<aside> <img src="/icons/crab_yellow.svg" alt="/icons/crab_yellow.svg" width="40px" />

Notes

</aside>

Apps

Notion all-in-one: Notes/databases Obsidian MD, offline, PKM with Zettelkasten Microsoft OneNote digital notebook Joplin e2e encryption, MD, flexible storage Google Keep sticky notes/reminders Simplenote cross-platform, MD Standard Notes e2e encryption + free tier

Text Editors

Notepad++ edits, syntax highlighting, plugins VSCodium bin distro of VS Code Geany light, GTK toolkit

Network Screen-shots

EyeWitness webapp; headers, SSL, source code Aquatone HTTP-based; headers, SSL, graphs gowitness headless capture

Individual

Flameshot annotation ShareX GIFs + file sharing Greenshot light + editor snagit advanced editing macOS Screenshot (Built-in) Snipping Tool (Built-in Win)

<aside> <img src="/icons/bee_orange.svg" alt="/icons/bee_orange.svg" width="40px" />

Passive Enum

</aside>

WHOIS

MX Toolbox DNS, MX, SPF, DKIM, blacklist whois.domaintools.com lookups + history

who.is domain ownership info

whois [moo.com](<http://piratemoo.com/>) # whois
nmap --script whois-domain [moo.com](<http://piratemoo.com/>) # whois
curl -s "[crt.sh/?q=%25.moo.com&output=json](<http://crt.sh/?q=%25.piratemoo.com&output=json>)" | jq . 

DNS (Subdomain)

Hurricane Electric BGP Toolkit ASN/routing DNSdumpster recon/subdomain

Google DNS Toolbox ViewDNS DNS/IP analysis

dig moo.com
dig –x moo.com # reverse dns lookup
dig moo.com -t mx +short # mail info 
dig moo.com -t ns +short # ns info
dig moo.com -t cname # cname info
dig axfr moo.com ns08.domaincontrol.com # dns xfer check 

subfinder -d moo.com -silent # dns; passive; OSINT-focus
sublist3r -d moo.com # dns; subdomain
findomain -t moo.com # dns; subdomain
assetfinder --subs-only moo.com # dns; subdomain
gau moo.com | cut -d/ -f3 | sort -u  # dns;subdomain

SSL/Cert/Header Analysis

crt.sh cert search + domain enum SSL Labs SSL/TLS config analysis

Security Headers header sec PublicWWW searches site code for shared sigs

sslscan moo.com
sslyze --certinfo moo.com
testssl -S moo.com
humble -u moo.com # headers

Archives, Metadata Extraction

CachedView - Google's cached version of pages Wayback Machine Archived web pages Aperisolve Metadata and stegonagraphy analysis

waybackpy -u [<https://www.piratemoo.com>](<https://www.piratemoo.com/>) -N -Y 2024  # -N,-Y,-M,-D,-H 
# archive cloese to, yr, mo, day, hr + RANGE 
# add file, strings, binwalk, exiftool

Check Links/Files

Browserling Cross-browser testing in a sandbox ANY.RUN Interactive malware analysis sandbox Hybrid Analysis Free malware analysis service

Virus Total File/URL analysis with multiple engines urlscan.io Analyze websites in a secure sandbox