OSINT Tutorial
Five-module OSINT tutorial covering Google dorking, subdomain enumeration, config file hunting, Shodan analysis, and CVE identification.
All Training →Guided reconnaissance exercise against a fictional company. Start with a domain name and work through five modules to identify a specific CVE on an exposed database server.
The five modules cover subdomain enumeration using site operators, finding exposed admin panels with intitle and inurl, hunting for leaked config files with filetype searches, pivoting to Shodan for host analysis, and searching for known vulnerabilities.
Type your queries into the simulated browser and Shodan interfaces. The tutorial validates your syntax and shows you the correct approach if you get stuck. Shodan access unlocks after you find credentials in module three.
The field notes panel tracks findings across modules.