Social Engineering / OSINT

Categories: Resources
Help raise awareness by sharing this page:

Social engineering and OSINT (Open Source Intelligence) are techniques that are often used in cybersecurity to gather information and identify vulnerabilities. Social engineering involves manipulating individuals or groups in order to obtain sensitive information or access to restricted areas or systems. It can take many forms, including phishing attacks, pretexting, baiting, and other types of manipulation. OSINT, on the other hand, involves collecting and analyzing publicly available information in order to gather intelligence and identify vulnerabilities. This can include information from social media, public databases, websites, and other sources. Both social engineering and OSINT are commonly used by cybersecurity professionals and threat actors to gather information and exploit vulnerabilities. They can be powerful tools for identifying and addressing potential security threats and vulnerabilities.

  • Gophish is an open source tool that is used for simulating phishing attacks and testing the effectiveness of an organization’s security awareness training. It allows users to create and send realistic phishing emails, and to track the results in order to understand how employees respond to phishing attempts. Gophish is often used by cybersecurity professionals and organizations to test the effectiveness of their security awareness training and to identify areas where additional training may be needed.
  • Maltego is a tool that is used for analyzing and visualizing data from a variety of sources in order to identify relationships and patterns. It is commonly used in the context of OSINT (Open Source Intelligence) and is often used by cybersecurity professionals and intelligence analysts to gather and analyze information about potential threats and vulnerabilities.
  • Social Engineering Toolkit (SET) is a tool that is used to test the effectiveness of an organization’s security awareness training and to identify areas where additional training may be needed. It is designed to simulate a variety of social engineering attacks, such as phishing, pretexting, and baiting, and is often used by cybersecurity professionals and organizations to test the susceptibility of their employees to these types of attacks.
  • Wifiphisher
  • is an open source tool that is used to conduct social engineering attacks on wireless networks. It is designed to trick users into revealing their login credentials or other sensitive information by impersonating legitimate WiFi networks. Wifiphisher is often used by cybersecurity professionals and researchers to test the security of wireless networks and to demonstrate the risks of social engineering attacks.
  • msfconsole is a command-line interface for the Metasploit Framework, an open source toolkit for developing and executing security exploits. It is commonly used by cybersecurity professionals and researchers to test the security of systems and networks, and to develop and deploy custom exploits.
  • MSFPC (Metasploit Payload Creator) is an open source tool that is used to generate custom payloads for the Metasploit Framework. It allows users to create payloads that can be delivered to a target system and used to gain unauthorized access or to execute malicious code. MSFPC is often used by cybersecurity professionals and researchers to test the security of systems and networks, and to develop and deploy custom exploits.
  • Mitaka is an open source tool that is used to gather information about a target system or network. It is designed to gather a wide range of information about a target, including IP addresses, domain names, and other identifying information. Mitaka is often used by cybersecurity professionals and researchers to gather intelligence about a target system or network, and to identify potential vulnerabilities or weaknesses.
  • Spiderfoot is an open source intelligence gathering tool that is designed to help users gather information about people, organizations, and infrastructure from the internet. It is often used in the context of social engineering and OSINT to collect data from a wide range of sources, including social media, websites, and databases. Spiderfoot can be used to identify potential targets for social engineering attacks, and to gather intelligence about the targets and their networks.
  • BuiltWith is a tool that is used to gather intelligence about websites and web-based technologies. It is designed to help users identify the technologies and frameworks that are used to build and maintain websites, and to gather information about the hosting and domain registration of websites. BuiltWith is often used in the context of social engineering and OSINT to gather intelligence about websites and web-based infrastructure.
  • Intelligence X is an online search engine and intelligence gathering platform that is designed to help users find and analyze public data from the internet. It is often used in the context of social engineering and OSINT to gather intelligence about people, organizations, and infrastructure from a wide range of sources, including social media, websites, and databases. Intelligence X is known for its extensive database of public data and its powerful search and analysis tools.
  • Shodan is an online search engine that is designed to help users find and analyze internet-connected devices and systems. It is often used in the context of social engineering and OSINT to gather intelligence about network infrastructure and devices, and to identify potential targets for social engineering attacks. Shodan is known for its extensive database of internet-connected devices and its powerful search and analysis tools.
  • Metagoofil is an open source tool that is used to gather intelligence about a target organization or individual through publicly available information. It is designed to search the internet for documents, files, and other types of information that may be useful for an attacker, and to extract metadata from these documents. Metagoofil is often used by cybersecurity professionals and intelligence analysts to gather information about a target for use in social engineering or other types of cyber attacks.
  • OSINT Framework is an open source tool that is used to collect, analyze, and organize information from a variety of open source sources. It is designed to help users gather intelligence about a target organization or individual, and to identify potential vulnerabilities or weaknesses that can be exploited. The OSINT Framework is often used by cybersecurity professionals and intelligence analysts to gather information for use in social engineering or other types of cyber attacks.
  • publicwww.com is an online search engine that is specifically designed to search for publicly available source code. It is often used by cybersecurity professionals and intelligence analysts to gather information about a target organization or individual, and to identify potential vulnerabilities or weaknesses that can be exploited. publicwww.com can be a useful resource for gathering intelligence for use in social engineering or other types of cyber attacks.

«
»