Open Source OSINT Tools - Page 5

Mantis is an open source security framework designed to automate the workflow of asset discovery, reconnaissance, and vulnerability scanning for organizations and security teams. Mantis operates through a command line interface and accepts targets such as top level domains, IP addresses, or network ranges as input. From these inputs, it automatically discovers associated digital assets including subdomains and SSL certificates, allowing users to map the attack surface of a system. After discovery, the framework performs reconnaissance on active assets to gather technical information such as open ports, technologies, network details, and hosting infrastructure. Mantis then conducts security scans to identify vulnerabilities, exposed secrets, configuration weaknesses, and potentially malicious phishing domains. It integrates both open source and custom security tools to automate multiple phases of a security assessment in a single workflow.

Maryam is an open source intelligence (OSINT) framework designed to automate the process of gathering and analyzing publicly available information from the internet. It provides a modular environment that enables users to collect data from search engines, open data sources, and various online services for reconnaissance and investigative purposes. Written in Python, Maryam is built to provide a flexible and extensible framework for harvesting information quickly and efficiently from open sources. Maryam helps security researchers and analysts streamline routine data-gathering tasks that typically involve searching multiple sources such as Google, Bing, or other online platforms. Maryam organizes its functionality into several modules that focus on different aspects of intelligence gathering, including footprint analysis, OSINT data extraction, and general search operations.

NEW PROJECT PAGE: https://sourceforge.net/projects/oryon-osint-browser/ Oryon C Portable is a web browser designed to assist researchers in conducting Open Source Intelligence investigations. Oryon comes with dozens of pre-installed tools and a select set of links cataloged by category – including those that can be found in the OI Shared Resources. ▪ Based on SRWare Iron version 31.0.1700.0 (Chromium) ▪ More than 70 pre-installed tools to support investigators in their everyday work ▪ More than 600 links to specialized sources of information and online investigative tools ▪ Additional privacy protection features ▪ A ready to use opml file containing a sorted collection of information sources in the fields such as: OSINT, Intelligence, online research, InfoSec, defense, and more.

Social Media Downloader for Open Source Intelligence purpos. Supportes so far: Facebook Instagram Twitter

TIDoS-Framework is an open source web application penetration testing framework designed to assist security researchers and ethical hackers in identifying vulnerabilities in web systems. It provides a comprehensive environment for performing multiple phases of security assessment, including reconnaissance, scanning, enumeration, vulnerability analysis, and exploitation. Its modular architecture contains more than one hundred modules organized into several testing phases, allowing users to automate or manually run different security checks against a target application. The framework includes both graphical and command-line interfaces, enabling flexible interaction depending on the user’s workflow and preferred interface. A console interface inspired by tools like Metasploit allows testers to execute modules, manage targets, and perform operations efficiently. TIDoS is implemented in Python and supports multiprocessing to speed up scanning and testing operations.

Xteam is a command-line security toolkit designed to provide multiple penetration testing and information-gathering utilities in a single interface. It combines several modules and external tools to help users perform security research tasks related to mobile devices, wireless networks, and online services. It acts as a centralized launcher that integrates scripts and third-party tools, allowing users to access different testing functions through a menu-based command line workflow. Xteam includes features such as Instagram information gathering, phishing utilities, wireless attack tools, and Android security testing capabilities. Xteam’s architecture uses a main bash script that serves as the hub for running internal modules or downloading and executing external projects when needed. It can operate on Linux systems as well as Android devices using Termux, making it accessible in both desktop and mobile environments.

GasMasK is an open source OSINT (Open Source Intelligence) tool designed to perform reconnaissance and information gathering on domains and online targets. It is implemented as a Python-based command-line utility that collects data from numerous publicly available sources across the internet. It aggregates intelligence such as domain details, email addresses, hostnames, and subdomains by querying search engines, DNS records, certificate transparency logs, and security databases. GasMasK integrates with a wide range of platforms and services including search engines, social media platforms, and security APIs to retrieve relevant information about a target. These sources include services like Shodan, Censys, Netcraft, VirusTotal, GitHub, and various DNS-related services, allowing investigators to build a comprehensive profile of a domain or organization. GasMasK is commonly used by penetration testers, red teams, and security researchers who need to collect reconnaissance data.

reconFTW is an open source automated reconnaissance framework created for security researchers, penetration testers, and bug bounty hunters. The tool streamlines the reconnaissance phase of security assessments by orchestrating numerous specialized tools to gather intelligence about a target domain. It performs multiple discovery and analysis tasks such as subdomain enumeration, OSINT collection, and vulnerability scanning in an automated workflow. The framework integrates many external security utilities and coordinates them to produce comprehensive reconnaissance results efficiently. Its modular design allows users to customize the process, enabling or disabling modules and adjusting settings according to their needs. reconFTW also provides configuration options for API keys, execution preferences, and tool paths through a dedicated configuration file. By automating complex recon tasks and combining outputs from many tools, it helps researchers quickly identify potential attacks.

(OSINT) Open-Source intelligence tracking and analysis tool. - Disclaimer: This tool is experimental in its Alpha phase. It's developed and published as a small building block of a master's thesis research. So use it for educational purposes only and at your own discretion, the author cannot be held responsible for any damages caused.

Oryon OSINT Browser is a web browser designed to assist researchers in conducting Open Source Intelligence (OSINT) investigations. Oryon comes with dozens of pre-installed tools and a selected set of links cataloged by category. To safely use all Oryon Browser options, it is recommended that you take the following steps: 1. Check your browser privacy settings. Reset all settings if necessary or make the necessary changes. 2. Disable browsing history (extension: History On / Off) 3. Enable free proxy (extension: Hotspot Shield Free VPN Proxy) 4. Create a dedicated gmail account 5. Create dedicated accounts on Facebook and Twitter 6. Take a look at the collection of links 7. Check out the Oryon Tools bookmarklet 8. Check installed add-ons (extensions: Context, Extension Manager) 9. Save a copy of the QueryTool spreadsheet on your GoogleDrive and check its performance with your cases 10. Log in to the MIIS YouTube channel and watch practical video tutorials.