OSINT - Open Source Intelligence


Published on

OSINT - Open Source Intelligence by Rohit Srivastwa at c0c0n - International Cyber Security and Policing Conference http://is-ra.org/c0c0n/speakers.htm

Published in: Technology

OSINT - Open Source Intelligence

  1. 1. a civilian approach to fight cyberwarintroducingOSINT
  2. 2. Shameless Self PromotionFounder, ClubHackMentor, ClubHack MagazineAwarded as Microsoft Most Valuable Professional 2012 in Enterprise Security.Advisor eGov - Science & Technology park, DSTEx- Head of Technology, Commonwealth Game(s)
  3. 3. rohit11
  4. 4. Agenda for next 30min What is Tools & Tricks Case Study OSINT Remember, it can save a lot of pain in future
  5. 5. Open Source Intelligence Nothing to do with Open Source Software though 
  6. 6. What is it? OSINT: Open Source INTelligence “Is an information processing discipline that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence.”
  7. 7. A lot of information out there
  8. 8. Too much information everywhere !Sources
  9. 9. Cable Gating is not OSINT, its crime. But wiki leaks is a OS info :DNever Cross boundaries
  10. 10. Tools & Tricks Again not a rocket science
  11. 11. MaltegoTools
  12. 12. LeakedIn The primary purpose of leakedin.com is to make visitors aware about the risks of loosing data. This blog just compiles samples of data lost or disclosed on sites likeTools pastebin.com.
  13. 13. LeakedInTools
  14. 14. AnonPaste MonitorTools
  15. 15. Tweeter MonitoringTools
  16. 16. Facebook MonitoringTools
  17. 17. Tools http://talkback.volvent.org/items.html
  18. 18. More Tools Metadata : – Foca , metagoofil , exiftool Online sites : – Shodanhq, Serversniff, netcraft, centralops, FF extensions :– wappalyzer,Tools Passive recon, Our Own Mantra
  19. 19. Nostradamus Geographically spread sources ofdifferent types and Databases of security services formats and other law enforcement authorities Mass media articles and other public sources (including the web)Police reports, recorded at the Nostradamus regional police departments Life scan systems Tools Information from the field on: Communication accidents, incidents, interviews, records etc
  20. 20. Nostradamus A complete, powerful analytical tool  Analysis of Relationships, Graphical visualization of Relationships  Detection of Direct and Hidden networks, patterns, trends  GIS Analysis, Space-Time Analysis  Telephone Call Analysis, Contacts Analysis  GIS enabled Analysis; Movement & Location Analysis  Crime Pattern Analysis, Proactive Analysis  Multi-lingual Phonetic & Semantic Search & Query  Intelligence Accumulation  Completely web-based; includes online & real-time capabilitiesTools  Automated data capture. IP, GPRS, SMS enabled  Structured information access privileges  Client side Platform independent. No special requirement w.r.t. the User PC  Efficient operations even with low communication capabilities
  21. 21. NostradamusTools Criminal Intelligence Analytical System
  22. 22. Case Study “Lord of Dharamaraja”
  23. 23. Lords of Dharmaraja
  24. 24. Lords of Dharmaraja
  25. 25. If we have the will...
  26. 26. Thanksrohit@clubhack.com +91-92-CLUBHACK