杂谈
我们之前介绍过OSINT工具,通过开源情报、公网中暴露的信息进行调查、溯源,本文依旧是分享OSINT工具的使用方法,我们尝试通过该工具查看我们的邮箱账户是否在公网中泄露!
相关阅读
Mosint
准备工作
需要先给自己的Linux系统安装git命令
CentOS
如果你是CentOS环境,您可以输入下面的命令
sudo yum install gitDebian/Ubuntu
sudo apt install gitMosint工具的使用
下载git仓库
git clone https://github.com/alpkeskin/mosint.git![图片[1]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704023540824.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
安装依赖
我们输入下面的命令进入mosint目录
cd mosint![图片[2]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704023639696.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
安装依赖
pip3 install -r requirements.txt![图片[3]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704030223188.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
工具集成开源引擎
| 服务 | 功能 | 状态 | 获取APIKEY的方法 |
|---|---|---|---|
| ipapi.co – 公共 | 关于域名的信息比较多 | ✅ | 无需APIKEY |
| hunter.io – 公共 | 相关邮箱账户 | ✅ 🔑 | 👉点击阅读 |
| emailrep.io – 公共 | 被入侵的网站名称 | ✅ 🔑 | 👉点击阅读 |
| scylla.so – 公共 | 数据库泄露 | 🚧 | 暂时维护 |
| breachdirectory.org – 公共 | 密码泄露 | ✅ 🔑 | 👉点击阅读 |
| Intelligence X | 密码泄露 | ✅ 🔑 | 👉点击阅读 |
您需要去相关网站注册账户,并获取APIKEY,然后填入key.json文件
{
"BreachDirectory.org API Key": "",
"Hunter.io API Key": "",
"EmailRep.io API Key": "",
"Intelx.io API Key": ""
}![图片[4]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704030658748.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
EmailRep申请是需要24小时之内才能获取到APIKEY的,我这里还没有拿到,故先填入其他的三个!
![图片[5]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704035115952.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[6]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704031813360-1024x705.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[7]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704031903718.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[8]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704031934277-1024x334.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[9]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704033112563-1024x596.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[10]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704033223307.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[11]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704035017504-1024x283.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[12]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704033825103-1024x614.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[13]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704033856617-1024x227.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[14]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704033928955.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[15]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704033934474.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[16]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704034016975-1024x426.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[17]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704034110476-1024x282.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[18]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704034139961-1024x363.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[19]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704034633673-1024x499.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[20]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704034741749-1024x744.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[21]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704034829145-1024x359.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[22]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704034902926-1024x575.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
邮箱账户收集
比方说我们想查询下我的QQ邮箱663962@qq.com
查询全部资料
go run main.go -e 663962@qq.com -all查询是否有数据泄露
密码泄露会进行脱敏
go run main.go -e 663962@qq.com -leaks这里可以看到之前我的密码用过6745****😂
![图片[23]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704040250327.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
其实我们之前还介绍了很多类似的工具在社区
查询社交平台注册情况
go run main.go -e 663962@qq.com -social![图片[24]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704063903415.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
查询关联域名
go run main.go -e 663962@qq.com -domain![图片[25]-如何使用OSINT工具调查邮箱账户-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220704063234316.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
更多工具
针对企业我们还可以使用一些收集的平台
© 版权声明
THE END
- 最新
- 最热
只看作者