Welcome to the OSINT Toolkit repository! This repository serves as a comprehensive catalog for tools and websites useful in Open Source Intelligence (OSINT) investigations. Whether you're a cybersecurity professional, a journalist, or just curious about information gathering, this toolkit provides resources to aid your endeavors.
- Digital Forensics and Security
- Discord OSINT Tools
- General Information Gathering
- Live Analysis on URLs and Files
- Open Source Intelligence
- URL Safety Checks
- Reporting Tools
- SINEWAVE's Tools
- Toolkit FAQ
- Steam Scam FAQ
- Discord Scam FAQ
Feel free to explore each category to discover various tools and websites relevant to your OSINT investigations.
Please refer to the individual sections below for detailed information on each category and the tools/sites included. If you're interested in contributing to this repository, please see the "Contributing" section at the end of this README.
Your contributions to this OSINT toolkit are highly appreciated! If you know of any valuable tools or websites that are not listed here, please feel free to contribute by submitting a pull request. Here's how you can contribute:
- Fork this repository.
- Add your tool/website to the appropriate category, providing a brief description and any relevant information.
- Ensure your additions follow the existing format.
- Create a pull request and explain your changes.
Thank you for helping to make this OSINT toolkit a valuable resource for the community!
- Thanks to Sanchita Chaurasia for the amazing work making the complete frontend overhaul, improving the site completely.
-
- A comprehensive image forensics tool offering a variety of features. It allows users to scrutinize and analyze digital images, making it valuable for detecting alterations or hidden details within images.
-
- Dehashed is a database checker that may require a subscription for full functionality. It assists in searching and analyzing databases, potentially revealing information about compromised or leaked data.
-
- Using this Telegram bot, users can input license plates, emails, passwords, or phone numbers to retrieve public information about individuals. It serves as a quick and accessible tool for obtaining information related to the provided data.
-
- This tool checks if an email has been compromised in a data breach. Additionally, it can accept and analyze passwords in clear text, providing users with insights into potential security risks associated with their email accounts.
-
- A repository of publicly available information obtained through Google dorks. It hosts a comprehensive list of search queries (dorks) that can be used to uncover specific data on the internet.
-
- Censys is a search engine designed for locating devices and networks on the internet. It enables users to search for specific criteria, such as device type, location, and operating system, providing valuable information for security assessments and vulnerability identification.
-
- This tool is useful for researching Facebook profiles by extracting information from Facebook comments. It assists in finding Facebook IDs, aiding in the identification and analysis of user profiles on the social media platform.
-
- An all-in-one toolbox designed for gathering information about servers, bots, and users on Discord. ToolsCord offers a comprehensive set of tools to assist users in exploring and analyzing Discord-related data, making it a versatile resource for server and user investigation.
-
- Discord Lookup is a primary tool for users seeking information on Discord. It provides a variety of tools for searching, decoding, and viewing user and server information. The platform offers a centralized hub for Discord-related investigations, streamlining the process for users looking to gather comprehensive data.
-
Unfurl by DFIR.Blog: Description: Unfurl is a tool specifically designed for extracting additional timestamp information from Discord-related URLs of interest. It focuses on Discord IDs, such as those for users, channels, servers, or file attachments. Unfurl can reveal embedded timestamps, aiding in understanding when a particular Discord object was created.
-
- Top.gg is a platform that, when navigated to with a user's ID (https://top.gg/user/), provides information about their profile. This includes details about bots and servers reviewed on Top.gg, Discord username, and other relevant information. Even after an account deletion, this information may be preserved if the user signed in to Top.gg using Discord.
-
- Snow Stamp is a snowflake timestamp converter designed for extracting date information from Discord's unique snowflake IDs. It is a valuable tool for understanding the timing of various Discord events, as each snowflake ID carries embedded timestamp data.
