Today’s post is on the crossroads between the realms of OSINT and penetration testing. It’s come to life as a result of my research and exploration of the pentesting methodologies, approaches, frameworks and tools.
Last year when discussing URL manipulation I briefly mentioned some techniques of web parameter tampering, which is not a strictly OSINT method, because it involves interaction with the target as opposed to passive open source research only.
Here are some tools that I have come across and tested (some more thoroughly, some less). If you have any interest in pentesting as a casual hobby (like I do), then you should enjoy this list.
PS. After the tools part, you’ll find my tips on passing the CompTIA Pentest+ certification.