top of page
  • Writer's pictureSai Narayan

Class Notes Day 4 - Open Source Reconnaissance Tools

OS tools
Download PDF • 33.30MB

Download material here

Certainly! Below, you'll find an introduction and the basic workings of each of the listed cybersecurity tools:

### 1. Goto Exploit DB

**Introduction**: Exploit Database is an extensive repository of exploits and vulnerable software. It is a valuable resource for cybersecurity professionals to find information on known vulnerabilities and exploits.


- Users can search for specific vulnerabilities by various criteria such as type, platform, date, and more.

- Cybersecurity researchers can submit new exploits to the database.

- It provides detailed documentation on each exploit, including the affected versions and platforms.

### 2. Whois Lookup

**Introduction**: Whois lookup is a tool that provides information about who owns a domain name and their contact information.


- Enter a domain name into the Whois lookup tool.

- It returns detailed information including the registrant, administrative contact, and technical contact, along with the domain's creation, expiration, and update dates.

### 3. BuiltWith

**Introduction**: BuiltWith is a tool that helps to identify the technologies used to build a particular website.


- Enter the URL of a website into BuiltWith.

- It returns information on the server, hosting, frameworks, plugins, analytics tools, and other technologies implemented on the website.

### 4.

**Introduction**: Robtex is a tool used for various domain/IP address research tasks, including DNS lookups and data analysis.


- Users can input a domain name or IP address to get detailed information such as DNS records, mail servers, and name servers.

- It also helps in identifying shared DNS servers and provides information on AS numbers.

### 5.

**Introduction**: IntoDNS is a tool that provides a comprehensive analysis of the DNS configuration for a given domain name.


- Input the domain name to analyze.

- It returns detailed reports on DNS configuration, health, and delegation, highlighting any detected issues and providing recommendations for resolution.

### 6. SSL Labs

**Introduction**: SSL Labs is a collection of tools and documentation to help organizations set up secure server SSL/TLS configurations.


- Utilize the SSL Server Test tool by inputting a domain name.

- The tool analyzes the server's SSL configuration and grades it based on the strength and correctness of the configuration.

### 7.

**Introduction**: is a free tool that allows users to analyze HTTP response headers for any website, assisting in identifying potential security flaws.


- Input a website URL.

- It returns a report on the HTTP headers and their configurations, with a focus on security-related headers, and offers suggestions for improvements.

### 8.

**Introduction**: Social-Searcher is a tool that allows users to search for content across various social media platforms.


- Enter keywords, phrases, or hashtags in the search bar.

- The tool returns results from various social media platforms, giving insights into trends, mentions, and social media presence.

### 9.

**Introduction**: Shodan is a search engine for internet-connected devices, providing insights into the configuration and status of devices accessible over the internet.


- Users can search for devices based on criteria such as IP, port, service, geography, etc.

- It offers detailed information about each device, including services running, vulnerabilities, and more.

### 10. Wayback Machine

**Introduction**: The Wayback Machine is a digital archive of the World Wide Web, allowing users to see how web pages looked in the past.


- Enter a website URL into the Wayback Machine.

- It allows users to view archived versions of web pages at various points in time.

### 11.

**Introduction**: OSINT Framework is a collection of free and publicly available resources aimed at helping individuals conduct open-source intelligence (OSINT) investigations.


- The website categorizes various OSINT tools and resources by their use-cases.

- Users can navigate through the categories to find the right tools for different OSINT tasks.

### 12. View Page Source in a Browser

**Introduction**: Viewing page source allows users to see the raw HTML and other code that makes up a web page.


- Right-click on a webpage and select "View Page Source" or use keyboard shortcuts (Ctrl+U for Windows, Command+Option+U for Mac).

- The browser displays the raw HTML, CSS, and JavaScript code of the webpage.

### 13. Robots.txt

**Introduction**: Robots.txt is a file that webmasters use to instruct web robots (such as search engine bots) how to crawl pages on their website.


- Access the robots.txt file by appending "/robots.txt" to a website URL (e.g., ``).

- The file lists the areas of the site that are allowed or disallowed for web crawler access.

### 14. Sitemap.xml

**Introduction**: Sitemap.xml is a file where details of the pages of a website are listed to tell search engines about the organization of site content.


- Access the sitemap by appending "/sitemap.xml" to a website URL (e.g., ``).

- The file provides information to search engines about the structure of the website, including URLs and metadata about each URL (like when it was last updated).

I hope this helps! Let me know if you have further questions.

15 views0 comments


bottom of page