-
- DiscordLeaks is a platform that covers leaked messages from servers compromised in the past. It provides constant updates and focuses on servers associated with white supremacism and neo-nazis. DiscordLeaks can be used to uncover interesting facts about individuals, offering insights into their affiliations and activities within Discord communities.
-
Bellingcat's Online Investigation Toolkit:
- This online toolkit, curated by Bellingcat, provides resources for online investigations. It includes a variety of tools and techniques for researching and analyzing information on the internet.
-
- Hunter.io is a popular tool for finding email addresses using web crawlers. It assists users in discovering email addresses associated with a particular domain, making it valuable for outreach and contact purposes.
-
- Shodan is an internet-connected device search engine. It assists in finding specific devices based on various criteria, offering insights into potential vulnerabilities and aiding in targeted cyber assessments. Shodan provides both free and paid plans.
-
- IntelX is a large search engine for leaked databases. It enables users to search and access information from various data breaches, aiding in the identification and analysis of compromised data.
-
- Epieos is a platform for email and phone number searches. It assists users in retrieving information related to individuals based on their email addresses or phone numbers.
-
- A username searcher tool that allows users to search for a specific username across multiple platforms. It aids in identifying online profiles associated with a particular username.
-
- A multi-search tool that enables users to simultaneously search across multiple platforms and databases. It streamlines the process of gathering information from various sources.
-
- An AI-based face recognition tool that can analyze and identify faces in images. FaceCheck.ID provides a solution for facial recognition applications, potentially aiding in the verification or identification of individuals.
-
- GeoEstimation is a tool for estimating geographical locations based on provided data. It utilizes technology to determine the likely geographic origin of a given set of information.
-
- Insecam hosts a global camera database, allowing users to access publicly available camera feeds from around the world. It raises awareness about the importance of securing surveillance cameras and privacy.
-
Triage URL and File Analysis Dashboard:
- Triage provides a user-friendly URL and File Analysis Dashboard, empowering users to evaluate the security status of websites. By submitting a URL or uploading a file, users gain access to detailed information about potential threats. The dashboard includes historical data, associated risks, and insights that aid in identifying malicious online content.
-
- VirusTotal's File Scanner is a robust tool for analyzing the safety of files. Users can either upload a file or enter a web address for scanning by multiple antivirus engines. The platform generates a comprehensive report detailing potential malware, viruses, and security issues associated with the provided file or URL, offering valuable insights for security assessments.
-
- Hybrid Analysis is a comprehensive platform designed for analyzing and understanding the behavior of files and URLs. Users can submit URLs for thorough examination, gaining insights into potential threats, malware behavior, and overall security risks. The platform combines automated analysis with community-driven contributions to deliver detailed reports, enhancing users' ability to assess the security implications of the submitted URLs.
-
- Media Analyzer Pro offers advanced analysis tools for various media formats, including images, videos, and documents. Users can analyze media files for potential security threats, such as embedded malware or malicious code
-
- An email breach finder tool that helps users identify if their email accounts have been compromised. OSINTLeak provides insights into potential security risks associated with email addresses.
-
- A curated list of free open-source intelligence (OSINT) tools. OSINT Framework provides a comprehensive collection of resources, making it a valuable reference for individuals conducting online investigations.
-
- A collection of resources for open-source intelligence (OSINT) practitioners. OSINTDojo Resources offers valuable tools, guides, and references to enhance the effectiveness of online investigations.
-
- IntelX is a large search engine for leaked databases. It enables users to search and access information from various data breaches, aiding in the identification and analysis of compromised data.
-
- This tool allows users to view parts of breached email passwords and their hashes. It provides insights into compromised accounts, helping individuals assess the security of their email accounts.
-
- A hash decryptor tool that can decipher a significant percentage of hashes obtained from breached directories. It aids in revealing the original passwords associated with the hashed data.
-
- This platform allows users to explore websites where people are registered using their phone numbers and emails. It supports open-source intelligence (OSINT) gathering by providing information on user registrations across various online platforms.
