OSINT

Theory

When it comes to social engineering, gathering information about the target is crucial, especially if you target a specific person.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. (Art of war, Sun Tzu)

In this part we will see how to get information about people, which could be useful to personalize social engineering attacks to make them more efficient.

Practice

General search:

• https://webmii.com
• Google Dork : site:linkedin.com -inurl:dir "Company" "Name"

About companies:

• https://opencorporates.com
• https://www.societe.com (France-only)

Employee's feedback and information about companies:

• https://www.glassdoor.com
• https://www.indeed.com/companies

Twitter :

• https://x.com/search-advanced
• https://twiteridfinder.com/
• https://onemilliontweetmap.com

Social networks/medias:

• Twitter
• Facebook
• Instagram
• Pinterest
• Reddit
• VKontakte
• Tumblr
• LinkedIn
• DeviantArt
• Steam

Image recognition:

• https://lens.google.com
• https://tineye.com

Resources

https://gbhackers.com/external-black-box-penetration-testing

https://github.com/jivoi/awesome-osint