SlideShare a Scribd company logo

Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx

โ€ขDownload as PPTX, PDFโ€ข
โ€ข
null - The Open Security Community
null - The Open Security Community

Deck of Debraj Dey's Session at Null Kolkata Meetup on 6th August.

Presentations & Public Speaking
1 of 18
Demystifying Cyber Threat Intelligence
$whoami ๐Ÿ”’ Cyber Security Enthusiast ๐Ÿ”’ LinkedIn: linkedin.com/in/cyberdebraj/ GitHub: github.com/VU3ZHY Twitter: https://twitter.com/vu3zhy HAM Radio(VU3ZHY): https://www.qrz.com/db/vu3zhy Facebook: https://www.facebook.com/vu3zhy/
The Place of CTI In the overall CyberSecurity posture: Past Present Future VAPT Security Operation Center (SOC) Cyber Threat Intelligence(CTI) Red Teaming Digital Forensic and Incident Response(DFIR) Threat Hunting
Prerequisite Terms & Topics for CTI โ— Indicator of Compromise (IOC) โ— Indicator of Attack (IOA) โ— Advanced persistent threat (APT) โ— Tactics, Techniques, and Procedures (TTPs) โ— Cyber Kill Chain
Types of Cyber Threat Intelligence
Use Case :
Scope for Cyber Threat Intelligence โ— Domain Monitoring โ— Leaked Credential Monitoring โ— Deep/Dark web monitoring โ—‹ Deep/Dark web Marketplace & Forams โ— Social media Monitoring โ— Paste & Document Sharing Sites Monitoring โ— Git Monitoring
Domain Monitoring Problem Statement: โ— Typosquatters, โ— Phishing attacks, โ— Fraud โ— Brand impersonation Solution: โ— Variety of highly domain fuzzing algorithms โ— Unicode domain names (IDN) โ— Domain permutations from dictionary files โ— Multithreaded task distribution โ— Live phishing web page detection: โ— HTML similarity with fuzzy hashes (ssdeep/tlsh) โ— Screenshot visual similarity with perceptual hashes (pHash) โ— Rogue MX host detection (intercepting misdirected e-mails) โ— GeoIP location โ— Export to CSV and JSON https://dnstwist.it/ https://github.com/elceef/dnstwist
Leaked Credential Monitoring โ— https://haveibeenpwned.com/ โ— https://leakcheck.io/ โ— https://hacknotice.com/free-account/#instant-security-risk โ— https://www.optery.com/ โ— https://en.wikipedia.org/wiki/List_of_data_breaches
Deep/Dark web monitoring โ— ahmia โ— darksearchio โ— onionland โ— notevil โ— darksearchenginer โ— phobos โ— onionsearchserver โ— torgle โ— onionsearchengine โ— tordex โ— tor66 โ— tormax โ— haystack โ— multivac โ— evosearch โ— deeplink https://github.com/megadose/OnionSearch
Deep/Dark web Marketplace & Forams Forams: โ— raidforums โ— leakzone โ— Hackforums โ— evilzone โ— nulled.to โ— xss.in โ— leakworld โ— exploitin โ— Leakforums Marketplaces: โ— Genesis market โ— Russian market โ— Alphabay โ— DarkBay โ— SilkRoad โ— TorMarket โ— DarkFox Market โ— WhiteHouse Market โ— Hydra โ— Versus โ— Empire Market Solution: https://github.com/webfp/tor- browser-selenium https://stackoverflow.com/questi ons/39134419/run-tor-browser- with-selenium-webdriver
Social Media Monitoring: Facebook Graph API Instagram https://github.com/Datalux/Osintgram Twitter Tweepy + ELK Stack Microsoft Power Automate LinkedIn โ€”-------------------------------- Telegram TGStat Alert Bot https://github.com/dayeol/telegram-keyword-detector
Paste & Document Sharing Sites Monitoring Paste Sites โ— Pastebin โ— ZeroBin โ— TextBin โ— Hastebin โ— Stronghold Paste- TOR โ— DeepPaste-TOR โ— PrivateBin Document Sharing Sites โ— Scribd โ— slideshare โ— qdoc https://github.com/beamzer/pastebin- monitor-and-alert Custom Scraper & crawler if the API is available. Or Python Library(If Scrapable): โ— BeautifulSoup โ— Scrapy โ— Selenium
Library Performance Ease of Use Extensibility Ecosystem BeautifulSo up - Slower than Scrapy and Selenium, can use multithreading for speedup. - Ideal for beginners exploring web scraping. - Suitable for minor projects with low complexity. - Good ecosystem but may have several dependencies. Scrapy - Faster and more efficient, supports asynchronous request execution. - More complex with a steeper learning curve. - Preferred for complex, large-scale projects. - Robust ecosystem, allows automation with proxies. Selenium - Efficient but slower with large data volumes, waits for entire page load. - More complex, has a complete toolkit for web automation. - Beneficial for JavaScript- heavy websites. - Robust ecosystem, may require additional effort for proxies.
GIT Monitoring Platforms that already searched for leaks: โ— https://trufflesecurity.com/blog/introducing-forager/ List of open source tools: โ— https://github.com/obheda12/GitDorker โ— https://github.com/dxa4481/truffleHog โ— https://github.com/gitleaks/gitleaks โ— https://github.com/hisxo/gitGraber โ— https://github.com/eth0izzle/shhgit โ— https://github.com/techgaun/github-dorks โ— https://github.com/michenriksen/gitrob โ— https://github.com/anshumanbh/git-all-secrets โ— https://github.com/awslabs/git-secrets โ— https://github.com/kootenpv/gittyleaks
Wrapping up the CTI
Doubts and Queries

