Command Line Shodan client
theHarvester The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public source
ReconNG Recon-ng is a full-featured Web Reconnaissance framework written in Python

In addition to above, if your looking for a webUI or graphical interface, these portals below are a close representation of results.

Threat Crowd
IBM X-Force Exchange
AlienVault - Open Threat Exchange
CriticalStack Intel

If none of these sites or tools work for what your trying to accomplish, you can always visit Awesome Threat Intelligence, CyberWareZone - Tool List, or HolisticInfoSec for a pretty exhaustive list of resources.

comments powered by Disqus