3. OSINT – Open Source INTelligence● It is NOT related to open source software● It is NOT related to open source licenses● It is NOT related to artificial intelligence
4. What Is OSINT ?Wikipedia :“Open-source intelligence (OSINT) is aform of intelligence collection managementthat involves finding, selecting, andacquiring information from publiclyavailable sources and analyzing it toproduce actionable intelligence”
5. What is OSINT ? Publicly available information Select / Collecting and storing itAnalysis and relating and filtering it More target specific information ATTACKS
6. Why OSINT works ?
7. Humans are social beingswe love to share information
8. We share information that we are not suppose to share
9. Sometime it is necessary to give out that much information
10. So what is the problem ??
12. Why OSINT for pentesting ?
13. Some things to consider● Passive (most of it)● Legally provides much larger and wider view towards the target company / person● Uncovers more attack surface● Narrow downs many attack vectors● Helps when you dont have 0days● More specific social engineering attack vector can be crafted● Helps in other steps in a pentest
14. Leveraging OSINT● Reconnaissance● Vulnerability analysis● Privilege escalation● Social engineering/ profiling people
15. Reconnaissance● We can have information like – OS – IP – Software / Versions – Geo location
22. Social engineering / profiling people● All kind of personal and professional info – Names - dob – Residence address – Phone no. – Emails – Close associates / friends – Interest / hobbies – Pictures
23. From ?● People lookup databases● Social networks● Local yellow pages● Mtnl / bsnl tele. Dir● Public mobile info. services
24. What can we have from OSINT ?
25. ● Email addresses● Phone numbers● User names / password● OS info● IP info● Softwares / version● Geo location● Personal details● vulnerabilities