Recommended

Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
ย 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management ProgramBeyondTrust
ย 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmeshDharmesh Kumar Sharma
ย 
API Testing and Hacking (1).pdf
API Testing and Hacking (1).pdfAPI Testing and Hacking (1).pdf
API Testing and Hacking (1).pdfVishwas N
ย 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
ย 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_finalCMR WORLD TECH
ย 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
ย 
Microservicios
MicroserviciosMicroservicios
MicroserviciosJoan Sebastiรกn Ramรญrez Pรฉrez
ย 

Recommended

Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
ย 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management ProgramBeyondTrust
ย 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmeshDharmesh Kumar Sharma
ย 
API Testing and Hacking (1).pdf
API Testing and Hacking (1).pdfAPI Testing and Hacking (1).pdf
API Testing and Hacking (1).pdfVishwas N
ย 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
ย 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_finalCMR WORLD TECH
ย 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
ย 
Microservicios
MicroserviciosMicroservicios
MicroserviciosJoan Sebastiรกn Ramรญrez Pรฉrez
ย 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
ย 
Implementing error budgets
Implementing error budgetsImplementing error budgets
Implementing error budgetsYaroslav Molochko
ย 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
ย 
Threat Modeling Using STRIDE
Threat Modeling Using STRIDEThreat Modeling Using STRIDE
Threat Modeling Using STRIDEGirindro Pringgo Digdo
ย 
Supply Chain Attacks
Supply Chain AttacksSupply Chain Attacks
Supply Chain AttacksLionel Faleiro
ย 
Cassandra at eBay - Cassandra Summit 2012
Cassandra at eBay - Cassandra Summit 2012Cassandra at eBay - Cassandra Summit 2012
Cassandra at eBay - Cassandra Summit 2012Jay Patel
ย 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionConor Ryan
ย 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat IntelligenceNTT Innovation Institute Inc.
ย 
Cybersecurity Interview Questions Part -2.pdf
Cybersecurity Interview Questions Part -2.pdfCybersecurity Interview Questions Part -2.pdf
Cybersecurity Interview Questions Part -2.pdfInfosec Train
ย 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
ย 
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAjin Abraham
ย 
Semi-Supervised Learning In An Adversarial Environment
Semi-Supervised Learning In An Adversarial EnvironmentSemi-Supervised Learning In An Adversarial Environment
Semi-Supervised Learning In An Adversarial EnvironmentDataWorks Summit
ย 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfTapOffice
ย 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
ย 
The Akamai Security Portfolio
The Akamai Security PortfolioThe Akamai Security Portfolio
The Akamai Security PortfolioElisabeth Bitsch-Christensen
ย 
Classification of vulnerabilities
Classification of vulnerabilitiesClassification of vulnerabilities
Classification of vulnerabilitiesMayur Mehta
ย 
Best Practices for Network Security Management
Best Practices for Network Security Management Best Practices for Network Security Management
Best Practices for Network Security Management Skybox Security
ย 
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)Daniel Tumser
ย 
Introducing Riak
Introducing RiakIntroducing Riak
Introducing RiakKevin Smith
ย 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsDamon Small
ย 
Blue team reboot - HackFest
Blue team reboot - HackFest Blue team reboot - HackFest
Blue team reboot - HackFest Haydn Johnson
ย 
Taming botnets
Taming botnetsTaming botnets
Taming botnetsf00d
ย 

