HackStation Watch on YouTube

OSINT 2025: Tudo que Você Precisa Saber

4 min read 5 months ago
Published on Mar 12, 2025 This response is partially generated with the help of AI. It may contain inaccuracies.

Table of Contents

Introduction

This tutorial provides a comprehensive guide to Open Source Intelligence (OSINT) techniques as discussed in the video "OSINT 2025: Tudo que Você Precisa Saber" by HackStation. You'll learn about various tools and methods for gathering information from publicly available sources, emphasizing ethical and responsible use.

Step 1: Understanding OSINT

  • OSINT refers to the practice of collecting data from publicly available sources to analyze and utilize for various purposes.
  • It is important to use these techniques ethically, avoiding any illegal activities that could violate privacy or legal standards.

Step 2: Using WHOIS for Domain Information

  • WHOIS is a protocol that allows you to query databases to obtain information about domain names.
  • Steps to use WHOIS:
    1. Access a WHOIS lookup tool (e.g., whois.domaintools.com).
    2. Enter the domain name you want to investigate.
    3. Review the registration details, including the owner, registration date, and expiration date.

Step 3: Google Hacking Techniques

  • Google hacking involves using advanced search operators to find specific information on the web.
  • Useful operators include:
    • site: to search within a specific website.
    • filetype: to find specific file types (e.g., PDFs, DOCs).
  • Example search: site:example.com filetype:pdf to find PDF documents on a specific site.

Step 4: Utilizing theHarvester for Email and Subdomain Collection

  • theHarvester is a tool for gathering emails and subdomains from various search engines.
  • Steps to use theHarvester:
    1. Install theHarvester using GitHub or package managers.
    2. Run the command:
      theharvester -d example.com -b google
    3. Analyze the collected information for potential targets.

Step 5: Analyzing Metadata with ExifTool

  • ExifTool is a powerful tool for reading and writing metadata in files, particularly images.
  • Steps to use ExifTool:
    1. Download and install ExifTool.
    2. Run the command:
      exiftool image.jpg
    3. Review the metadata for information such as GPS coordinates and timestamps.

Step 6: Investigating People with Sherlock

  • Sherlock is a tool used to find usernames across multiple social media platforms.
  • Steps to use Sherlock:
    1. Install Sherlock from its GitHub repository.
    2. Run the command:
      python sherlock.py username
    3. Review the output for social media profiles associated with the username.

Step 7: Mapping Relationships with Maltego

  • Maltego is a tool for graphical link analysis, visualizing relationships between entities.
  • Steps to use Maltego:
    1. Download and install Maltego.
    2. Create a new graph and add entities (e.g., domains, emails).
    3. Run transforms to gather data and visualize connections.

Step 8: Exploring Shodan for IoT Devices

  • Shodan is a search engine for Internet-connected devices.
  • Steps to use Shodan:
    1. Create an account on Shodan.io.
    2. Use specific queries to find devices (e.g., port:80 for web servers).
    3. Analyze the results for vulnerabilities.

Step 9: Finding Faces with PimEyes

  • PimEyes is a face recognition search engine.
  • Steps to use PimEyes:
    1. Go to the PimEyes website.
    2. Upload a photo or enter a URL with an image.
    3. Review search results for matching images across the web.

Step 10: Conducting Reverse Image Searches with Google Image Search

  • Google Image Search allows you to find the source of an image or similar images.
  • Steps to use Google Image Search:
    1. Go to Google Images.
    2. Upload an image or paste the image URL.
    3. Analyze results for information about the image's origin.

Step 11: Exploring EPIEOS for Enhanced OSINT

  • EPIEOS is a lesser-known tool that can assist in OSINT tasks.
  • Steps to use EPIEOS:
    1. Visit the EPIEOS website.
    2. Follow the instructions to utilize its features for gathering information.

Conclusion

This tutorial highlighted essential OSINT techniques and tools, including WHOIS, Google hacking, theHarvester, ExifTool, Sherlock, Maltego, Shodan, PimEyes, Google Image Search, and EPIEOS. Remember to apply these methods ethically and responsibly. You can further explore each tool for deeper insights and applications in your OSINT endeavors.

Table of Contents

Recent