1) TORBOT

This tool is an OSINT resource designed specifically for the dark web. Crafted using Python, its primary aim is to systematically gather comprehensive information using data mining algorithms. Its capabilities extend to meticulous data retrieval and the generation of a tree graph, enabling in-depth exploration.

Operating as an Onion Crawler (.onion), it extracts page titles, site addresses, and brief descriptions. It then saves these links to a database, retrieves emails, and facilitates the preservation of crawl data into a JSON file.

Moreover, this tool is adept at crawling custom domains and seamlessly integrating with social media platforms, broadening its scope and utility.

2) Dark scrap

This OSINT tool is designed to locate accessible media links within Tor websites. It facilitates the easy extraction of downloadable media from a single URL or various files, while also offering advanced face recognition capabilities.

3) Fresh Onions

This tool is designed to uncover hidden services by combing through a variety of Clearnet sources. It offers optional full-text Elasticsearch support for enhanced search capabilities. With this tool, you can locate SSH fingerprints and email addresses within hidden services, as well as identify Bitcoin addresses operating within these concealed domains. It also provides insights into the network connections by revealing both incoming and outgoing links within onion domains. Users can stay updated with real-time information on the status of hidden services. Additionally, the tool can conduct port scanning, search for “interesting” URL paths, which is particularly useful for 404 error detection, and automatically detect languages and fuzzy clones, making it a comprehensive solution for online investigations and analysis.

4) Onioff

An uncomplicated and user-friendly Python tool designed for investigating Deep Web URLs.

5) Tor Crawl

Tor Crawl not only navigates through hidden services on Tor but also aids in extracting code from the webpages of these services.

6) Photon

A Python-based, straightforward tool to explore URLs in the Deep Web. Photon, a swift crawler optimized for OSINT purposes, functions as a tool for quick web exploration and intelligence checks. It efficiently validates various online resources and gathers information about the intended target.

This tool also has add-ons like,

a) dnsdumpster.com

b) findsubdomains.com

c) web.archive.org

The tool extracts the following data while crawling:

a) URLs with parameters (example.com/gallery.php?id=2)

b) emails, social media accounts

c) Various types of Files

d) Secret keys

e) files of JavaScript & Present endpoints

f) Subdomains Information & data related to DNS

7) Hakrawler

A straightforward and efficient web application crawler designed to facilitate the swift and simple identification of endpoints within web applications.

It can be used to discover:

a) Forms

b) Endpoints

c) Subdomains

d) JavaScript files

8) OSINT-SPY

This OSINT tool facilitates online investigations, enabling scans for information related to email addresses, domains, IP addresses, and organizations. It efficiently collects a wide array of data, including full names, given names, gender, employment particulars, social profiles, and photos. Designed for security researchers, penetration testers, and cybercrime investigators, this tool serves as a valuable asset in unearthing confidential information about targeted individuals. Its comprehensive capabilities streamline the process of gathering pertinent data, aiding in various investigative endeavors.

9) Gasmask

Gasmask is a comprehensive OSINT information gathering tool designed to serve the needs of bug hunters, penetration testers, and cybersecurity researchers. It empowers users to collect valuable data from a variety of publicly accessible sources, including Ask, cessys.io, Bing, dnsdumpter, and VirusTotal. Gasmask offers two distinct modes, the basic mode and the non-Google mode, providing flexibility in information retrieval based on specific preferences and requirements. This tool has become an essential resource for those seeking to extract insights and intelligence from the open web.

10) h8mail

An Email OSINT and Password Breach Hunting tool, H8mail specializes in uncovering weak credentials by sifting through billions of passwords. Specifically designed to locate plaintext passwords within massive data breaches using just an individual’s email, its default source for this information is Scylla.

11) Skip tracer

Introducing an OSINT Scraping Framework Tool

When embarking on reconnaissance and attack vectors, obtaining data mining results often involves expenses, such as with Maltego. Skip Tracer has been developed to streamline the process by automating queries and parsing data from third-party services, significantly enhancing productivity during background research and investigations. This versatile tool allows us to extract license plate OSINT data, providing comprehensive vehicle information for our use.

12) Final Recon

A versatile web reconnaissance OSINT tool designed for comprehensive online information gathering. This fast and user-friendly Python script is primarily employed for web reconnaissance tasks.

This tool can extract the data such as,

a) Header Information

b) WHOIS

c) SSL Certificate Details

d) Crawler

➢ Conclusion

• The Dark Web serves as a valuable resource for individuals involved in illegal, criminal, or terrorist activities, aiming to evade identification by government authorities and security agencies.
• Law enforcement agencies need to adapt swiftly to combat criminality on the Dark Web, especially within its hidden service markets, by investing in new training and technologies.
• Ongoing advancements in Information Retrieval, Network Analysis, and Digital Forensics offer law enforcement multiple opportunities to overcome the limitations posed by the Dark Web’s anonymity, preventing criminal exploitation and curbing illicit activities.
• ICT technologies have reached a level of maturity that enables their reliable use in supporting law enforcement, making these tools crucial for real-world investigations in the years ahead.
• It is imperative for law enforcement to ensure the ethical use of these technologies to safeguard freedom of speech and human rights for users employing Dark Web anonymity for societal benefit.
• Extracting OSINT from the Dark Web is a vital aspect of efforts to mitigate potential threats that endanger modern societies.

➢ Resources

https://www.soscanhelp.com/blog/history-of-the-dark-web

https://jakecreps.com/2019/05/16/osint-tools-for-the-dark-web/

https://www.researchgate.net/publication/332969272_Crawling_the_Dark_Web_A_Conceptual_Perspective_Challenges_and_Implementation/link/5ce81886299bf14d95b746ad/download

For personalize training Contact : [email protected]