My new open source python OSINT framework, skiptracer was released @ HushCon East on June 1st. Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG), or paying to utilize transforms (Maltego) to get data mining results. Using some basic python webscraping of PII paywall sites to compile passive information on a target. The modules will allow queries for phone/email/screen names/real names/addresses/IP/Hostname/breach credentials etc.. It will help you collect relevant information about a target to help expand your attack surface.`Everyone should be encourage to submit new ideas/modules. You can get the code here: https://github.com/xillwillx/skiptracer feel free to submit new modules or code fixes.
Contact Me
Social Media
Categories
-
Recent Posts
RSS Blogroll
- Shamoon Reappears, Poised for a New Wiper Attack
- Worst Password Blunders of 2018 Hit Organizations East and West
- Android Trojan Targets PayPal Users
- Bug Hunting Paves Path to Infosec Careers
- U.S. Defense, Critical Infrastructure Companies Targeted in New Threat Campaign
- Deception: Honey vs. Real Environments
- ThreatList: Holiday Spam, the Perfect Seasonal Gift for Criminals
- Operation Sharpshooter Takes Aim at Global Critical Assets
- CVE-2018-1149 & CVE-2018-1150 NUUO DVR firmware exploits
- SVG Document ActiveX Execution In Word
Archives
- September 2018
- June 2018
- October 2017
- September 2017
- June 2017
- May 2017
- April 2017
- December 2016
- November 2016
- October 2016
- July 2016
- May 2016
- April 2016
- March 2016
- January 2016
- October 2015
- July 2015
- May 2015
- March 2015
- February 2015
- January 2015
- November 2014
- October 2014
- September 2014
- June 2014
- March 2014
- February 2014
- June 2013
- April 2013
- March 2012
- September 2009
Skype
Email
Keybase.io