はじめに
本記事は論理的なハッカーとして、インターネット上のパブリックリソースから組織の情報を収集する方法について記載しています。
本記事で紹介しているツールを活用することで、効率的なOSINTが実現できます。
OSINTについては、以前書いたIMINT/GEOINTをご参照ください。
Harvester
Harvesterは、パブリックリソースから電子メール、サブドメイン、ホストなどの情報を収集することができます。
Kali Linuxでは最初からインストールされています。
どのような情報収集しているかについては、GitHubで公開されいてる以下リポジトリのREADMEより確認できます。
基本的な使い方は、-dのオプションでドメインを指定、-bにソースを指定して実行します。
以下の例では、-lで検索結果を制限しています。
$ theHarvester -d <domain> -l 200 -b yahoo
- 出力例
*******************************************************************
* _ _ _ *
* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| _ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
* *
* theHarvester 4.3.0 *
* Coded by Christian Martorella *
* Edge-Security Research *
* cmartorella@edge-security.com *
* *
*******************************************************************
[*] Target: <domain>
[*] Searching Yahoo.
[*] No IPs found.
[*] Emails found: 1
----------------------
xxxx@xxxx.com
[*] Hosts found: 1
---------------------
xxxx.com
参考:Theharvester
Sherlock
Sherlockは、さまざまなソーシャルネットワークから対象となる人物に関する情報を収集することができます。
Kali Linuxでは最初からインストールされていないため、別途インストールが必要です。
SherlockもGitHubに公開されいてるため、直接ダウンロードして使用することもできます。
基本的な使い方は、調査したいユーザー名を指定して実行します。
コマンドを実行後、ヒットしたソーシャルネットワークのURLを出力します。
$ python3 sherlock <USERNAMES>
[*] Checking username <USERNAMES> on:
[+] 7Cups: https://www.7cups.com/@<USERNAMES>
[+] 8tracks: https://8tracks.com/<USERNAMES>
[+] 9GAG: https://www.9gag.com/u/<USERNAMES>
[+] About.me: https://about.me/<USERNAMES>
[+] Air Pilot Life: https://airlinepilot.life/u/<USERNAMES>
[+] Airliners: https://www.airliners.net/user/<USERNAMES>/profile/photos
[+] Alik.cz: https://www.alik.cz/u/<USERNAMES>
[+] AllMyLinks: https://allmylinks.com/<USERNAMES>
[+] Amino: https://aminoapps.com/u/<USERNAMES>
[+] Anilist: https://anilist.co/user/<USERNAMES>/
[+] Apple Developer: https://developer.apple.com/forums/profile/<USERNAMES>
[+] Apple Discussions: https://discussions.apple.com/profile/<USERNAMES>
[+] Archive of Our Own: https://archiveofourown.org/users/<USERNAMES>
[+] Archive.org: https://archive.org/details/@<USERNAMES>
[+] AskFM: https://ask.fm/<USERNAMES>
[+] Audiojungle: https://audiojungle.net/user/<USERNAMES>
[+] BLIP.fm: https://blip.fm/<USERNAMES>
[+] Bandcamp: https://www.bandcamp.com/<USERNAMES>
[+] Behance: https://www.behance.net/<USERNAMES>
[+] Bezuzyteczna: https://bezuzyteczna.pl/uzytkownicy/<USERNAMES>
[+] Bikemap: https://www.bikemap.net/en/u/<USERNAMES>/routes/created/
[+] Bitwarden Forum: https://community.bitwarden.com/u/<USERNAMES>/summary
[+] Blogger: https://<USERNAMES>.blogspot.com
[+] BodyBuilding: https://bodyspace.bodybuilding.com/<USERNAMES>
[+] Bookcrossing: https://www.bookcrossing.com/mybookshelf/<USERNAMES>/
[+] BraveCommunity: https://community.brave.com/u/<USERNAMES>/
[+] BuyMeACoffee: https://buymeacoff.ee/<USERNAMES>
[+] BuzzFeed: https://buzzfeed.com/<USERNAMES>
