Unlock the full potential of your projects.
Exibir mapa completo

OSINT Framework | Reino Hacker

Tecnologia
hevox hevox

Framework para auxiliar em consultas OSINT. Desenvolvido pela equipe do Reino Hacker - www.reinohacker.com

Começar. É Gratuito
ou inscrever-se com seu endereço de e-mail
Mapas mentais semelhantes Esboço do mapa mental
OSINT Framework | Reino Hacker por Mind Map: OSINT Framework | Reino Hacker

1. Alvo

1.1. Pessoa Física

1.1.1. Informações

1.1.1.1. • Sobre

1.1.1.1.1. • NOME: • SEXO: • NASCIMENTO: • IDADE: • SIGNO: • NACIONALIDADE: • MUNICÍPIO DE NASCIMENTO: • ESCOLARIDADE: • ESTADO CIVIL: • SITUAÇÃO CADASTRAL: • ÓBITO:

1.1.1.2. • Telefones

1.1.1.3. • Documentos

1.1.1.3.1. • CPF: • PIS: • CNS: • SCORE:

1.1.1.4. • Endereços

1.1.1.5. • Familiares

1.1.1.5.1. https://www.familysearch.org/tree/overview

1.1.1.6. • Redes Sociais

1.1.1.7. • Fotos

1.1.1.8. • Veículo

1.2. Pessoa Jurífica

1.2.1. Informações

1.2.1.1. • Sócios

1.2.1.1.1. Informações

1.2.1.2. • Telefones

1.2.1.3. • Documentos

1.2.1.3.1. • CNPJ • Contrato Social • Inscrição Estadual • Inscrição Municipal • Nota Fiscal • Outros Documentos

1.2.1.4. • Endereços

1.2.1.5. • Sites/E-mails

1.2.1.6. • Redes Sociais

1.2.1.7. • Fotos

1.2.1.8. • Veículos

1.2.2. Conexões

1.2.2.1. • Funcionários

1.2.2.2. • Clientes

1.2.2.3. • Fornecedores

1.2.2.4. • Possíveis Laranjas

2. Username

2.1. https://github.com/GONZOsint/Namechk

2.2. https://github.com/WebBreacher/WhatsMyName

2.3. https://thatsthem.com/

2.4. https://namecheckup.com/

2.5. https://instantusername.com/

2.6. https://checkusernames.com

3. E-mails

3.1. Busca E-mails

3.1.1. https://hunter.io/

3.1.2. http://www.edge-security.com/theharvester.php

3.1.3. http://www.skymem.info/

3.2. Verificador de E-mail

3.2.1. https://www.mailboxvalidator.com/demo

3.3. Vazados

3.3.1. https://haveibeenpwned.com/

3.3.2. https://dehashed.com/

3.3.3. https://intelx.io/

4. Domínio

4.1. Análise Exploração Bruteforce Invasão

4.2. Ferramentas

4.2.1. Registro Whois

4.2.1.1. http://centralops.net/co/DomainDossier.aspx

4.2.1.2. https://whois.domaintools.com/

4.2.1.3. https://whoisology.com/#advanced

4.2.1.4. https://whois.arin.net/ui/advanced.jsp

4.2.1.5. https://www.robtex.com/

4.2.1.6. https://domaincrawler.com/

4.2.1.7. https://whois-webform.markmonitor.com/whois/

4.2.1.8. https://registro.br/tecnologia/ferramentas/whois/

4.2.1.9. https://domainhelp.com/

4.2.1.10. https://website.informer.com/

4.2.1.11. https://who.is/

4.2.1.12. https://viewdns.info/

4.2.2. Subdomínios

4.2.2.1. https://github.com/michenriksen/aquatone

4.2.2.2. https://github.com/lanmaster53/recon-ng

4.2.2.3. https://github.com/evilsocket/xray

4.2.2.4. https://github.com/darkoperator/dnsrecon

4.2.2.5. https://github.com/OJ/gobuster

4.2.2.6. https://github.com/davidpepper/fierce-domain-scanner

4.2.2.7. http://www.edge-security.com/theharvester.php

4.2.2.8. https://pentest-tools.com/information-gathering/find-subdomains-of-domain

