⚠️ Legal & Ethical Considerations
Always ensure you have proper authorization before conducting OSINT investigations. Respect privacy laws, terms of service, and ethical boundaries. These tools should only be used for legitimate security, investigative, or research purposes.
OSINT Frameworks & Suites
Maltego
Commercial / Free Community EditionPremier OSINT and graphical link analysis tool for gathering and connecting information. Visualizes relationships between people, companies, domains, and more through transforms.
Visit Maltego →SpiderFoot
Open SourceAutomated OSINT reconnaissance tool that integrates with numerous data sources. Performs 200+ queries across DNS, search engines, social media, and threat intelligence feeds.
Visit SpiderFoot →theHarvester
Open SourcePython tool for gathering email addresses, subdomains, hosts, employee names, and more from public sources. Essential for reconnaissance and footprinting.
Visit theHarvester →Recon-ng
Open SourceFull-featured reconnaissance framework with independent modules, database interaction, and interactive help. Modular structure similar to Metasploit for OSINT operations.
Visit Recon-ng →Social Media Intelligence
Sherlock
Open SourceHunt down social media accounts by username across 300+ social networks. Fast and effective tool for tracking online presence across platforms.
Visit Sherlock →Social-Analyzer
Open SourceAPI and web app for analyzing and finding person profiles across 1000+ social media websites. Detects username or email existence on numerous platforms.
Visit Social-Analyzer →Twint
Open SourceAdvanced Twitter scraping tool that doesn't use Twitter's API. Gathers tweets, followers, and metadata without authentication requirements.
Visit Twint →Domain & Network Intelligence
Shodan
Commercial / Limited FreeSearch engine for Internet-connected devices. Discovers exposed systems, IoT devices, industrial controls, and security vulnerabilities across the internet.
Visit Shodan →Censys
Commercial / Limited FreeSearch engine for discovering and analyzing internet-connected devices and networks. Provides comprehensive data on hosts, certificates, and network infrastructure.
Visit Censys →DNSdumpster
Free Web ToolDomain research tool for discovering hosts related to a domain. Provides DNS records, subdomains, and network mapping visualization.
Visit DNSdumpster →SecurityTrails
Commercial / Limited FreeHistorical DNS and WHOIS data search engine. Tracks domain changes, subdomain discovery, and certificate transparency monitoring.
Visit SecurityTrails →Email & Data Breach Intelligence
Have I Been Pwned
Free Web ServiceCheck if email addresses or passwords have been compromised in data breaches. Database of billions of breached accounts from major incidents.
Visit HIBP →Hunter.io
Commercial / Limited FreeFind and verify email addresses associated with domains. Useful for identifying company contacts and email patterns during reconnaissance.
Visit Hunter.io →Dehashed
CommercialSearch engine for leaked credentials and data breaches. Provides access to billions of records from compromised databases.
Visit Dehashed →Image & Geolocation Intelligence
Google Lens
Free Web ServiceReverse image search and visual recognition tool. Identifies objects, locations, and similar images across the web.
Visit Google Lens →TinEye
Free / CommercialReverse image search engine for tracking where images appear online. Finds modified versions and earliest uses of images.
Visit TinEye →ExifTool
Open SourceRead, write, and edit metadata in image, audio, and video files. Extracts GPS coordinates, camera information, and timestamps from media files.
Visit ExifTool →Specialized OSINT Tools
Wayback Machine
Free Web ServiceDigital archive of the World Wide Web. Access historical snapshots of websites to view past content, configurations, and changes over time.
Visit Wayback Machine →OSINT Framework
Free Web ResourceComprehensive collection of OSINT tools organized by category. Interactive mind map providing links to hundreds of investigation resources.
Visit OSINT Framework →Metagoofil
Open SourceInformation gathering tool designed to extract metadata from public documents. Identifies usernames, software versions, and internal paths from PDFs, Office files, and more.
Visit Metagoofil →