[+] CGTrader: https://www.cgtrader.com/<USERNAMES>
[+] Career.habr: https://career.habr.com/<USERNAMES>
[+] Championat: https://www.championat.com/user/<USERNAMES>
[+] Chess: https://www.chess.com/member/<USERNAMES>
[+] Clapper: https://clapperapp.com/<USERNAMES>
[+] Codecademy: https://www.codecademy.com/profiles/<USERNAMES>
[+] Codeforces: https://codeforces.com/profile/<USERNAMES>
[+] Codewars: https://www.codewars.com/users/<USERNAMES>
[+] ColourLovers: https://www.colourlovers.com/lover/<USERNAMES>
[+] Crowdin: https://crowdin.com/profile/<USERNAMES>
[+] Cults3D: https://cults3d.com/en/users/<USERNAMES>/creations
[+] DMOJ: https://dmoj.ca/user/<USERNAMES>
[+] DeviantART: https://<USERNAMES>.deviantart.com
[+] Discogs: https://www.discogs.com/user/<USERNAMES>
[+] Discuss.Elastic.co: https://discuss.elastic.co/u/<USERNAMES>
[+] Disqus: https://disqus.com/<USERNAMES>
[+] Dribbble: https://dribbble.com/<USERNAMES>
[+] Duolingo: https://www.duolingo.com/profile/<USERNAMES>
[+] Eintracht Frankfurt Forum: https://community.eintracht.de/fans/<USERNAMES>
[+] Enjin: https://www.enjin.com/profile/<USERNAMES>
[+] EyeEm: https://www.eyeem.com/u/<USERNAMES>
[+] F3.cool: https://f3.cool/<USERNAMES>/
[+] Fameswap: https://fameswap.com/user/<USERNAMES>
[+] Finanzfrage: https://www.finanzfrage.net/nutzer/<USERNAMES>
[+] Fiverr: https://www.fiverr.com/<USERNAMES>
[+] Flickr: https://www.flickr.com/people/<USERNAMES>
[+] Flightradar24: https://my.flightradar24.com/<USERNAMES>
[+] Flipboard: https://flipboard.com/@<USERNAMES>
[+] Freelance.habr: https://freelance.habr.com/freelancers/<USERNAMES>
[+] Freelancer: https://www.freelancer.com/u/<USERNAMES>
[+] Freesound: https://freesound.org/people/<USERNAMES>/
[+] G2G: https://www.g2g.com/<USERNAMES>
[+] Gamespot: https://www.gamespot.com/profile/<USERNAMES>/
[+] GeeksforGeeks: https://auth.geeksforgeeks.org/user/<USERNAMES>
[+] Genius (Users): https://genius.com/<USERNAMES>
[+] Gesundheitsfrage: https://www.gesundheitsfrage.net/nutzer/<USERNAMES>
[+] Giant Bomb: https://www.giantbomb.com/profile/<USERNAMES>/
[+] GitHub: https://www.github.com/<USERNAMES>
[+] GitLab: https://gitlab.com/<USERNAMES>
[+] Gitee: https://gitee.com/<USERNAMES>
[+] GoodReads: https://www.goodreads.com/<USERNAMES>
[+] Grailed: https://www.grailed.com/<USERNAMES>
[+] Gumroad: https://www.gumroad.com/<USERNAMES>
[+] GunsAndAmmo: https://forums.gunsandammo.com/profile/<USERNAMES>
[+] Gutefrage: https://www.gutefrage.net/nutzer/<USERNAMES>
[+] HackerEarth: https://hackerearth.com/@<USERNAMES>
[+] HackerNews: https://news.ycombinator.com/user?id=<USERNAMES>
[+] HackerOne: https://hackerone.com/<USERNAMES>
[+] HackerRank: https://hackerrank.com/<USERNAMES>
[+] Hashnode: https://hashnode.com/@<USERNAMES>
[+] Houzz: https://houzz.com/user/<USERNAMES>
[+] HubPages: https://hubpages.com/@<USERNAMES>
