Ahmet Göker
7 min readFeb 17, 2022

Hey amazing hackers,

welcome back to my blogpost today I am going to be covering some useful OSINT tools for daily usage if you are ready lets dive into it:)

some people might not know what OSINT is. Lets explain a little bit. And please do not forget to clapp my Blog if you liked.


Open source intelligence tools can be defined as tools that use multiple methods to gather specific information from publicly available resources and present that information to aid the decision-making process.


use case

when you plug a piece of data(such as an email address,phone number, name, etc..) you can gather some information about company, people, social media because it returns all known online sources that contain information relevant

Perform State of the art binary code analysis with IDA

What it is

the source code of the software is not always available.A dissassembler like IDA Pro translates machine-executable code into readable assembly language source code.

Use Case

An incident response team loads a malicous artifacts founds on a breached server into IDA pro to further analyze and understand its behaviour, such as for potential damage, and method of traversal.

Gather Geolocation information with Cree.py


What it is

cree.py is a geospatial visualization tool that centralizes and visualizes geolocated information pulled across multiple online sources You can use this for daily life :)

Use case

Once the plugin is configured, a user can feed the tool a social media artifacts. Creepy has a lot of available locations on the map, allowing the user to see which information was posted

Mine,Merge, and Map Information with maltego


what it is

Integrate data from public sources, commercial vendors, and internal sources via the Maltego, it has been a powerfull configuration and pre-integrated/packaged sources it is being ready to be used in investigation.

use case

A user feeds Maltego domain names, IP addresses, domain records, URLs or even email addresses. The service finds connections and relationships within the data which allows the user to create a graph.

Dns Records with DNSdumpters


What it is

DNSdumpster is a free domain research tool that can discover hosts, related to a domain, finding visible hosts from the attacker’s perspective is an important part of the security assessment process.

Use case

After a user enters a domain name, DNS dumpster identifies and displays all asscociated subdomains, helping map an organization’s entire attack surface which is based on DNS record.

TinEye for reverse image search


What it is

TinEye is an image-focused web crawling database that allows users to search by image and find where that image appears online

Use case

An Investigator uploads an image to TinEye or searches by UR. TinEye constantly crawls the web and adds images to compare or even finding some information.

Shodan: The search engine for the IOT


what it is

Websites are just one part of the internet Shodan allows analysts to discover which of their devices are connected to the internet, where they are located and who is using them

Use case

Shodan helps researchers monitor all devices within their network that are directly accessible from the internet, and therefore vulnerable attacks

Wayback machine


What it is

Wayback machine analyzes websites published across time, allowing researchers to review how the web page looked when it was orginally launched or updated, it also retrieves some information that website such as data of some user etc.

Use case

Suppose a website was seized by the FBI, but the orginal content is no longer there. Researchers can use wayback machine to reveal information that the site may have contained.

Have I been pwned


What it is

The service exposes the severity of the risk of online attacks, while helping victims of data breaches learn about compromises of their account. Users can subscribe to receive breach notifications.

Use case

Users can securely enter email addresses and passwords to find out if they have been hacked. The site returns a complete list of breaches where specific accounts have been exposed.

Exploit DB


What it is

The exploit database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Exploits are collected throughout the internet.

Use case

The exploit database is a repository for publicly available exploits, making it a valuable resource for those who need actionable data at their fingerprint.



What it is

Virustotal inspects items with over 70 antivirus scanners and URL/domain blacklisting services. Scanning reports produced by VirusTotal are shared with the public to raise the global IT securiry level and awarenesses about potentially harmful content

Use case

Users can select a file from their computer using their browser and send it to virustotal. Results are shared with the submitter.



What it is

Mrlooquer IOCFeed serves as an IOC reverse search engine. It collects a variety of IOC artifacts, like malware, phising, or common vulnerability exposures used.

Use case

Users can enter their own IOCs to find out where attacks could be coming soon



What it is

PhishTank is a free community site where anyone can submit, verify, track and share phising data. PhishTank also provides an open API for developers and researchers to integrate anti-phising into their application.

Use case

Users submit suspicious URLs via email, and PhishTank identifies, verifies, tracks, confirms, and publishes phising site.



What it is

CityProtect is a crime visualization site. Users provide a location within the US, along with some other paramaters, and detailed crime reports are delivered.

Use case

A user can analyze quantified criminal behaviour in a geographic area over time to help build an intelligenceled brief.



What it is

Whitepages offers to perform reverse name, address and phone number look up and returns high-level information on any individual or business

Use case

A useful tool for veryfing that the persons a researcher is dealing with are who they say are. Investigations are able to locate people and businesses, verify their addresses and much more..

Honeypot Sensor


what it is

HoneyDB has multiple honeypots throughout the internet waitng to be attacked. The service logs compete details of an attack.Including IP address, and the binary that was used to execute it , and lists them in the HoneyDB database.

Use case

A campaign that uses a unique exploit to commit a wide spread attack on every system possible. Would most likely infect one or more of the honeypots. A user then accesses detailed information on the attack to gather information.


There are a lot of tools, which can be used but I covered some useful tools for daily life hopefully, you will like it take your tea and read it experimental. If you have any doubts you can always ask me:)

Take care and I will see you in the next lecture..

Ahmet Göker | Ethical Hacker| DDOS researcher | CTF player | Tryhackme < %0.6 | Youtuber | blogger | pentester

Linkedin : https://www.linkedin.com/in/ahmetgöker

Twitter: https://twitter.com/@TurkishHoodie_

Telegram: stuXnet

Youtube: https://youtube.com/TurkishHoodie

Many Thanks for reading this post, please share with your friends to get more content/hacking/CTF and much more…..