Jump to content


Photo
- - - - -

Recon Sites and Tools


  • Please log in to reply
7 replies to this topic

#1 Irongeek

Irongeek

    Dangerous free thinker

  • Agents of the Revolution
  • 1,516 posts
  • Location:Louisville, Ky more or less

Posted 10 March 2009 - 12:40 PM

Hi All,
What are some good sites for doing recon on an organization via DNS tools/Google/Metadata etc?

Anyone know a good replacement for http://www.rapleaf.com ? It use to be good, but now is useless with the current TOS.

I'll start the list:
Tools:
Metagoofil:
http://www.edge-secu.../metagoofil.php

Maltego:
http://www.paterva.c...munity-edition/

Sites:
http://regex.info/exif.cgi
http://tineye.com/
http://www.domaintools.com/

You really need ot checkout Tineye.

#2 tekio

tekio

    5(R1P7 |<1DD13

  • Binrev Financier
  • 1,095 posts
  • Gender:Male
  • Location:The Blue Nowhere

Posted 10 March 2009 - 01:58 PM

www.allwhois.com
Solar Winds tools set
AGnet tool set (only comes bundled w/ wildpackets premium software now) older freeware versions can be found
Sam Spade tool set
Oputils
www.google.com

the many Unix network discovery utilities: tcptraceroute, host, whois, nslookup etc...

#3 SchippStrich

SchippStrich

    SUP3R 31337 P1MP

  • Members
  • 293 posts
  • Country:
  • Gender:Male
  • Location:USA

Posted 10 March 2009 - 09:40 PM

Is this for your upcoming ISSA talk in Louisville?
I want to go but I'm to poor to drive over there.
If so make sure you record a video of it.

#4 phasma

phasma

    Hakker addict

  • Members
  • 527 posts
  • Country:
  • Gender:Male
  • Location:Pennsylvania

Posted 10 March 2009 - 09:56 PM

There's a neat little Firefox add-on called "PassiveRecon" that's pretty efficient.

#5 Irongeek

Irongeek

    Dangerous free thinker

  • Agents of the Revolution
  • 1,516 posts
  • Location:Louisville, Ky more or less

Posted 11 March 2009 - 05:42 AM

Is this for your upcoming ISSA talk in Louisville?
I want to go but I'm to poor to drive over there.
If so make sure you record a video of it.



I plan to record it and put it up on my site. ;)

#6 Irongeek

Irongeek

    Dangerous free thinker

  • Agents of the Revolution
  • 1,516 posts
  • Location:Louisville, Ky more or less

Posted 11 March 2009 - 05:59 AM

Thanks phasma, I tried that plugin out, nice find.

#7 tekio

tekio

    5(R1P7 |<1DD13

  • Binrev Financier
  • 1,095 posts
  • Gender:Male
  • Location:The Blue Nowhere

Posted 11 March 2009 - 09:55 AM

This is kinda cool; just came across it a little bit ago. Besides informing of when the mail was open, it will let you know by who, IP address, and to whom it was forwarded. It just uses an image to get the info though.

Edited by tekio, 11 March 2009 - 09:57 AM.


#8 Cryptik Hex

Cryptik Hex

    elite

  • Members
  • 101 posts
  • Location:Pasadena CA

Posted 12 March 2009 - 06:24 AM

Although writing a Perl script works just as fine for this, a tool in the backtrack suite called dmitry has a nice reverse DNS scanner. I have found that finding other machines on the networks that are connected to the internet, but not always made publicly noticeable, seem to be very interesting.




BinRev is hosted by the great people at Lunarpages!