25 Best Open Source Intelligence (OSINT) Libraries Known Worldwide, I have used 11 of these tools personally, and they have good information mining capabilities. I recommend them.
OSINT Framework, as the name suggests, is a web security framework, a collection of OSINT tools that make your intel and data collection tasks easier.
This tool is mainly used for digital fingerprinting, OSINT research, intelligence gathering, and reconnaissance for security researchers and penetration testers.
It provides a simple web-based interface that allows you to browse different OSINT tools filtered by category.
It also provides excellent categorization of all existing intel resources, making it an important resource for understanding what infosec field information you may have overlooked or for suggesting the next steps in your investigation.
OSINT Framework is categorized based on different themes and objectives. This is easy to see when viewing the OSINT tree through the web interface.
Website: https://osintframework.com/
On the Internet, websites are attacked and user data is stolen every day. This data often includes usernames, passwords (encrypted fields, and even plaintext), email addresses, IP addresses, etc., and users' privacy and security are greatly threatened.
CheckUserNames can check the usage of usernames in 160 social media platforms and detect whether your username, password, or email address has been leaked.
Website: http://checkusernames.com/
You can check online if your registered website information has been leaked. The website will not display your leaked information, but it will provide details about the data breach event!
Website: https://haveibeenpwned.com/
BeenVerified is a website that allows you to search for background information about other people online. By entering some personal information about the person and paying a fee, you can find out their family information and whether they have committed any illegal activities in the past.
Website: https://www.beenverified.com
Censys is a new type of search engine used to search for information about connected devices. Security experts can use it to assess the security of their implementation, while hackers can use it as a powerful tool for pre-attack reconnaissance and collecting target information.
Website: https://censys.io/
BuiltWith is a website profiler, lead generation, competitive analysis, and business intelligence tool that provides information about the technologies used on the internet, e-commerce data, and usage analytics.
Technologies tracked include widgets, analytics, frameworks, content management systems, advertisers, content delivery networks, web standards, and web servers, to name a few of the technology categories we cover.
Website: https://builtwith.com/
Google Dork is a fast scanning tool that enumerates websites.
Website: https://pentestit.com/google-dorks/
Maltego is an open-source intelligence (OSINT) and graphical link analysis tool used for collecting and connecting information for investigative tasks.
Website: https://www.maltego.com/
Recon-ng is a full-featured web reconnaissance framework written in Python. It provides a powerful environment for fast and thorough web-based open-source reconnaissance.
Recon-ng primarily plays the role of information gathering in the penetration process and can also be used as a penetration testing tool, although it has few related attack modules and requires self-expansion. The biggest advantage of Recon-ng is its modularity, and its functionality can be expanded as desired. With enough imagination, it can become a powerful tool.
Website: https://github.com/lanmaster53/recon-ng
TheHarvester can collect information such as email accounts, usernames, hostnames, and subdomains. It collects this information by searching through public resources such as Google, Bing, PGP, LinkedIn, Baidu, Yandex, People123, Jigsaw, and Shodan. This information can be very useful in later stages of penetration testing.
Website: https://github.com/laramies/theHarvester
Shodan has servers worldwide that crawl the Internet 24/7 to provide the latest Internet intelligence. It provides tools to answer questions about the Internet on a global scale, such as who buys smart TVs, which country/region builds the most wind farms, and which companies are affected by Heartbleed.
Website: https://www.shodan.io/
Jigsaw is a tool for developing the US market. With this tool, you can search for detailed contact information about US companies, including email addresses, contacts, websites, and phone numbers.
Website: www.jigsaw.com
SpiderFoot is a free and open-source web information gathering tool written in Python. It supports cross-platform operation and is suitable for Linux, *BSD, and Windows systems. In addition, it provides users with an easy-to-use GUI interface.
SpiderFoot is very comprehensive in terms of functionality. With SpiderFoot, we can obtain various information about the target, such as website subdomains, email addresses, web server versions, etc. The simple web-based interface of SpiderFoot allows you to start scanning immediately after installation - just set the target domain name and enable the corresponding scanning modules.
Website: http://www.spiderfoot.net/download/
Creepy is an application that collects geolocation-related information about users from social networking platforms and image hosting services. Creepy displays the collected information on a built-in map and shows contextually relevant information about the specific geographic location.
Website: https://github.com/ilektrojohn/creepy
Nmap, also known as Network Mapper, is originally a network scanning and sniffing toolkit for Linux.
Nmap is a network connection port scanning software used to scan open network connections on the Internet. It determines which services are running on which connection ports and infers which operating system the computer is running (also known as fingerprinting). It is one of the essential software for network administrators and is used to evaluate the security of network systems.
Website: https://nmap.org/
Webshag is a cross-platform multithreaded tool for auditing web servers. Webshag collects useful features typically found in web servers, such as port scanning, URL scanning, and file fuzzing. It can be used to scan web servers via HTTP or HTTPS with proxy and HTTP authentication (based on authentication or digest authentication).
Website: https://tools.kali.org/web-applications/webshag
OpenVAS is an open vulnerability assessment system, which can be described as a network scanner that includes related tools. Its core component is a server that includes a set of network vulnerability testing programs that can detect security issues in remote systems and applications.
Website: https://www.openvas.org/
This tool is a comprehensive domain scanning tool. It can quickly obtain the DNS servers of the specified domain and check for zone transfer vulnerabilities. If this vulnerability does not exist, it will automatically perform brute force cracking to obtain subdomain information. For the obtained IP addresses, it will also traverse the surrounding IP addresses to obtain more information. Finally, it will segment and count the IP addresses for later use by other tools such as NMAP.
Website: https://github.com/mschwager/fierce
Unicornscan is a port scanner that obtains information and associations about the user's system by attempting to connect to the user's system (User-land) distributed TCP/IP stack. Its main features include asynchronous stateless TCP scanning with all TCP variant flags, asynchronous stateless TCP flag capture, active/passive remote operating system, application, and component information retrieval through feedback analysis.
Website: https://tools.kali.org/information-gathering/unicornscan
FOCA is mainly an information gathering tool that checks and scans file metadata and hidden information. These files can be found on web pages, and FOCA can download and analyze them.
FOCA can use search engines such as Google, Bing, and Exalead to search for and download relevant files. By stripping the information from these files, attackers can obtain the machine name, operating system, software installation path, and version information of the file uploader.
Website: https://www.elevenpaths.com/labstools/foca/index.html
ZoomEye is a search engine for retrieving network space nodes. It analyzes global nodes through a backend distributed crawler engine (like any search engine) and judges the characteristics of each node it owns, such as device type, firmware version, distribution location, and open port services.
Website: https://www.zoomeye.org/
Spyse is a complete Data as a Service (DaaS) solution developed for internet security professionals, companies, remote system administrators, SSL/TLS certificate providers, data centers, and business analysts. All Spyse online solutions are presented in the form of themed services, which together make up a platform with information gathering, processing, and aggregation capabilities.
Website: https://pypi.org/project/spyse/