[+] ICQ: https://icq.im/<USERNAMES>/en
[+] IFTTT: https://www.ifttt.com/p/<USERNAMES>
[+] IRL: https://www.irl.com/<USERNAMES>
[+] Imgur: https://imgur.com/user/<USERNAMES>
[+] Instructables: https://www.instructables.com/member/<USERNAMES>
[+] Intigriti: https://app.intigriti.com/profile/<USERNAMES>
[+] Ionic Forum: https://forum.ionicframework.com/u/<USERNAMES>
[+] Issuu: https://issuu.com/<USERNAMES>
[+] Joplin Forum: https://discourse.joplinapp.org/u/<USERNAMES>
[+] KEAKR: https://www.keakr.com/en/profile/<USERNAMES>
[+] Kaggle: https://www.kaggle.com/<USERNAMES>
[+] Keybase: https://keybase.io/<USERNAMES>
[+] Kik: https://kik.me/<USERNAMES>
[+] Kongregate: https://www.kongregate.com/accounts/<USERNAMES>
[+] LOR: https://www.linux.org.ru/people/<USERNAMES>/profile
[+] Launchpad: https://launchpad.net/~<USERNAMES>
[+] LeetCode: https://leetcode.com/<USERNAMES>
[+] LessWrong: https://www.lesswrong.com/users/@<USERNAMES>
[+] Letterboxd: https://letterboxd.com/<USERNAMES>
[+] Lichess: https://lichess.org/@/<USERNAMES>
[+] Linktree: https://linktr.ee/<USERNAMES>
[+] LottieFiles: https://lottiefiles.com/<USERNAMES>
[+] MMORPG Forum: https://forums.mmorpg.com/profile/<USERNAMES>
[+] Mapify: https://mapify.travel/<USERNAMES>
[+] Medium: https://medium.com/@<USERNAMES>
[+] Memrise: https://www.memrise.com/user/<USERNAMES>/
[+] MixCloud: https://www.mixcloud.com/<USERNAMES>/
[+] Monkeytype: https://monkeytype.com/profile/<USERNAMES>
[+] Motorradfrage: https://www.motorradfrage.net/nutzer/<USERNAMES>
[+] Munzee: https://www.munzee.com/m/<USERNAMES>
[+] MyAnimeList: https://myanimelist.net/profile/<USERNAMES>
[+] MyMiniFactory: https://www.myminifactory.com/users/<USERNAMES>
[+] Mydramalist: https://www.mydramalist.com/profile/<USERNAMES>
[+] Needrom: https://www.needrom.com/author/<USERNAMES>/
[+] Newgrounds: https://<USERNAMES>.newgrounds.com
[+] NitroType: https://www.nitrotype.com/racer/<USERNAMES>
[+] NotABug.org: https://notabug.org/<USERNAMES>
[+] OpenStreetMap: https://www.openstreetmap.org/user/<USERNAMES>
[+] PSNProfiles.com: https://psnprofiles.com/<USERNAMES>
[+] Pastebin: https://pastebin.com/u/<USERNAMES>
[+] Patreon: https://www.patreon.com/<USERNAMES>
[+] Periscope: https://www.periscope.tv/<USERNAMES>/
[+] Pinkbike: https://www.pinkbike.com/u/<USERNAMES>/
[+] Pokemon Showdown: https://pokemonshowdown.com/users/<USERNAMES>
[+] Polarsteps: https://polarsteps.com/<USERNAMES>
[+] ProductHunt: https://www.producthunt.com/@<USERNAMES>
[+] PromoDJ: http://promodj.com/<USERNAMES>
[+] PyPi: https://pypi.org/user/<USERNAMES>
[+] Quizlet: https://quizlet.com/<USERNAMES>
[+] Rate Your Music: https://rateyourmusic.com/~<USERNAMES>
[+] Redbubble: https://www.redbubble.com/people/<USERNAMES>
[+] Reddit: https://www.reddit.com/user/<USERNAMES>
[+] Replit.com: https://replit.com/@<USERNAMES>
