Gitrob is a command line tool which can help organizations and security professionals find sensitive information lingering in publicly available files on GitHub. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information. Read the blog post for more information.
AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for common web ports and HTTP headers, HTML bodies and screenshots can be gathered and consolidated into a report for easy analysis of the attack surface.
Birdwatcher is a data analysis and OSINT framework for Twitter. Birdwatcher supports creating multiple workspaces where arbitrary Twitter users can be added and their tweets harvested through the Twitter API for offline storage and analysis. Birdwatcher comes with several modules which can be envoked to further enrich collected data or work with it, e.g. Retrieving user's Klout score, generating social graphs between users and weighted word clouds based on their Tweets.
Searchpass is a simple tool for offline searching of default credentials for network devices, web applications and more.
HaveIBeenPwned.com is a fantastic and free web service to check if an e-mail address is included in a collection of high profile data breaches. HIBP is a simple command line tool to check a bunch of addresses against the HaveIBeenPwned.com API.
Dolus is a simple Add-on for the Firefox browser that will add a X-Forwarded-For header with a fake IP address to all the browser's requests. The X-Forwarded-For header is used by transparent proxies to tell servers which IP address they are forwarding requests for and because of that, many servers will log that IP instead of the actual requesting IP address. The Add-on can give some potential extra anonymity, but it is not a replacement for a VPN or anonymity software like Tor!