4.2.2.9. https://github.com/danielmiessler/SecLists/tree/master/Discovery/DNS

4.2.2.10. https://github.com/infosec-au/altdns

4.2.3. Discovery

4.2.3.1. https://www.shodan.io/

4.2.3.2. https://github.com/Sw4mpf0x/Kraken

4.2.3.3. https://urlscan.io/search/

4.2.3.4. https://dailychanges.domaintools.com/

4.2.3.5. https://redirectdetective.com/

4.2.3.6. https://github.com/digininja/sitediff

4.2.3.7. https://analyzeid.com/

4.2.4. Proteção CloudFlare

4.2.4.1. https://github.com/m0rtem/CloudFail

4.2.5. Certificados

4.2.5.1. https://crt.sh

4.2.5.2. https://github.com/lanrat/certgraph

4.2.6. DNS Passive

4.2.6.1. https://securitytrails.com/

4.2.6.2. https://passivedns.mnemonic.no/

4.2.6.3. http://dnshistory.org/

4.2.6.4. https://dnsdumpster.com/

4.2.7. Sugestões domínios semelhantes

4.2.7.1. https://github.com/elceef/dnstwist

4.2.7.2. http://morningstarsecurity.com/research/urlcrazy

4.2.7.3. https://dnstwister.report/

4.2.8. Vulnerabilidades

4.2.8.1. Scan

4.2.8.1.1. https://github.com/1N3/Sn1per

4.2.8.2. https://github.com/danielmiessler/RobotsDisallowed

4.2.8.3. http://zone-h.org/archive?hz=1

4.2.9. Outras

4.2.9.1. https://portswigger.net/burp

4.2.9.2. https://github.com/RedSiege/EyeWitness

5. IP

5.1. Geolocation

5.1.1. https://github.com/ipverse/rir-ip

5.1.2. https://www.ip2location.com/demo/

5.1.3. https://www.ipfingerprints.com/

5.1.4. https://www.iplocation.net/

5.1.5. https://infosniper.net/

5.1.6. https://www.infobyip.com/

5.1.7. https://www.ipaddress.my/

5.1.8. https://www.liveipmap.com/

5.2. Host / Port Discovery

5.2.1. https://www.shodan.io/

5.2.2. https://www.zoomeye.org/

5.2.3. https://nmap.org/download.html

5.2.4. http://www.exfiltrated.com/querystart.php

5.2.5. https://urlscan.io/search/

5.2.6. https://github.com/vesche/scanless

5.2.7. https://github.com/robertdavidgraham/masscan

5.3. Proteção CloudFlare

5.3.1. https://github.com/m0rtem/CloudFail

5.4. Análise de Redes

5.4.1. https://www.wireshark.org/download.html

5.4.2. https://www.netresec.com/?page=Networkminer

5.4.3. https://lab.dynamite.ai/

5.5. Captura de IPs

5.5.1. https://iplogger.org/pt/

5.5.2. https://ki.tc/

5.5.3. https://grabify.link/

6. Images / Videos / Docs

6.1. Metadados

6.2. Analise

6.3. Localização

6.4. Código ZIP

6.5. CEP

6.6. Referencias

7. Redes Sociais

7.1. Socket puppet

7.1.1. Monitoramento

7.1.1.1. • Status • Publicações • Fotos • Curtidas • Seguidores • Seguindo • Biografia • Links

