The Best OSINT Tool in Cybersecurity

As we turn into the digital world, cybersecurity becomes more important. Threats and attacks get more complicated as days go on and we need to keep up to stay ahead, OSINT is a tool that has helped cybersecurity professionals detect potential threats or vulnerabilities. Today I want to introduce you to the best OSINT tool out there, Netlas.io.

Link: https://netlas.io/

Rundown Of Netlas.io

As stated by Netlas, “Netlas.io scans every IPv4 address and crawls every known website and web application utilizing such protocols as HTTP, FTP, SMTP, POP3, IMAP, SMB/CIFS, SSH, Telnet, SQL, and others. Collected data is enriched with additional info and available through Netlas.io Search tools.”.

Tools provided by Netlas

There are five general data collections available: internet scan results, DNS registry, IP WHOIS, Domain WHOIS, and SSL certificates. Netlas also provides us with many features.

Features provided by Netlas

Netlas already has well-known companies using its service.

Companies using Netlas

What Are Some Of The Many Things You Can Do?

There are endless things you can do using Netlas, here is a really good link that allows you to explore the many options it has to offer.

Guide: https://github.com/netlas-io/netlas-cookbook

Here are the different services I found to be very interesting: digital forensics and incident response, crypto investigations, and IoT search.

Digital Forensics And Incident Response

We can search for domains that could be used for phishing by doing “domain:facebook.com~” as an example.

We’re also able to search for servers with malicious software by using “http.title:Gophish http.title:Login” as an example.

Crypto Investigations

Finding mining farms is also possible through “http.headers.www_authenticate:antMiner” as an example.

Another thing you can search on this is websites with infected crypto miners by using “http.body:coinhive.min.js domain:*”.

IoT Search (9 Basic Ways)

Examples:
Search by http.title = http.title:Jeedom
Search by port = port:8000 http.title:radio
Search by favicon = http.favicon.hash_sha256:62a8461e328d5bace3780ff738d0b58f6502592c04afa564e0a8a792583a7bfb
Search by server headers = http.headers.server:"i-Catcher Console"
Search by cookies = http.headers.set_cookie:(regist_carNo=)
Search by tag = tag.category:"Web cameras"

Pricing

Netlas offers different prices that come with different advantages.

Final Thoughts

The closest tool that almost replicates Netlas is Shodan but in my opinion, Netlas takes the cake here. Netlas not only has more of an advanced search filter but it also provides you with a more user-friendly experience and much better documentation compared to Shodan. Overall this tool could be very useful for people working in digital forensics, bug bounty hunting, and pentesting. I encourage everyone to try out Netlas and explore the many features they have to offer, if you enjoyed this article please follow or leave a clap, happy hacking!