PenTestIT RSS Feed
All of you must be well versed with the term OSINT and it's meaning. Wikipedia defines OSINT as the data collected from publicly available sources to be used in an intelligence context. There are multiple sources and tools which help you find this information. A good example is Google dorks. However, all of these tools and information is spread across a myriad landscape. This is why people thought of having these pre-installed on operating systems for OSINT. This post is an attempt at creating a List of Free Operating Systems for Open-Source Intelligence (OSINT). As usual, let me know if I have missed any.
List of operating systems for OSINT:
- Kali Linux: Yes, I know what you are saying. How possibly can the defacto standard for penetration testing distributions be in a list of operating systems for OSINT? The fact remains that the first step in any engagement is discovering more about your target. As per the page here, following tools that can be used for OSINT are included in the latest version: acccheck, ace-voip, Amap, APT2, arp-scan, Automater, bing-ip2hosts, braa, CaseFile, CDPSnarf, cisco-torch, Cookie Cadger, copy-router-config, DMitry, dnmap, dnsenum, dnsmap, DNSRecon, dnstracer, nswalk, DotDotPwn, enum4linux, enumIAX, EyeWitness, Faraday, Fierce, Firewalk, fragroute, fragrouter, Ghost Phisher, GoLismero, goofile, hping3, ident-user-enum, InSpy, InTrace, iSMTP, lbd, Maltego eeth, masscan, Metagoofil, Miranda, nbtscan-unixwiz, Nikto, Nmap, ntop, OSRFramework, p0f, Parsero, Recon-ng, SET, SMBMap, smtp-user-enum, snmp-check, SPARTA, sslcaudit, SSLsplit, sslstrip, SSLyze, ublist3r, THC-IPV6, theHarvester, TLSSLed, twofi, Unicornscan, URLCrazy, Wireshark, WOL-E, Xplico. More are being added with every release. You know where to go if you want to download Kali.
- Buscador: Interestingly, Buscador is Spanish for "seeker". Rightly so, it is a Linux Virtual Machine that is pre-configured for online investigators. It has tools such as _Custom Firefox Install and Add-Ons, Custom Chrome Install and Extensions, Tor Browser, Custom Video Manipulation Utilities, Custom Video Download Utility, Recon-NG, Maltego, Creepy, Metagoofil, MediaInfo, ExifTool, Spiderfoot, Google Earth Pro, Metadata Anylisation Toolkit, EyeWitness, EmailHarvester, theHarvester, HTTrack Cloner, Aquatone, Knock Pages, Sublist3r, Twitter Exporter, Tinfoleak , InstaLooter, BleachBit, VeraCrypt, KeePassXC, LibreOffice, VLC, PDF Viewer. _At Buscador version 1.2, this is one of the most stable operating systems for OSINT. You can download Buscador version 1.2 as an ISO image or a VMWare/VirtualBox .ova file here.
- Huron: Huron or Ferret in Spanish is one of a more recent entrant in this space. Huron is a 64-Bit Debian based operating system that has tools like OSRFramework, Trape, Knock, theHarvester, Infoga, EyeWitness, Metagoofil, OperativeFramework, Tinfoleak, Instalooter, OsintFramework (hosted on a local webserver running on port 8000), Dmitry, Exiftool, Recon-ng, DataSploit, Spiderfoot, MAT, httrack, Maltego (M4-CE), Creepy, browsers with extensions pre-installed, among others. If your Spanish is not as good, you will want to change the default language to one of your choice. Oh yeah, the default password for Huron is osint:osint. Though this project is listed on GitHub, the download is linked to Mega. Get the Huron 1.0 Virtual Box image here.
- OSINTUX: This is a ElementaryOS based distribution is intended for intelligence work in open sources (OSINT). It is in Spanish (again!?) and can work as a LiveCD or be installed to a USB
drive. The list of tools included in OSINTUX is Belati v.0.2.4.1, Creepy v1.4, Crunchbase, Datasploit for OSINT, Dmitry (Deepmagic information gathering tool), Exiftool v11.03, Google Hacking Database, Infoga - Email Information Gathering vM4110k, GeoIP, Glassdoor, Knowem, Maltego v220.127.116.1145, MentionMap, Metagoofil v2.2, MrLooquer, Netcraft, Shodan, Opencorporates, Operative Framework, OSINT-Spy v0.0.1, OSRFramework v2018, OSINTFramework, PIPL, Recon-NG v4.9.3, SocialBearing, Socialmention, SpiderFoot v2.12, The Harvester v2.2a, Tineye, Tinfoleak v2.1, Twopcharts, ViewDNS, YouGetSignal, Whois. The default login is osintux:osintux Get OSINTUX (osintux-live-ver1.0.iso/osintux-ver1.0.ova) here.
About a year ago, I blogged about List of Portable Hardware Devices for Penetration Testing. I bet you can install operating systems for OSINT these on one of those devices and use it on the go. That's it from me folks!
The post List of Operating Systems for OSINT (Open-Source Intelligence) appeared first on PenTestIT.