7.1.2. Interação

7.1.2.1. • Curtidas • Comentarios • Idéias

7.1.2.1.1. Ganho de confiança

7.2. Ferramentas

7.2.1. Facebook

7.2.1.1. https://lookup-id.com/

7.2.1.2. https://github.com/sqren/fb-sleep-stats

7.2.1.3. https://github.com/mrpnkt/ExtractFace

7.2.2. Twitter

7.2.2.1. https://github.com/paulgb/Treeverse

7.2.2.2. https://tinfoleak.com/

7.2.2.3. https://github.com/digitalmethodsinitiative/dmi-tcat

7.2.2.4. https://github.com/twintproject/twint

7.2.2.5. https://socialbearing.com/

7.2.2.6. http://geosocialfootprint.com/

7.2.3. LinkedIn

7.2.3.1. https://github.com/vysecurity/LinkedInt

7.2.3.2. https://github.com/dchrastil/ScrapedIn

7.2.3.3. https://github.com/gojhonny/InSpy

8. Engenharia Social

8.1. • Phishing • Relacionamento (fingir ser outra pessoa, se passar por suporte) • Engenharia Social Reversa (fazer a pessoa entrar em contato)

9. Skype

9.1. http://www.skypeipresolver.net/index.php

9.2. https://mostwantedhf.info/index.php

10. Geolocalização / Maps

10.1. Ferramentas

10.1.1. http://suncalc.net/#/51.508,-0.125,2/2023.10.17/23:13

10.2. Coordenadas

10.2.1. https://dominoc925-pages.appspot.com/mapplets/cs_mgrs.html

10.3. https://www.google.com/maps/

10.4. https://www.bing.com/maps/

10.5. http://data.mashedworld.com/dualmaps/map.htm

11. Registros de Empresa

11.1. https://opencorporates.com/

12. Consulta Veícular

12.1. https://buscaplacas.com.br/

12.2. https://brabocar.com.br

12.3. https://www.olhonocarro.com.br

12.4. https://carpivara.com.br/

13. Arquivos | Históricos Cache | Exposed

13.1. Web

13.1.1. https://archive.org/web/

13.1.2. https://archive.is/

13.1.3. https://webcitation.org/query

13.1.4. http://cachedview.com/

13.1.5. http://www.cachedpages.com/

13.2. Vazamento de Dados

13.2.1. https://wikileaks.org/

13.2.2. https://cryptome.org/

13.2.3. https://haveibeenpwned.com/

14. Buscadores

14.1. Geral

14.1.1. https://www.google.com/

14.1.1.1. https://www.google.com/advanced_search

14.1.2. https://www.bing.com/

14.1.3. https://duckduckgo.com/

14.1.4. https://search.yahoo.com/web/advanced

14.1.5. https://www.startpage.com/

14.1.6. https://yandex.com/

14.1.7. http://www.baidu.com/

14.1.8. https://www.izito.com/

14.1.9. http://bvsg.org/

14.1.10. https://biznar.com/

14.2. Meta

14.2.1. https://biznar.com/biznar/desktop/en/search.html

14.2.2. https://www.etools.ch/

14.3. Códigos

14.3.1. https://about.gitlab.com/

14.3.2. https://github.com/

14.3.3. https://github.com/techgaun/github-dorks

14.3.4. https://github.com/michenriksen/gitrob

14.3.5. https://www.nerdydata.com/reports/new

14.3.6. https://searchcode.com/

14.3.7. https://publicwww.com/

14.4. FTP

14.4.1. https://www.searchftps.net/

14.4.2. https://www.google.com/search?q=inurl%3Aftp+-inurl%3Ahttp+-inurl%3Ahttps+ftpsearchterm

