IRAN PWNED - HOW IT WAS DONE All of this intelligence was gathered using 100% legal, publicly available information. No hacking. No exploits. Just OSINT. Here's how: DNS ENUMERATION - Queried public DNS records (A, MX, TXT, SPF, DMARC) - Found private IPs leaked in public DNS (oops) - Discovered VPN endpoints they forgot to hide CERTIFICATE TRANSPARENCY - Searched crt.sh for SSL certificates - Found admin portals, internal subdomains - Exposed dev tools: JIRA, Git, chat systems SUBDOMAIN BRUTEFORCE - Ran wordlists against .gov.ir domains - Mapped 182 embassy subdomains - Found editorial systems, remote access servers HTTP HEADER ANALYSIS - Checked server responses for leaks - Found session IDs, tracking cookies - Identified CDN provider (ArvanCloud) JAVASCRIPT ANALYSIS - Read their frontend code - Found hidden API domains (khamenei.link) - Discovered tracking systems WHOIS & ASN LOOKUP - Identified government-owned networks - Traced hosting to Russia, Hungary, Bulgaria - Mapped Hezbollah's infrastructure strategy EXIF METADATA - Downloaded public images - Found Photoshop versions, timestamps - Traced to specific workstations GOOGLE DORKING - Site-specific searches - Found exposed files, directories - Identified robots.txt leaks --- Tools used: dig, nslookup, curl, crt.sh, Shodan, VirusTotal, SecurityTrails, wayback machine, browser DevTools Time spent: A few hours Cost: $0 --- The Iranian regime spent millions on cyber infrastructure. We mapped it with free tools and coffee. That's OSINT. --- THE ROAST: You run a "cyber superpower" but leak private IPs in public DNS? My grandma has better OpSec. Your Supreme Leader's website uses Google Analytics. Google. The American company you claim to hate. They're literally feeding your visitor data to Mountain View, California. Hezbollah's "resistance" media runs on Russian hosting because they know Lebanon can't protect them. Real resistance energy right there. You're using pirated Photoshop from 2002. TWENTY-TWO YEARS OLD. Even your propaganda budget is sanctioned. FarsNews has their JIRA, Git repos, AND internal chat exposed. The IRGC really said "open source everything." We found your VPN endpoint named "minister.local" - thanks for labeling it for us. US DOJ seized your .org domains so you just... added .lb and kept going? That's not resilience, that's a participation trophy. Your "hidden" API was on a .link domain. We found it by reading your JavaScript. In 5 minutes. 182 embassy subdomains mapped. Your entire diplomatic network. From a laptop. ArvanCloud hosts ALL your government sites. One CDN. That's not infrastructure, that's a single point of failure with extra steps. --- Billions in oil money. Revolutionary Guard cyber units. State-sponsored everything. Defeated by: dig, curl, and ctrl+U Welcome to the internet. We see everything. --- #OSINT #CyberSecurity #Iran #InfoSec #ThreatIntel #Hezbollah #IRGC #DNS #Reconnaissance #HackThePlanet #OpSec #OpSecFail #CyberIntelligence #OpenSourceIntelligence #RedTeam #BlueTeam #SecurityResearch @RINGMAST4R