If you haven’t yet heard of Recon-ng I suggest you check it out. It walks you through the process of collecting recon in various forms and provides a nice framework to store, sort, and report on everything you collect. You should definitely get this set up if you plan to follow along.
I have been working on a Recon-ng module to do some Facebook OSINT by using the Facebook Graph API to search for phone numbers. It allows you to search for a specific phone number, or brute force through a range of numbers and grab all of the publicly available information on each associated Facebook account that matches.
This is not currently a built-in module so you will need to grab the code at the end of the post. (more…)