More Related Content

What's hot

Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
ย 
Implementing error budgets
Implementing error budgetsImplementing error budgets
Implementing error budgetsYaroslav Molochko
ย 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
ย 
Supply Chain Attacks
Supply Chain AttacksSupply Chain Attacks
Supply Chain AttacksLionel Faleiro
ย 
Cassandra at eBay - Cassandra Summit 2012
Cassandra at eBay - Cassandra Summit 2012Cassandra at eBay - Cassandra Summit 2012
Cassandra at eBay - Cassandra Summit 2012Jay Patel
ย 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionConor Ryan
ย 
Cybersecurity Interview Questions Part -2.pdf
Cybersecurity Interview Questions Part -2.pdfCybersecurity Interview Questions Part -2.pdf
Cybersecurity Interview Questions Part -2.pdfInfosec Train
ย 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
ย 
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAjin Abraham
ย 
Semi-Supervised Learning In An Adversarial Environment
Semi-Supervised Learning In An Adversarial EnvironmentSemi-Supervised Learning In An Adversarial Environment
Semi-Supervised Learning In An Adversarial EnvironmentDataWorks Summit
ย 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfTapOffice
ย 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
ย 
Classification of vulnerabilities
Classification of vulnerabilitiesClassification of vulnerabilities
Classification of vulnerabilitiesMayur Mehta
ย 
Best Practices for Network Security Management
Best Practices for Network Security Management Best Practices for Network Security Management
Best Practices for Network Security Management Skybox Security
ย 
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)Daniel Tumser
ย 
Introducing Riak
Introducing RiakIntroducing Riak
Introducing RiakKevin Smith
ย 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsDamon Small
ย 

What's hot (20)

Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021
ย 
Implementing error budgets
Implementing error budgetsImplementing error budgets
Implementing error budgets
ย 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
ย 
Threat Modeling Using STRIDE
Threat Modeling Using STRIDEThreat Modeling Using STRIDE
Threat Modeling Using STRIDE
ย 
Supply Chain Attacks
Supply Chain AttacksSupply Chain Attacks
Supply Chain Attacks
ย 
Cassandra at eBay - Cassandra Summit 2012
Cassandra at eBay - Cassandra Summit 2012Cassandra at eBay - Cassandra Summit 2012
Cassandra at eBay - Cassandra Summit 2012
ย 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security Solution
ย 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
ย 
Cybersecurity Interview Questions Part -2.pdf
Cybersecurity Interview Questions Part -2.pdfCybersecurity Interview Questions Part -2.pdf
Cybersecurity Interview Questions Part -2.pdf
ย 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ย 
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
ย 
Semi-Supervised Learning In An Adversarial Environment
Semi-Supervised Learning In An Adversarial EnvironmentSemi-Supervised Learning In An Adversarial Environment
Semi-Supervised Learning In An Adversarial Environment
ย 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdf
ย 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
ย 
The Akamai Security Portfolio
The Akamai Security PortfolioThe Akamai Security Portfolio
The Akamai Security Portfolio
ย 
Classification of vulnerabilities
Classification of vulnerabilitiesClassification of vulnerabilities
Classification of vulnerabilities
ย 
Best Practices for Network Security Management
Best Practices for Network Security Management Best Practices for Network Security Management
Best Practices for Network Security Management
ย 
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)
ย 
Introducing Riak
Introducing RiakIntroducing Riak
Introducing Riak
ย 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
ย 