[+] ReverbNation: https://www.reverbnation.com/<USERNAMES>
[+] Roblox: https://www.roblox.com/user.aspx?username=<USERNAMES>
[+] RubyGems: https://rubygems.org/profiles/<USERNAMES>
[+] Rumble: https://rumble.com/user/<USERNAMES>
[+] RuneScape: https://apps.runescape.com/runemetrics/app/overview/player/<USERNAMES>
[+] Sbazar.cz: https://www.sbazar.cz/<USERNAMES>
[+] Scratch: https://scratch.mit.edu/users/<USERNAMES>
[+] Scribd: https://www.scribd.com/<USERNAMES>
[+] Shpock: https://www.shpock.com/shop/<USERNAMES>/items
[+] Signal: https://community.signalusers.org/u/<USERNAMES>
[+] Slack: https://<USERNAMES>.slack.com
[+] Slashdot: https://slashdot.org/~<USERNAMES>
[+] SlideShare: https://slideshare.net/<USERNAMES>
[+] Slides: https://slides.com/<USERNAMES>
[+] Smule: https://www.smule.com/<USERNAMES>
[+] Snapchat: https://www.snapchat.com/add/<USERNAMES>
[+] SoundCloud: https://soundcloud.com/<USERNAMES>
[+] SourceForge: https://sourceforge.net/u/<USERNAMES>
[+] Speedrun.com: https://speedrun.com/user/<USERNAMES>
[+] Spotify: https://open.spotify.com/user/<USERNAMES>
[+] Star Citizen: https://robertsspaceindustries.com/citizens/<USERNAMES>
[+] SteamGroup: https://steamcommunity.com/groups/<USERNAMES>
[+] Strava: https://www.strava.com/athletes/<USERNAMES>
[+] SublimeForum: https://forum.sublimetext.com/u/<USERNAMES>
[+] TETR.IO: https://ch.tetr.io/u/<USERNAMES>
[+] Telegram: https://t.me/<USERNAMES>
[+] Tellonym.me: https://tellonym.me/<USERNAMES>
[+] Tenor: https://tenor.com/users/<USERNAMES>
[+] ThemeForest: https://themeforest.net/user/<USERNAMES>
[+] TikTok: https://tiktok.com/@<USERNAMES>
[+] TradingView: https://www.tradingview.com/u/<USERNAMES>/
[+] TrashboxRU: https://trashbox.ru/users/<USERNAMES>
[+] Trello: https://trello.com/<USERNAMES>
[+] TryHackMe: https://tryhackme.com/p/<USERNAMES>
[+] Tweakers: https://tweakers.net/gallery/<USERNAMES>
[+] Twitch: https://www.twitch.tv/<USERNAMES>
[+] Typeracer: https://data.typeracer.com/pit/profile?user=<USERNAMES>
[+] Ultimate-Guitar: https://ultimate-guitar.com/u/<USERNAMES>
[+] Unsplash: https://unsplash.com/@<USERNAMES>
[+] VSCO: https://vsco.co/<USERNAMES>
[+] Velomania: https://forum.velomania.ru/member.php?username=<USERNAMES>
[+] Venmo: https://account.venmo.com/u/<USERNAMES>
[+] Vimeo: https://vimeo.com/<USERNAMES>
[+] VirusTotal: https://www.virustotal.com/gui/user/<USERNAMES>
[+] Warrior Forum: https://www.warriorforum.com/members/<USERNAMES>.html
[+] Wattpad: https://www.wattpad.com/user/<USERNAMES>
[+] Whonix Forum: https://forums.whonix.org/u/<USERNAMES>/summary
[+] Wikidot: http://www.wikidot.com/user:info/<USERNAMES>
[+] Wikipedia: https://en.wikipedia.org/wiki/Special:CentralAuth/<USERNAMES>?uselang=qqx
[+] Windy: https://community.windy.com/user/<USERNAMES>
[+] WordPressOrg: https://profiles.wordpress.org/<USERNAMES>/
[+] Wordnik: https://www.wordnik.com/users/<USERNAMES>