-
- A tool that utilizes artificial intelligence for image location analysis. GeoSpy.AI assists in determining the geographical location of images, making it valuable for geospatial intelligence and investigation purposes.
-
- VirusTotal's URL Scanner enables users to assess the security status of URLs by scanning them with multiple antivirus engines. The platform provides a thorough analysis of submitted URLs, checking for potential malware, viruses, and other security issues. It offers a comprehensive report to aid users in understanding the safety of the provided web addresses.
-
- The IPVoid Screenshot Tool allows users to capture quick and convenient screenshots of websites. By entering the URL of the website, the tool generates visual snapshots of webpages. This feature aids in visual inspection and documentation of online content, providing a practical solution for users who need to capture and analyze webpage layouts.
-
- URLScan Search is a web service designed for investigating and analyzing URLs. Users can search for specific URLs or domains to access a wealth of information, including historical data and associated threats. This tool provides detailed insights, helping users comprehensively understand the background and potential risks associated with a given web address.
-
- Cloudflare Radar Scan is a service that offers insights into the security and performance of websites. By scanning a website, it assesses potential vulnerabilities, security issues, and performance metrics. The tool is valuable for website owners and administrators who want to proactively address concerns, ensuring a safer and more efficient online presence.
-
- PhishTank is a collaborative clearinghouse for data and information about phishing on the Internet. It provides a platform for users to report and verify phishing websites, helping to protect internet users from falling victim to phishing scams.
-
- buseIPDB is a free service that offers a database of IP addresses reported for malicious activity, such as hacking attempts, spamming, and other forms of abuse. Users can search for IP addresses to determine if they have been reported for suspicious behavior, helping to identify and block potential threats to network security.
-
- Sucuri SiteCheck is a comprehensive security scanner that analyzes websites for malware, blacklist status, website errors, and out-of-date software. Users can enter a URL to check its security status and receive detailed reports on any issues found.
7. Reporting Tools:
-
- The Discord Report Center provides users with a direct channel to report illegal activity from other users. This method bypasses the automated Right-Click > Report method. However, user feedback suggests that the effectiveness of this reporting system can be limited, with responses from Discord support being infrequent. Despite its accessibility, users may experience delays and may not receive timely resolutions to their reports. Please note that this information is based on user experiences and may be subject to change.
-
- Netcraft's Phishing Site Feed provides a platform for reporting suspected phishing websites. Users can submit URLs they believe to be phishing sites, contributing to a collective effort to identify and combat online phishing attacks.
-
- Phish.Report is a community-driven platform dedicated to reporting and analyzing phishing emails. Users can submit suspicious emails, allowing others to review and assess potential threats. By crowd sourcing information about phishing attempts, Phish.Report helps raise awareness and provides valuable insights into the tactics used by cybercriminals.
8. SINEWAVE's Tools:
-
- This serves as a curated JSON file containing lists of websites associated with malicious activities with a nice web interface that allows you to analyse the data. The list is compiled based on personal findings of the repository owner and are intended to help identify and mitigate threats posed by these sites.
-
- This repository contains a simple password generator application implemented in Python using the CustomTkinter library for the graphical user interface as a script or directly in your browser. The application allows users to generate up to random passwords with various customizable options.
-
- This Python script is designed to search for active Discord invites links by generating random invite IDs and checking their status. It utilizes the Discord API to verify whether an invitation is active or not and saves the results in JSON format.
-
- This repository contains a Python-based tool for analyzing URLs and detecting potential threats using various cybersecurity services like VirusTotal and URLScan.io. The tool combines the scan results with WHOIS information and provides a user-friendly interface to tweet the analysis findings or custom messages.
-
- This is a Discord bot that allows users to check detailed information about any IP address using the ip-api.com API. The bot provides information such as country, city, region, district, zip code, latitude, longitude, timezone, currency, ISP, organization, AS number, AS name, reverse DNS, mobile status, proxy status, and hosting status.
