Top OSINT Tools for Cybersecurity: Photo OSINT, Location OSINT & More
𧩠Top OSINT Tools You Must Know
Hereβs a list of the most important OSINT tools for cybersecurity, investigations, and digital forensics β with emojis, short explanations, and links so readers can access them directly.
β οΈ Note: Always use these tools ethically and legally. OSINT only involves publicly available data.
πΌοΈ 1. FotoForensics
Use: Image forensics and Error Level Analysis (ELA) to check if an image has been tampered with.
π Website: FotoForensics
𧩠2. Forensically
Use: Free browser-based photo forensics suite β clone detection, metadata extraction, ELA, noise analysis.
π Website: Forensically
π 3. ExifTool
Use: Industry-standard tool to read/write image, document, and media metadata (EXIF, IPTC, XMP). Great for GPS tags, timestamps, and camera info.
π Website: ExifTool
π 4. TinEye / Google Reverse Image Search
Use: Reverse image search to find the original source of a photo or track its copies online.
π Website: TinEye | Google Reverse Image Search
πΈοΈ 5. Maltego
Use: Visual link analysis platform β maps relationships between domains, emails, people, and social accounts.
π Website: Maltego
π 6. OSINT Framework
Use: A structured directory of OSINT tools categorized by task (people, social media, domains, geolocation, etc.).
π Website: OSINT Framework
π 7. Shodan
Use: IoT / internet-connected device search engine. Finds exposed devices like webcams, routers, servers.
π Website: Shodan
π·οΈ 8. SpiderFoot
Use: Automated OSINT scanner for domains, IPs, emails, and names. Helps in reconnaissance and monitoring.
π Website: SpiderFoot
π§ 9. theHarvester
Use: Collects emails, domains, and hostnames from search engines and public sources.
π Website / Repo: theHarvester GitHub
βοΈ 10. Recon-ng
Use: Web reconnaissance framework with modular setup for WHOIS, DNS, and social lookups.
π Website / Repo: Recon-ng GitHub
π€ 11. Social Mapper
Use: Cross-platform profile mapping using facial recognition to find matching social media accounts.
π Website / Repo: Social Mapper GitHub
π 12. FaceCheck.id
Use: Reverse face search engine to locate social media profiles linked to a photo.
π Website: FaceCheck.id
πΊοΈ 13. Mapillary + Geo Tools
Use: Geolocation and street imagery for location OSINT. Includes Mapillary, GeoGuessr, Google Earth, OpenStreetMap.
π Websites: Mapillary | GeoGuessr | OpenStreetMap
π‘οΈ 14. Have I Been Pwned (HIBP)
Use: Check if emails or phone numbers appear in known breaches. Helps with defensive OSINT and security checks.
π Website: Have I Been Pwned
π Other Useful Tools
- Google Dorks β advanced search operators
- Metagoofil β harvest metadata from public documents
- Wayback Machine β view historical versions of websites
π Tip: Use OSINT Framework to explore more specialized tools for your investigations.
βοΈ Legal & Ethical Reminder
OSINT = working with publicly available data only.
Do not access private systems or restricted content. Ethical and legal compliance is critical.