Similar to Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx

Blue team reboot - HackFest
Blue team reboot - HackFest Blue team reboot - HackFest
Blue team reboot - HackFest Haydn Johnson
ย 
Taming botnets
Taming botnetsTaming botnets
Taming botnetsf00d
ย 
Life Cycle And Detection Of Bot Infections Through Network Traffic Analysis
Life Cycle And Detection Of Bot Infections Through Network Traffic AnalysisLife Cycle And Detection Of Bot Infections Through Network Traffic Analysis
Life Cycle And Detection Of Bot Infections Through Network Traffic AnalysisPositive Hack Days
ย 
Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?inaz2
ย 
OSINT for Proactive Defense - RootConf 2019
OSINT for Proactive Defense - RootConf 2019OSINT for Proactive Defense - RootConf 2019
OSINT for Proactive Defense - RootConf 2019RedHunt Labs
ย 
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data ExfiltrationWhat Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data ExfiltrationCTruncer
ย 
Adversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUESAdversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUESEMERSON EDUARDO RODRIGUES
ย 
Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...EC-Council
ย 
Android Application Security from consumer and developer perspectives
Android Application Security from consumer and developer perspectivesAndroid Application Security from consumer and developer perspectives
Android Application Security from consumer and developer perspectivesAyoma Wijethunga
ย 
Automation Attacks At Scale
Automation Attacks At ScaleAutomation Attacks At Scale
Automation Attacks At ScaleMayank Dhiman
ย 
Security Vulnerabilities: How to Defend Against Them
Security Vulnerabilities: How to Defend Against ThemSecurity Vulnerabilities: How to Defend Against Them
Security Vulnerabilities: How to Defend Against ThemMartin Vigo
ย 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
ย 
Hitbkl 2012
Hitbkl 2012Hitbkl 2012
Hitbkl 2012F _
ย 
Evolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConEvolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConJorge Orchilles
ย 
Algorand Educate: Intro to Algorand
Algorand Educate: Intro to AlgorandAlgorand Educate: Intro to Algorand
Algorand Educate: Intro to AlgorandTinaBregovi
ย 
Racing crypto exchanges, or how I manipulated the balances
Racing crypto exchanges, or how I manipulated the balancesRacing crypto exchanges, or how I manipulated the balances
Racing crypto exchanges, or how I manipulated the balancesVahagn Vardanyan
ย 
Dumb Smart Contracts (TBBUG).pdf
Dumb Smart Contracts (TBBUG).pdfDumb Smart Contracts (TBBUG).pdf
Dumb Smart Contracts (TBBUG).pdfParesh Yadav
ย 
How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...
How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...
How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...bugcrowd
ย 
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against BotnetGangSeok Lee
ย 

Similar to Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx (20)

Blue team reboot - HackFest
Blue team reboot - HackFest Blue team reboot - HackFest
Blue team reboot - HackFest
ย 
Taming botnets
Taming botnetsTaming botnets
Taming botnets
ย 
Life Cycle And Detection Of Bot Infections Through Network Traffic Analysis
Life Cycle And Detection Of Bot Infections Through Network Traffic AnalysisLife Cycle And Detection Of Bot Infections Through Network Traffic Analysis
Life Cycle And Detection Of Bot Infections Through Network Traffic Analysis
ย 
Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?
ย 
OSINT for Proactive Defense - RootConf 2019
OSINT for Proactive Defense - RootConf 2019OSINT for Proactive Defense - RootConf 2019
OSINT for Proactive Defense - RootConf 2019
ย 
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data ExfiltrationWhat Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
ย 
Adversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUESAdversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge โ€“ Overview EMERSON EDUARDO RODRIGUES
ย 
Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE โ€“ How Application of Concepts and Persist...
ย 
Android Application Security from consumer and developer perspectives
Android Application Security from consumer and developer perspectivesAndroid Application Security from consumer and developer perspectives
Android Application Security from consumer and developer perspectives
ย 
Automation Attacks At Scale
Automation Attacks At ScaleAutomation Attacks At Scale
Automation Attacks At Scale
ย 
Security Vulnerabilities: How to Defend Against Them
Security Vulnerabilities: How to Defend Against ThemSecurity Vulnerabilities: How to Defend Against Them
Security Vulnerabilities: How to Defend Against Them
ย 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
ย 
Hitbkl 2012
Hitbkl 2012Hitbkl 2012
Hitbkl 2012
ย 
What is being exposed from IoT Devices
What is being exposed from IoT DevicesWhat is being exposed from IoT Devices
What is being exposed from IoT Devices
ย 
Evolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConEvolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootCon
ย 
Algorand Educate: Intro to Algorand
Algorand Educate: Intro to AlgorandAlgorand Educate: Intro to Algorand
Algorand Educate: Intro to Algorand
ย 
Racing crypto exchanges, or how I manipulated the balances
Racing crypto exchanges, or how I manipulated the balancesRacing crypto exchanges, or how I manipulated the balances
Racing crypto exchanges, or how I manipulated the balances
ย 
Dumb Smart Contracts (TBBUG).pdf
Dumb Smart Contracts (TBBUG).pdfDumb Smart Contracts (TBBUG).pdf
Dumb Smart Contracts (TBBUG).pdf
ย 
How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...
How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...
How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...
ย 
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
ย 

