Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ecstatic-nobel/pOSINT
Gather Open-Source Intelligence using PowerShell.
https://github.com/ecstatic-nobel/pOSINT
alienvault automation censys crtsh cybersecurity cymon greynoise hybrid-analysis infosec malshare osint powershell pulsedive threat-hunting threatcrowd threatminer urlhaus urlscan virustotal
Last synced: 21 days ago
JSON representation
Gather Open-Source Intelligence using PowerShell.
- Host: GitHub
- URL: https://github.com/ecstatic-nobel/pOSINT
- Owner: ecstatic-nobel
- License: mit
- Created: 2019-03-07T17:21:24.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2019-10-20T20:00:22.000Z (about 5 years ago)
- Last Synced: 2024-08-05T17:33:43.959Z (4 months ago)
- Topics: alienvault, automation, censys, crtsh, cybersecurity, cymon, greynoise, hybrid-analysis, infosec, malshare, osint, powershell, pulsedive, threat-hunting, threatcrowd, threatminer, urlhaus, urlscan, virustotal
- Language: PowerShell
- Homepage:
- Size: 8.21 MB
- Stars: 165
- Watchers: 10
- Forks: 35
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - ecstatic-nobel/pOSINT - Gather Open-Source Intelligence using PowerShell. (PowerShell)
README
# [pOSINT™]
##### Gather Open-Source Intelligence using PowerShell.### Usage
Save the parent project directory, `pOSINT`, to `C:\Users\$env:username\Documents\WindowsPowerShell\Modules\`.List available modules:
```powershell
Get-Module -ListAvailable
```Import the module:
```powershell
Import-Module pOSINT
```Or, just import the manifest file manually:
```powershell
Import-Module pOSINT.psd1
```View module details:
```powershell
Get-Module pOSINT
```Review module help page:
```powershell
Get-Help Search-
```Show Cmdlet examples:
```powershell
Get-Help Search- -Examples
```Check the following sources' help page to see special mappings:
- AlienVault
- Censys
- Hybrid-Analysis
- ThreatMinerRemove the module:
```powershell
Remove-Module pOSINT
```### Examples:
```powershell
Search-AlienVault -Endpoint IPv4 -Section general -Query 187.233.152.78 | Format-List
Search-Censys -Uid -Secret -Endpoint search -Index certificates -Query pandorasong.com | Format-List
Search-Crtsh -Query jotugaedorm.com -Wildcard | Format-List
Search-Cymon -Endpoint ip -Query 195.123.237.120 | Format-List
Search-EmailRep -Query [email protected] | Format-List
Search-GreyNoise -Endpoint list | Format-List
Search-GreyNoise -Endpoint tag -Query ADB_WORM | Format-List
Search-GreyNoise -Endpoint ip -Query 123.193.145.85 | Format-List
Search-HybridAnalysis -ApiKey -Secret -Endpoint hash -Name hash -Query 116858001ed50d8dd02b353473a139b98820dcf620c9e70e8a51c49f62cc6581 | Format-List
Search-Malshare -ApiKey -Query 4cc96f0003b6c0429f29013a8d9e3e3c | Format-List
Search-PhishingKitTracker | Format-List
Search-PulseDive -Endpoint threat -Query Zeus | Format-List
Search-PulseDive -Endpoint indicator -Query pulsedive.com | Format-List
Search-PulseDive -Endpoint feed_list | Format-List
Search-PulseDive -Endpoint feed -Query "Zeus Bad Domains" -organization abuse.ch | Format-List
Search-ThreatCrowd -Endpoint ip -Query 188.40.75.132 | Format-List
Search-ThreatMiner -Endpoint host -Query 216.58.192.174 -QueryType report_tagging | Format-List
Search-Urlhaus -Endpoint payload -Query 4ef1c08fe44a8d1e1c8ef214e7ed63a318663e926860702076bc6234fd3b1d11 | Format-List
Search-Urlscan -Query 4ef1c08fe44a8d1e1c8ef214e7ed63a318663e926860702076bc6234fd3b1d11 | Format-List
Search-VirusTotal -ApiKey -Endpoint ip-address -Query 99.84.254.97 | Format-List
```
![pOSINT](https://raw.githubusercontent.com/ecstatic-nobel/pOSINT/master/static/assets/pOSINT.gif)### Things to Know
- Do not use Format-List when accessing propertiesPlease fork, create merge requests, and help make this better.