Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Let’s hunt the target using OSINT

670 views

Published on

This is the slides of the online talk given at @NullBhopal. This introduces people to Open Source INTelligence and their uses in daily life and pentesting.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Let’s hunt the target using OSINT

  1. 1. Let’s Hunt the Target using OSINT
  2. 2. Who am I ? ● Chandrapal ● Security Enthusiast ● Founder of Hack with GitHub ● Open Source Developer (@Chan9390) ● GSoC 2017 - Metasploitable 3
  3. 3. Session is targeted to ● Beginners who are interested in Open Source Intelligence. ● For people who want to know what information lies there open on internet.
  4. 4. Agenda ● What is intelligence ? ● What is Open Source Intelligence ? ● Recent trends in OSINT ● OSINT in real life with example (Twitter, Facebook) ● OSINT in pentests (offensive) ● Few Demos
  5. 5. What is Intelligence ?
  6. 6. What is Intelligence ? Wikipedia defines Intelligence as: One's capacity for logic, understanding, self-awareness, learning, emotional knowledge, planning, creativity, and problem solving
  7. 7. What is Intelligence ? Wikipedia defines Intelligence as: One's capacity for logic, understanding, self-awareness, learning, emotional knowledge, planning, creativity, and problem solving In other words: It is the ability to understand and draw a logical conclusion from the available information
  8. 8. What is Intelligence ? Wikipedia defines Intelligence as: One's capacity for logic, understanding, self-awareness, learning, emotional knowledge, planning, creativity, and problem solving In other words: It is the ability to understand and draw a logical conclusion from the available information
  9. 9. Types of Intelligence ● Human Intelligence (HUMINT) ● Geospatial Intelligence (GEOINT) ● Signals Intelligence (SIGINT) ● Open-Source Intelligence (OSINT)
  10. 10. Open Source Intelligence ● Art of collecting information which is scattered on publicly available sources ● Open here refers to overt, publicly available sources ● Not completely legal, as it is against the privacy of a person ● Gathering bits to form the big picture ● Depends on sources. Continuously evolving. ● Information sources could be anything not limited to metadata, social media and blogs
  11. 11. Traditional Methods ● Using search engines Eg: Google, Bing, etc ● News sites Eg: CNN, BBC, etc ● Corporate Websites ● Government Websites ● Blogs
  12. 12. Modern Resources ● Advanced Search Engines ● Social Media sites ● Deepweb/Darkweb ● Automated tools
  13. 13. Recent Trends in OSINT https://trends.google.com
  14. 14. OSINT tools
  15. 15. OSINT in Real life We use OSINT in everyday life ● Finding download links for Game of Thrones series ● Finding the best looking person ● Knowing about the company before applying for a position ● Knowing your ex’s latest crush :P
  16. 16. Why OSINT has become so important ? ● Humans by nature try to get others attention ● So many post (personal) information on online platforms thinking that only intended members will look. ● New smartphones have geo-tagging feature enabled by default ● Metadata of those images can give a glimpse of your daily life
  17. 17. What can you figure out from this ?
  18. 18. Car License
  19. 19. Bank and Bank Account
  20. 20. Credit card and DOB
  21. 21. Mobile No, Phone Model, much more
  22. 22. tinfoleak Demo - Twitter
  23. 23. Inteltechniques.com Demo - Facebook https://inteltechniques.com/menu.html
  24. 24. The problem I faced Hack with GitHub - initiative to showcase open source security tools on GitHub along with their Author’s twitter handle
  25. 25. How OSINT has helped me ? 80% - @xyz123 - @xyz123 6% - @xyz123 - @_xyz123, @xyz123_, @xyz_123 or @_xyz123_ 4% - Check their websites for Twitter handles 2% - Impossible to find What about the other 8% ?
  26. 26. How OSINT has helped me ? 3% - Check the links on Twitter. People generally brag about their tools. 2% - Same profile pictures. Use reverse image (https://tineye.com/) 3% - Git log - Email OSINT
  27. 27. OSINT in Pentest ● Webapp ○ Wappalyzer ○ RetireJS ● Domain-IP lookup ○ Whois lookup ○ Reverse IP Lookup ● Find if emails were previously pwned ○ HaveIBeenPwned lookup
  28. 28. OSINT in Pentest ● Advanced Search engine searches: site:*.example.org ext:php | ext:txt | ext:log ● Checking robots.txt ● Advanced search: Wolfram Alpha ● Subdomain enumeration ○ Certificate transparency ○ Shodan ○ Censys
  29. 29. Examples
  30. 30. Intrigue - Demo You can know more about Intrigue at: https://www.youtube.com/watch?v=kWrdxuFaEVg
  31. 31. espi0n - Coming Soon !
  32. 32. Any Questions ?
  33. 33. References: ● https://github.com/jivoi/awesome-osint ● https://blog.appsecco.com/open-source-intelligence-gathering-101- d2861d4429e3 ● https://www.slideshare.net/SudhanshuChauhan ● http://www.automatingosint.com/blog/ ● https://intrigue.io

×