More from null - The Open Security Community

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
ย 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxnull - The Open Security Community
ย 
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfImmutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfnull - The Open Security Community
ย 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfnull - The Open Security Community
ย 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...null - The Open Security Community
ย 
Reverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptxnull - The Open Security Community
ย 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...null - The Open Security Community
ย 

More from null - The Open Security Community (18)

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
ย 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
ย 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
ย 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
ย 
Hardware-Hacking-101 By Asutosh Kumar.pdf
Hardware-Hacking-101 By Asutosh Kumar.pdfHardware-Hacking-101 By Asutosh Kumar.pdf
Hardware-Hacking-101 By Asutosh Kumar.pdf
ย 
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdfDemystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
ย 
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfImmutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
ย 
Recon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdfRecon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdf
ย 
A talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda TamlyA talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda Tamly
ย 
The Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh SealThe Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh Seal
ย 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
ย 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
ย 
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdfCyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
ย 
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptxGSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
ย 
Reverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and Itโ€™s Basic by Prasenjit Kanti Paul.pptx
ย 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
ย 
Evolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptxEvolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptx
ย 
C&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptxC&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptx
ย 

Recently uploaded

Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...marjmae69
ย 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxFamilyWorshipCenterD
ย 
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)Basil Achie
ย 
Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”soniya singh
ย 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfhenrik385807
ย 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...NETWAYS
ย 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
ย 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptssuser319dad
ย 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
ย 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringSebastiano Panichella
ย 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...NETWAYS
ย 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSebastiano Panichella
ย 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@vikas rana
ย 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxmavinoikein
ย 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
ย 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
ย 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxJohnree4
ย 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...NETWAYS
ย 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxBasil Achie
ย 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfhenrik385807
ย 

Recently uploaded (20)

Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
ย 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
ย 
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
ย 
Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls in Rohini Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
ย 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
ย 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
ย 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
ย 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.ppt
ย 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
ย 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software Engineering
ย 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
ย 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation Track
ย 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
ย 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
ย 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
ย 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
ย 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptx
ย 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
ย 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
ย 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
ย 

Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx

  • 2. $whoami ๐Ÿ”’ Cyber Security Enthusiast ๐Ÿ”’ LinkedIn: linkedin.com/in/cyberdebraj/ GitHub: github.com/VU3ZHY Twitter: https://twitter.com/vu3zhy HAM Radio(VU3ZHY): https://www.qrz.com/db/vu3zhy Facebook: https://www.facebook.com/vu3zhy/
  • 3. The Place of CTI In the overall CyberSecurity posture: Past Present Future VAPT Security Operation Center (SOC) Cyber Threat Intelligence(CTI) Red Teaming Digital Forensic and Incident Response(DFIR) Threat Hunting
  • 4. Prerequisite Terms & Topics for CTI โ— Indicator of Compromise (IOC) โ— Indicator of Attack (IOA) โ— Advanced persistent threat (APT) โ— Tactics, Techniques, and Procedures (TTPs) โ— Cyber Kill Chain
  • 5. Types of Cyber Threat Intelligence
  • 7. Scope for Cyber Threat Intelligence โ— Domain Monitoring โ— Leaked Credential Monitoring โ— Deep/Dark web monitoring โ—‹ Deep/Dark web Marketplace & Forams โ— Social media Monitoring โ— Paste & Document Sharing Sites Monitoring โ— Git Monitoring
  • 8. Domain Monitoring Problem Statement: โ— Typosquatters, โ— Phishing attacks, โ— Fraud โ— Brand impersonation Solution: โ— Variety of highly domain fuzzing algorithms โ— Unicode domain names (IDN) โ— Domain permutations from dictionary files โ— Multithreaded task distribution โ— Live phishing web page detection: โ— HTML similarity with fuzzy hashes (ssdeep/tlsh) โ— Screenshot visual similarity with perceptual hashes (pHash) โ— Rogue MX host detection (intercepting misdirected e-mails) โ— GeoIP location โ— Export to CSV and JSON https://dnstwist.it/ https://github.com/elceef/dnstwist
  • 9. Leaked Credential Monitoring โ— https://haveibeenpwned.com/ โ— https://leakcheck.io/ โ— https://hacknotice.com/free-account/#instant-security-risk โ— https://www.optery.com/ โ— https://en.wikipedia.org/wiki/List_of_data_breaches
  • 10. Deep/Dark web monitoring โ— ahmia โ— darksearchio โ— onionland โ— notevil โ— darksearchenginer โ— phobos โ— onionsearchserver โ— torgle โ— onionsearchengine โ— tordex โ— tor66 โ— tormax โ— haystack โ— multivac โ— evosearch โ— deeplink https://github.com/megadose/OnionSearch
  • 11. Deep/Dark web Marketplace & Forams Forams: โ— raidforums โ— leakzone โ— Hackforums โ— evilzone โ— nulled.to โ— xss.in โ— leakworld โ— exploitin โ— Leakforums Marketplaces: โ— Genesis market โ— Russian market โ— Alphabay โ— DarkBay โ— SilkRoad โ— TorMarket โ— DarkFox Market โ— WhiteHouse Market โ— Hydra โ— Versus โ— Empire Market Solution: https://github.com/webfp/tor- browser-selenium https://stackoverflow.com/questi ons/39134419/run-tor-browser- with-selenium-webdriver
  • 12. Social Media Monitoring: Facebook Graph API Instagram https://github.com/Datalux/Osintgram Twitter Tweepy + ELK Stack Microsoft Power Automate LinkedIn โ€”-------------------------------- Telegram TGStat Alert Bot https://github.com/dayeol/telegram-keyword-detector
  • 13. Paste & Document Sharing Sites Monitoring Paste Sites โ— Pastebin โ— ZeroBin โ— TextBin โ— Hastebin โ— Stronghold Paste- TOR โ— DeepPaste-TOR โ— PrivateBin Document Sharing Sites โ— Scribd โ— slideshare โ— qdoc https://github.com/beamzer/pastebin- monitor-and-alert Custom Scraper & crawler if the API is available. Or Python Library(If Scrapable): โ— BeautifulSoup โ— Scrapy โ— Selenium
  • 14. Library Performance Ease of Use Extensibility Ecosystem BeautifulSo up - Slower than Scrapy and Selenium, can use multithreading for speedup. - Ideal for beginners exploring web scraping. - Suitable for minor projects with low complexity. - Good ecosystem but may have several dependencies. Scrapy - Faster and more efficient, supports asynchronous request execution. - More complex with a steeper learning curve. - Preferred for complex, large-scale projects. - Robust ecosystem, allows automation with proxies. Selenium - Efficient but slower with large data volumes, waits for entire page load. - More complex, has a complete toolkit for web automation. - Beneficial for JavaScript- heavy websites. - Robust ecosystem, may require additional effort for proxies.
  • 15. GIT Monitoring Platforms that already searched for leaks: โ— https://trufflesecurity.com/blog/introducing-forager/ List of open source tools: โ— https://github.com/obheda12/GitDorker โ— https://github.com/dxa4481/truffleHog โ— https://github.com/gitleaks/gitleaks โ— https://github.com/hisxo/gitGraber โ— https://github.com/eth0izzle/shhgit โ— https://github.com/techgaun/github-dorks โ— https://github.com/michenriksen/gitrob โ— https://github.com/anshumanbh/git-all-secrets โ— https://github.com/awslabs/git-secrets โ— https://github.com/kootenpv/gittyleaks
  • 16.