Oh brave new world!
OSINT Repos List, Repository with gathered from GitHub utilities for OSINT, Development and DevOps. The number of artifacts in the repository exceeded 2800: https://github.com/bormaxi8080/osint-repos-list
TV2's (https://www.linkedin.com/company/tv-2_2/) investigation into Russian property ownership in northern Norway is a reminder of what’s at stake — and what’s possible when investigative journalism is backed by the right tools: https://www.osint.industries/project/the-russian-cabins-tv2s-osint-breakthrough
Investigating War Crimes. Self-Care for Covering Traumatic Events: https://gijn.org/resource/reporters-guide-to-investigating-war-crimes-self-care-for-covering-traumatic-events/
Google vs. Fact-Checkers. Changes in the Search Engine That Will Affect Everyone: https://www.linkedin.com/pulse/google-vs-fact-checkers-changes-search-engine-affect-everyone-ozbse/?trackingId=Euj%2Flkd23k%2BLWEMXwJzYMQ%3D%3D
Spain OSINT Tools. Open Data, Company Registries / Business Info, Land & Property Records, Vehicle & Registration Info, Litigation & Regulatory, People Search & Personal Data, Procurement & Tenders:
UK Person OSINT Toolkit. Tools list by Matthew Beardwell. People search, company data, web footprint, contact information, geolocation, image search: https://github.com/mbeardwell/uk-personal-osint-toolkit
OSINT Tools, Services and Investigations:
Social Media Hacker List. This Github repository contains a large list of applications and tools to extend the standard features of social networks (alternative interface, displaying additional data, automation, etc.). Facebook, Instagram, Linkedin, Mastodon, Reddit and others: https://github.com/MobileFirstLLC/social-media-hacker-list
TheHive. A Scalable, Open Source and Free Security Incident Response Platform: https://github.com/TheHive-Project/TheHive
Detect Secrets. An enterprise friendly way of detecting and preventing secrets in code: https://github.com/Yelp/detect-secrets
IDCrawl. Search social media profiles by username. Instagram, Twitter, Facebook, YouTube etc (results with profile pics and additional data) + email addresses: https://www.idcrawl.com/username-search
Introduction to Mastodon for OSINT Practitioners. Mastodon servers, Running a Mastodon instance, Finding Mastodon instances: https://authentic8.com/blog/introduction-mastodon-osint-practitioners
Collecting OSINT on Discord. Discord’s architecture, Find unlisted Discord servers, Using Google dorks, Using the built-in search functionality of the Discord server, Investigating Discord users profiles: https://authentic8.com/blog/author/nihad-hassan
The Time Machine 3.0. Fetch URLs from Archive org, extract subdomains, find backup files, extract GET parameters from URLs. Extreme quickly. Fetch 100K+ urls in few seconds: https://github.com/anmolksachan/TheTimeMachine
Dumpor. A free, no-login Instagram viewer that allows easy access to public profiles and posts, valuable for social media investigations:
https://dumpor.io/
Go for Dorks.
Online generator of advanced search queries for Google, Bing, DuckDuckGo, LeaklX, Shodan, Refseek, Fofa, Yandex and other search engines.
Tool:
https://dorks.xen00rw.me/
Github repo: https://github.com/xen00rw/GoForDorks
Universal Search & AI:
MLX-Audio. A text-to-speech (TTS), speech-to-text (STT) and speech-to-speech (STS) library built on Apple's MLX framework, providing efficient speech analysis on Apple Silicon: https://github.com/Blaizzy/mlx-audio
MaxKB is an open-source platform for building enterprise-grade agents: https://github.com/1Panel-dev/MaxKB
Rivet. The open-source visual AI programming environment and TypeScript library: https://github.com/Ironclad/rivet
Software Development & APIs:
Paramiko is a pure-Python implementation of the SSHv2 protocol, providing both client and server functionality. It provides the foundation for the high-level SSH library [Fabric](
https://fabfile.org/
), which is what we recommend you use for common client use-cases such as running remote shell commands or transferring files: https://github.com/paramiko/paramiko
Linux & DevOps:
WrapGuard. Userspace WireGuard proxy for transparent network tunneling: https://github.com/puzed/wrapguard
oha is a tiny program that sends some load to a web application and show realtime tui: https://github.com/hatoo/oha
PWNAT. The only tool/technique to punch holes through firewalls/NATs where multiple clients & server can be behind separate NATs without any 3rd party involvement. Pwnat is a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, DNS, router admin requirements, STUN/TURN/UPnP/ICE, or spoofing: https://github.com/samyk/pwnat
Somo. A human-friendly alternative to netstat for socket and port monitoring on Linux and macOS: https://github.com/theopfr/somo
Flipper Zero & Other Devices:
WiFi/USB capable version of the famous BlackMagicProbe (or DapLink) debugger: https://github.com/flipperdevices/blackmagic-esp32-s2
New from CyberDetective:
VormWeb. Search engine for .onion domains. Not too many indexed sites, but there are Darkglossary definition hints: https://vormweb.de/en/
Leakix. A search engine for web services where common types of vulnerabilities have been found (As well as a community of researchers and an online tool for analyzing domain links): https://leakix.net/about
File Pursuit. Open Directory Search Engine. Search audio, video, archives, documents, mobile apps and other files. Browse list of IPs/domains with open directories:
https://filepursuit.com/
Archive org does not yet have full text search of saved copies of pages, except for collections (Telegram, Pastebin etc). But other web archives have such a feature. For example, Australian Troove (7,5B+ snapshots for .com domains + other domains): https://trove.nla.gov.au/search/
New from GitHub Community:
Sampled Maximal Marginal Relevance (SMMR) is a new method from scientists at T-Bank AI Research that allows up to 10% faster and more diverse formation of recommendations in online services. Instead of the same relevant object, SMMR uses a probabilistic sample from a limited number of candidates. According to the results of the study: the new method turned out to be 2-10 times faster than MMR and DPP and at the same time provided an increase in the diversity of recommendations by 5-10%: https://github.com/kliakhnovich/smmr
bormaxi8080 OSINT timeline:
GitHub: https://github.com/bormaxi8080/osint-timeline
You can see Systematized List of my GitHub Starred OSINT Repositories
You can contact me on SubStack:
If you like the projects that I do, I will be grateful for donations in private dialogue.
WARNING! All tools, programs and techniques published in this article and repository are used for informational, educational purposes or for information security purposes. The authors are not responsible for the activities that users of these tools and techniques may carry out, and urge them not to use them to carry out harmful or destructive activities directed against other users or groups on the Internet.