
1. Investigation
1.1. People
1.1.1. Phone number
1.1.1.1. truecaller.com
1.1.1.2. International
1.1.1.2.1. htts:/www.cellrevealer.com/
1.1.1.2.2. www.peoplefinder.com
1.1.1.2.3. https://www.truthfinder.com/reverse-phone-lookup/
1.1.1.2.4. www.thatsthem.com/reverse-phone-lookup
1.1.1.2.5. htts:/ww.thisnumber.com/
1.1.2. Username
1.1.2.1. whatsmyname.app
1.1.2.2. tellows.com.br
1.1.2.3. namechk.com
1.1.2.4. XXXXX REVERSE LOOKUP
1.1.2.5. Blackbird (script)
1.1.3. Email
1.1.3.1. dehashed.com (show password) paid subscription
1.1.3.2. snusbase.com
1.1.3.3. Avatarapi.com (email photo profile)
1.1.3.4. epieos.com (shows where email was registred and google data
1.1.3.5. ghunt.com
1.1.3.6. holehe.com
1.1.3.7. OSINT.ROCKS (ALL IN ONE)
1.1.3.8. Blackbird (script)
1.1.4. image
1.1.4.1. https://29a.ch/photo-forensics/#forensic-magnifier
1.1.4.2. httos://fotoforensics.com/
1.1.4.3. https://ww.metadata2go.com
1.1.4.4. https://ww.geocords.com/photo-location/
1.1.4.5. https://tool.geoimr.com
1.1.4.6. www.picarta.ai
1.1.4.7. https://ww.pic2nap.com
1.1.4.8. https://geospy.ai
1.1.5. Face
1.1.5.1. https://facecheck.id/
1.1.5.2. https://tineye.com/
1.1.5.3. https://pimeyes.com/pt
1.1.5.4. https://www.reverseimagesearch.org/
1.1.5.5. https://reverseimage.net/
1.1.6. name
1.1.6.1. spokeo.com
1.2. Company
1.2.1. Email
1.2.2. Domain
1.2.2.1. viewdns.info show domains registred by email or name
1.3. Take Down
1.3.1. Website
1.3.1.1. https://report.netcraft.com/s
1.3.1.2. https://safebrowsing.google.com/safebrowsing/report_phish/?hl=pt-br
1.3.1.3. Analysis
1.3.1.3.1. https://www.urlvoid.com/
1.3.1.3.2. https://www.urlvoid.com/
1.3.1.4. Whois
1.3.2. Profile
1.4. Websites
1.4.1. silentpush.com
2. Pentest
2.1. Steps
2.1.1. Server attack
2.1.1.1. Linux
2.1.1.1.1. Python version
2.1.1.1.2. Server version
2.1.1.1.3. Vulnerabilities
2.1.1.2. Windows
2.1.1.3. IoS
2.1.1.4. Steps
2.1.1.4.1. Shodan
2.1.2. WebApplication
2.1.2.1. On linux
2.1.2.1.1. Dirb
2.1.2.1.2. Nmap
2.1.2.1.3. WPScan
2.1.2.1.4. NIKTO (Enumeration)
2.1.2.1.5. gobuster
2.1.2.2. WordPress ?
2.1.2.2.1. Use WPScan
2.1.2.3. SQLMap
2.1.2.3.1. sqpmap -u IPADDR/php --dbs
2.1.2.4. gobuster
2.1.2.5. cURL
2.1.2.5.1. Check the server info
2.1.2.5.2. Login through cURL if possess user:passwd
2.1.2.6. Cookies
2.1.2.7. Guide
2.1.2.7.1. https://github.com/OWASP/wstg/tree/master/document/4-Web_Application_Security_Testing
2.1.2.8. Sublist3r