[+] Wykop: https://www.wykop.pl/ludzie/<USERNAMES>
[+] YouPic: https://youpic.com/photographer/<USERNAMES>/
[+] Youtube User: https://www.youtube.com/user/<USERNAMES>
[+] authorSTREAM: http://www.authorstream.com/<USERNAMES>/
[+] babyblogRU: https://www.babyblog.ru/user/<USERNAMES>
[+] couchsurfing: https://www.couchsurfing.com/people/<USERNAMES>
[+] d3RU: https://d3.ru/user/<USERNAMES>/posts
[+] dailykos: https://www.dailykos.com/user/<USERNAMES>
[+] datingRU: http://dating.ru/<USERNAMES>
[+] drive2: https://www.drive2.ru/users/<USERNAMES>
[+] eGPU: https://egpu.io/forums/profile/<USERNAMES>/
[+] ebio.gg: https://ebio.gg/<USERNAMES>
[+] eintracht: https://community.eintracht.de/fans/<USERNAMES>
[+] fl: https://www.fl.ru/users/<USERNAMES>
[+] freecodecamp: https://www.freecodecamp.org/<USERNAMES>
[+] furaffinity: https://www.furaffinity.net/user/<USERNAMES>
[+] geocaching: https://www.geocaching.com/p/default.aspx?u=<USERNAMES>
[+] gfycat: https://gfycat.com/@<USERNAMES>
[+] habr: https://habr.com/ru/users/<USERNAMES>
[+] hackster: https://www.hackster.io/<USERNAMES>
[+] hunting: https://www.hunting.ru/forum/members/?username=<USERNAMES>
[+] iMGSRC.RU: https://imgsrc.ru/main/user.php?user=<USERNAMES>
[+] igromania: http://forum.igromania.ru/member.php?username=<USERNAMES>
[+] interpals: https://www.interpals.net/<USERNAMES>
[+] irecommend: https://irecommend.ru/users/<USERNAMES>
[+] jbzd.com.pl: https://jbzd.com.pl/uzytkownik/<USERNAMES>
[+] jeuxvideo: http://www.jeuxvideo.com/profil/<USERNAMES>?mode=infos
[+] kofi: https://ko-fi.com/<USERNAMES>
[+] kwork: https://kwork.ru/user/<USERNAMES>
[+] labpentestit: https://lab.pentestit.ru/profile/<USERNAMES>
[+] last.fm: https://last.fm/user/<USERNAMES>
[+] livelib: https://www.livelib.ru/reader/<USERNAMES>
[+] mastodon.social: https://mastodon.social/@<USERNAMES>
[+] mercadolivre: https://www.mercadolivre.com.br/perfil/<USERNAMES>
[+] metacritic: https://www.metacritic.com/user/<USERNAMES>
[+] minds: https://www.minds.com/<USERNAMES>/
[+] moikrug: https://moikrug.ru/<USERNAMES>
[+] note: https://note.com/<USERNAMES>
[+] npm: https://www.npmjs.com/~<USERNAMES>
[+] opennet: https://www.opennet.ru/~<USERNAMES>
[+] osu!: https://osu.ppy.sh/users/<USERNAMES>
[+] phpRU: https://php.ru/forum/members/?username=<USERNAMES>
[+] pikabu: https://pikabu.ru/@<USERNAMES>
[+] satsisRU: https://satsis.info/user/<USERNAMES>
[+] uid: http://uid.me/<USERNAMES>
[+] wykop.pl: https://www.wykop.pl/ludzie/<USERNAMES>
[*] Search completed with 231 results
参考:Sherlock
その他
OSINTに関連するサービスは他にもありますが、海外で開発されています。
名前の出てくるサービスとして、SpokeoやRocketReachがありますが、基本的に有料サービスとなっています。
RocketReachについては、一部無料で利用することができます。
無料で使えるWebサービスについては、WhatsMyNameが便利だと思います。
使い勝手としては、SherlockのようにヒットしたソーシャルネットワークのURLを列挙できます。
おわりに
Harvesterは組織に関するターゲットドメインの情報、Sherlockについては個人の情報など用途に応じて使い分けるのが効率的だと思います。