14.5. Monitor Web ou Pesquisas Programadas

14.5.1. https://www.google.com/alerts?hl=pt-BR&tab=33

14.5.2. https://programmablesearchengine.google.com/about/

14.5.3. https://github.com/opsdisk/pagodo

14.5.4. https://github.com/googleinurl/SCANNER-INURLBR

14.6. Guias de Buscadores

14.6.1. https://www.exploit-db.com/google-hacking-database

14.6.2. https://www.googleguide.com/advanced_operators_reference.html

14.6.3. https://www.googleguide.com/help/calculator.html

15. Metadata

15.1. https://exiftool.org/

15.2. http://www.edge-security.com/metagoofil.php

16. Virtualização

16.1. Emuladores Android

16.1.1. https://www.genymotion.com/

16.1.2. https://www.bluestacks.com/pt-br/index.html

16.1.3. https://www.andyroid.net/

16.1.4. https://www.bignox.com/

16.2. Máquinas Virtuais

16.2.1. https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html

16.2.2. https://www.vmware.com/br/products/esxi-and-esx.html

16.2.3. https://www.virtualbox.org/

16.2.4. https://www.proxmox.com/

16.2.5. https://learn.microsoft.com/pt-br/virtualization/hyper-v-on-windows/about/

17. Deep / Dark Web

17.1. Informações Gerais

17.1.1. https://www.reddit.com/r/deepweb/

17.1.2. https://www.reddit.com/r/onions/

17.1.3. https://www.reddit.com/r/darknet/

17.2. Discovery

17.2.1. https://github.com/s-rah/onionscan

17.2.2. https://github.com/DedSecInside/TorBot

17.2.3. https://github.com/k4m4/onioff

17.2.4. https://www.hunch.ly/darkweb-osint/

17.2.5. https://github.com/milesrichardson/docker-onion-nmap

17.3. Buscadores

17.3.1. https://ahmia.fi/

17.3.2. http://darkfailllnkf4vf.onion/

17.3.3. http://tor66sezptuu2nta.onion/

17.3.4. http://hss3uro2hsxfogfq.onion/

17.3.5. http://gjobqjj7wyczbqie.onion/

17.4. Diretórios / Wikis

17.4.1. http://eqt5g4fuenphqinx.onion/

17.4.2. http://thehiddenwiki.org/

18. Ferramentas OSINT

18.1. https://github.com/blindfuzzy/LHF

18.2. https://www.maltego.com/

18.3. https://github.com/overview/overview-local

18.4. https://github.com/datasploit/datasploit/

18.5. https://intel471.com/solutions/attack-surface-protection

18.6. https://www.threatpipes.com/

18.7. https://github.com/InQuest/omnibus

18.8. https://github.com/s0md3v/Photon

18.9. https://github.com/s0md3v/ReconDog

18.10. https://ifttt.com/

18.11. https://www.mandiant.com/

18.12. https://github.com/i3visio/osrframework

18.13. https://github.com/penafieljlm/inquisitor

18.14. https://github.com/bharshbarger/AutOSINT

18.15. https://github.com/NullArray/IntRec-Pack

18.16. https://github.com/SharadKumar97/OSINT-SPY

18.17. https://github.com/sundowndev/PhoneInfoga

19. Análise de Arquivos Maliciosos

19.1. Buscadores

19.1.1. http://decalage.info/en/mwsearch#gsc.tab=0

19.1.2. https://virusshare.com/

19.1.3. https://hash.cymru.com/

19.1.4. http://vxvault.net/ViriList.php

19.1.5. https://id-ransomware.malwarehunterteam.com/

19.1.6. https://www.hashsets.com/

19.2. Análise Automática Online

19.2.1. Arquivos Office

19.2.1.1. https://www.joesandbox.com/#windows

19.2.2. https://www.virustotal.com/gui/home/upload

19.2.3. https://www.hybrid-analysis.com/

19.2.4. https://app.any.run/

19.2.5. https://koodous.com/

19.2.6. https://www.joesandbox.com/#windows

19.2.7. https://sandbox.pikker.ee/

19.2.8. https://www.malware-traffic-analysis.net/index.html

19.3. Ferramentas

19.3.1. Encoder / Decoder

19.3.1.1. Código de Barras | QR Code

19.3.1.1.1. https://online-barcode-reader.inliteresearch.com/

19.3.1.2. JavaScript

19.3.1.2.1. https://beautifier.io/

19.3.1.2.2. http://jsnice.org/

19.3.1.2.3. https://getfirebug.com/index.html

19.3.1.3. PHP

19.3.1.3.1. http://ddecode.com/phpdecoder/

19.3.1.4. XOR

19.3.1.4.1. UNIX

19.3.1.4.2. Windows

19.3.1.4.3. Python

19.3.2. Debuggers/Decompilers

19.3.2.1. https://angr.io/

19.3.2.2. http://www.backerstreet.com/rec/rec.htm

19.3.2.3. https://github.com/gdabah/distorm

19.3.2.4. https://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/Decompiler.shtml

