ThreatLens dashboard demonstrating new light mode.
Few neat UI tweaks and improvements to ThreatLens. Most notably a light mode for those with terrible taste. But also updated documentation and global search now operational. ThreatLens now supports over 60 distinct data types across all modules, with many more to come!
Can you sense it's that time of the week? It must be OSINT Tools Thursday!
As always, we do this every day to help keep our customers safe. And we built ThreatLens to do just that at scale. Beta is going very well and already found some invaluable user feedback. Want to take a look? Hit me up!
Workflow of The Week - Let's combine some of these tools together to see if we can uncover any new leads and record them inside ThreatCaddy!
Threat Intel IP Feeds - Collect IOCs from 23 different sources with this simple to integrate threat feed.
Telegram Account OSINT - Another curated set of resources and tools but this time for Telegram. Still a hugely popular and used platform for cybercrime.
LootBin - This one is a python tool that searches termbin for data and saves matching results. Another paste site addition for your portfolio.
ThreatCaddy - A local-hosted, browser app for collecting notes, IOCs, building timelines and more for a CTI investigation.
PatrowlHearsData - This is an open-source intelligence dashboard for vulnerability intelligence. Useful for collecting and prioritising data based on things like exploits.
First up this week we have Mail OSINT Tools, repo full of goodies for enriching, enumerating and pivoting from email addresses.
Can you sense it's that time of the week? It must be OSINT Tools Thursday!
VirusTotal detection is currently 40/65.
Do not download or execute.
We recently evaluated a new passive recon tool on GitHub called resetpaid/lumina, which was included in today's #OSINTToolsThursday
While the Python code appears functional, the repository contains a hidden zip file (report/Software_3.8-alpha.3.zip) bundling a malicious Windows dropper (vendor.exe)
UPDATE: Learnt today that a tool included here included a zip file in the repo that flagged as malicious by VT and Bitdefender. Looks like a dropper so I have removed the tool from the thread. Cons of testing on a non-windows/dirty system! And a reminder to be vigilant on open-source tools!
We built ThreatLens to support organisations with understanding their attack surface, by using OSINT to find the things that are easy to miss when you're in the weeds.
Want to learn more or see how we can support you with OSINT investigations or CTI? Let me know!
CBRN-Watch - Leverages dozens of sources, AI-powered analysis to identify potential threats or incidents across the globe.
Nox Framework - An OSINT and CTI framework for recon, red teaming and conducting investigations at scale!
ThreatWatch - A self-hosted CTI platform aggregating RSS feeds with Groq integration (free tier) to provide summaries and analysis
DorkVault - Not about nerds, but artisan Googling! Over 1000+ dorking queries to support investigations
Vesper - A username enumeration tool similar to Maigret and Sherlock, but suggests it can turnaround within 20 seconds. Worth testing!
Happy Easter weekend, but more importantly #OSINTToolsThursday is here! Let's dive into the OSINT, CTI and CBRN(?!) tools we've looked at this week!
Is this your favourite time of the week if you're an OSINT analyst? It should be! It's time for #OSINTToolsThursday 🥳
I had the pleasure of joining Freddy on the Intelligence Tradecraft podcast to discuss all things OSINT, CTI and intel analysis.
Available pretty much wherever you enjoy podcasts:
YouTube: youtu.be/QVm54BUyVME
Spotify: creators.spotify.com/pod/profile/...
Apple: podcasts.apple.com/us/podcast/f...
We have fun like this every day @perspectiveintel.bsky.social - Want to see how we turn OSINT into meaningful intelligence through the ThreatLens platform? You know where to hit me up (hint it's the DMs or through the website!)
🎶Workflow of the weeeeeeekkkk🎶Got a phishing email in your inbox or in your feeds? Map that sucker out combining some of the tools mentioned this week to map out and identify the baddies!
The Sentinel - Not the movie starring Jack Bauer, Michael Douglas and Eva Longoria, but instead another tool for collating OSINT data to assist situational awareness for what you may consider current geopolitical hotspots...
IP Toolkit - Useful and modular tool for doing some OSINT on IPs including WHOIS and reputation checks, useful for automated workflows!
Aegis Intelligence - This one is all abou the travel data. Including the ability for live streaming and interactive maps to play with. Hot.
OSINT-NEXUS - Not content with not beating John Cena at Summerslam 2010 (IYKYK), instead you can use this tool to build a knowledge graph Maltego-style but with a built-in LLM assistant to support investigations!
Threat Actor Usernames Scrape - Is DaveTheTerrorist also DaveTheTerrorist across naughty forums? Well now you can test offline and away from platforms!