-
- This bot is your go-to tool for gathering and organizing information about Discord server members efficiently. Written entirely in Python and leveraging the power of Discord's Bot API along with the Google Sheets API, this bot offers versatility and ease of use across its three distinct modes: gsheets-mode, csv-mode, and combined-mode.
-
- This Discord bot, designed for personal and community use, enhances server security by scrutinizing links shared within Discord channels. It leverages the VirusTotal API, WHOIS lookups, and urlscan.io scans to provide comprehensive real-time analysis, helping maintain a safe online environment for members.
-
- This Python script provides a command-line interface for interacting with the Netcraft API. It allows users to perform various actions such as reporting malicious URLs, malicious emails, and incorrectly blocked URLs, as well as retrieving details about submitted reports.
-
- This repository houses a curated collection of DNS filter lists, accumulated over several years. These lists are designed to enhance network security and efficiency by blocking unwanted or harmful domains.
-
- This repository serves as an educational and research platform exploring the concept of creating a database to track and analyze Discord invite links. The project aims to assist in Open Source Intelligence (OSINT) investigations by providing tools to identify and study Discord servers, including potentially malicious ones.
-
Discord Honeypot System - CONCEPT
- The Discord Honeypot System is a sophisticated monitoring tool designed to enhance server security and moderation efficiency. Utilizing multiple Discord accounts, each running in dedicated Virtual Machines (VMs) or Docker containers, this Python-based system automates the surveillance of direct message (DM) activity. Its primary objective is to detect, capture, and relay suspicious or unwanted DM communications to a specific channel within a designated server for further action by the moderation team.
-
- This project is a Discord profile identity generator hosted on GitHub Pages. It enables users to create random Discord profiles with unique usernames, about me sections, nicknames, pronouns, and profile images with up to 100 quadrillion unique profiles.
9. Toolkit FAQ
- The Toolkit FAQ comprises a comprehensive collection of curated lists, each tailored to specific aspects of digital investigation, cybersecurity, and online threat mitigation. From digital forensics to open-source intelligence (OSINT) gathering, each list offers a wealth of resources and platforms aimed at empowering professionals in their efforts to ensure digital security and integrity. These lists encompass tools and services designed to streamline processes, enhance analysis, and facilitate reporting on various online threats. Whether it's investigating data breaches, analyzing URLs for potential threats, or managing security within Discord communities, the Toolkit FAQ provides a diverse range of solutions to address the evolving challenges of cybersecurity and digital investigations.
- The contents of this page can also be viewed in the Toolkit-FAQ.md file
10. Steam Scam FAQ
- The Steam FAQ offers a comprehensive guide aimed at equipping users with the knowledge and strategies necessary to safeguard against common scams and fraudulent activities encountered on the Steam platform. Covering topics ranging from confidence scams to trade scams, the FAQ provides users with valuable insights into the deceptive tactics employed by scammers and offers practical advice on how to identify and avoid falling victim to such schemes. With a focus on promoting skepticism, vigilance, and proactive reporting, the FAQ empowers Steam users to protect their accounts and belongings, contributing to a safer and more secure gaming environment for all.
- The contents of this page can also be viewed in the Steam-Scam-FAQ.md file
11. Discord Scam FAQ
- The Discord FAQ is a comprehensive guide aimed at informing users about prevalent scams and fraudulent activities encountered within the Discord community. Covering a wide array of topics such as impersonation, free Nitro scams, QR code and download scams, compromised accounts, and reporting malicious content/behavior, the FAQ equips users with essential knowledge and strategies to safeguard themselves against online threats. By promoting skepticism, vigilance, and proactive reporting, it fosters a safer and more secure environment for Discord users, enhancing trust and confidence within the platform's vibrant community.
- The contents of this page can also be viewed in the Discord-Scam-FAQ.md file
This repository is provided under the GLWTS Public License.
By utilizing the contents of this repository, you agree to abide by the terms of this license.