19.3.2.5. http://www.capstone-engine.org/

19.3.2.6. https://github.com/NationalSecurityAgency/ghidra

19.3.2.7. https://www.hopperapp.com/

19.3.2.8. https://x64dbg.com/

19.3.2.9. http://www.immunityinc.com/products/debugger/

19.3.2.10. http://www.heaventools.com/PE_Explorer_disassembler.htm

19.3.2.11. https://www.radare.org/r/

19.3.3. Android

19.3.3.1. Análise Dinâmica

19.3.3.1.1. https://github.com/MobSF/Mobile-Security-Framework-MobSF

19.3.3.1.2. https://github.com/sh4hin/Androl4b

19.3.3.1.3. https://github.com/pjlantz/droidbox

19.3.3.1.4. https://github.com/maldroid/maldrolyzer

19.3.3.2. Análise Estática

19.3.3.2.1. https://www.pnfsoftware.com/

19.3.3.2.2. https://github.com/maaaaz/androwarn/

19.3.3.2.3. https://github.com/sonyxperiadev/ApkAnalyser

19.3.3.2.4. https://github.com/honeynet/apkinspector/

19.3.3.3. Outras

19.3.3.3.1. https://www.android-x86.org/

19.3.3.3.2. https://apktool.org/

19.3.3.3.3. https://github.com/androguard/androguard

19.3.4. Extratores/Recuperadores de Dados

19.3.4.1. https://github.com/sleuthkit/scalpel

19.3.4.2. https://foremost.sourceforge.net/

19.3.4.3. https://github.com/simsong/bulk_extractor

19.3.4.4. https://github.com/williballenthin/EVTXtract

19.3.5. Análise de Memória

19.3.5.1. https://github.com/kevthehermit/VolUtility

19.3.5.2. https://github.com/volatilityfoundation/volatility

19.3.5.3. https://github.com/JamesHabben/evolve

19.3.5.4. https://github.com/504ensicsLabs/DAMM

19.3.6. Ferramentas Essenciais Análise de Malware

19.3.6.1. https://x64dbg.com/#start

19.3.6.2. https://www.winitor.com/

19.3.6.3. https://hexinator.com/

19.3.6.4. https://processhacker.sourceforge.io/

19.3.6.5. https://learn.microsoft.com/pt-br/sysinternals/downloads/sysinternals-suite

19.3.7. Amostras de Malwares

19.3.7.1. http://dasmalwerk.eu/

19.3.7.2. https://contagiodump.blogspot.com/

19.3.7.3. http://www.tekdefense.com/downloads/malware-samples/

19.3.7.4. https://thezoo.morirt.com/

19.3.7.5. Android

19.3.7.5.1. https://github.com/ashishb/android-malware

20. Senhas Padrão de Dispositivos

20.1. https://cirt.net/passwords

20.2. https://default-password.info/

20.3. http://www.fortypoundhead.com/tools_dpw.asp

20.4. https://www.routerpasswords.com/

20.5. https://open-sez.me/

21. Registro de Explorações/Vulnerabilidades

21.1. https://attack.mitre.org/

21.2. https://cve.mitre.org/

21.3. https://www.exploit-db.com/

21.4. https://packetstormsecurity.com/

21.5. https://nvd.nist.gov/

21.6. https://www.cvedetails.com/

21.7. https://owasp.org/

21.8. https://0day.today/

21.9. https://community.flexera.com/t5/Secunia-Advisories/ct-p/advisories?referrer=secunia

21.10. https://www.cyber.gc.ca/en

21.11. https://www.cisa.gov/known-exploited-vulnerabilities-catalog

22. Detecção de Ameaças

22.1. Phishing

22.1.1. https://www.phishtank.com/

22.2. Ferramentas IOC

22.2.1. https://github.com/sroberts/jager

22.2.2. https://github.com/armbues/ioc_parser

22.2.3. https://github.com/sroberts/cacador

22.2.4. https://github.com/NullArray/Mimir

22.2.5. https://github.com/InQuest/iocextract

22.2.6. https://github.com/InQuest/ThreatIngestor

22.3. Táticas, Técnicas e Procedimentos (TTPs)

22.3.1. https://attack.mitre.org/

22.3.2. https://book.hacktricks.xyz/welcome/readme

23. OpSec

23.1. Criação Persona

23.1.1. Gerador de Identidade

23.1.1.1. Gera Identidade

23.1.1.1.1. https://www.fakenamegenerator.com/

23.1.1.2. Várias Ferramentas

23.1.1.2.1. https://www.4devs.com.br/

23.1.2. Fotos

23.1.2.1. Gerador de Fotos por IA

23.1.2.1.1. https://this-person-does-not-exist.com/

23.1.2.1.2. https://generated.photos/face-generator

23.1.2.1.3. https://generated.photos/faces

23.1.2.1.4. https://generated.photos/anonymizer

23.1.2.1.5. https://openai.com/dall-e-2

23.1.2.2. Fotos Diversas

23.1.2.2.1. https://www.pexels.com/pt-br/

23.2. Anonimato

23.2.1. Tor

23.2.1.1. https://www.torproject.org/download/

23.2.1.2. https://geti2p.net/en/

23.2.1.3. https://tails.net/

23.2.2. VPNs

23.2.2.1. https://protonvpn.com

23.2.2.2. https://www.expressvpn.com

23.2.2.3. https://safe.cyberghostvpn.com

23.2.2.4. https://nordvpn.com

23.2.2.5. https://torguard.net/

23.2.3. Spoof User-Agent

23.2.3.1. https://www.useragentstring.com/pages/useragentstring.php

23.2.3.2. https://www.whatismybrowser.com

23.2.4. Testes de VPN

23.2.4.1. https://ipleak.net/

23.2.4.2. https://www.dnsleaktest.com/

23.2.4.3. https://dnsleak.com/

23.2.4.4. https://emailipleak.com/

23.2.4.5. https://www.perfect-privacy.com/en/tests/check-ip

23.2.4.6. https://www.perfect-privacy.com/en/tests/webrtc-leaktest

23.2.4.7. https://www.tracemyip.org/

23.2.5. Testes de Browser

23.2.5.1. https://www.w3schools.com/browsers/default.asp

23.2.5.2. https://www.whatsmybrowser.org/

23.2.5.3. http://www.whatbrowseramiusing.co/

23.2.5.4. https://browserspy.dk/

23.2.5.5. https://coveryourtracks.eff.org/

23.2.6. Testes de Proxy

23.2.6.1. https://proxycheck.haschek.at/

23.2.6.2. https://www.ip2proxy.com/

23.2.6.3. https://hidemy.io/en/proxy-checker/

23.2.7. Outras Ferramentas

23.2.7.1. https://github.com/amq/firefox-debloat

23.2.7.2. https://noscript.net/

23.2.7.3. https://browserleaks.com/

23.2.7.4. https://browserspy.dk/

23.2.7.5. https://www.locabrowser.com/

23.3. Privacidade | Limpeza

23.3.1. https://www.privacytools.io/

23.4. Camufladores de Link

23.4.1. https://www.urlshort.dev/

23.4.2. https://rebrandly.com/

23.4.3. https://project-seo.net/ru/shortlinks/

23.4.4. https://clck.ru/

23.4.5. https://goo.su/

23.4.6. https://u.to/