Information gath

M.Syarifudin, ST, OSCP, OSWP
M.Syarifudin, ST, OSCP, OSWP Information Security Trainer
By : Syarif
Cybercrime Investigation Center Mabes Polri
Jakarta, 28 Januari 2012
About Pentest ( Penetration Testing )
Pentest Phase
How Important do Information Gathering
Passive & Active Information Gathering
Google Hack
About Pentest ( Penetration Testing )
A method to evaluate the security of computer system / network
Practice ( attacking ) an IT System like a ‘hacker’ do
Find a security holes ( systemic weaknesses )
By pass security mechanism
compromise an Organization’s IT System Security
Must have a permission from IT System owner
~ The Person is called a Pentester ~
Pentest Phase
Information Gathering
Vulnerability Analysis
Post Exploitation
How Important do Information Gath.
Information Gath. Chance of Successful attack~
Passive & Active Information Gathering
Passive Information Gathering Active Information Gathering
Google Hacking
Port Scanning
Service Scanning
Google Hack
was introduced by Johnny Long
based on google basic usage information :http://!
More :
Google Hack ( cont’d )
Google basic search help
Google Hack ( cont’d )
Operators and More Search help
Google Hack ( cont’d )
Examples :
Google Hack ( cont’d )
Examples :
Google Hack ( cont’d )
Examples :
Google Hack ( cont’d )
Other Examples :
Google Hack ( cont’d )
Other Examples :
Google Hack ( cont’d )
More Examples :
an Internet monitoring company based on England
OS detection
web server
Netcraft ( cont’d )
Metasploit The Penetration Tester’s Guide : David
Kennedy , Jim O’Gorman, Devon Kearns, Mati
1 of 21

More Related Content

What's hot(20)

THOR Apt ScannerTHOR Apt Scanner
THOR Apt Scanner
Florian Roth5.1K views
Eliz seminar Eliz seminar
Eliz seminar
henelpj134 views
Setup Your Personal Malware LabSetup Your Personal Malware Lab
Setup Your Personal Malware Lab
Digit Oktavianto4.4K views
Investigating Malware using Memory ForensicsInvestigating Malware using Memory Forensics
Investigating Malware using Memory Forensics
Cysinfo Cyber Security Community4K views
Malware analysisMalware analysis
Malware analysis
Prakashchand Suthar3.3K views
Lannguyen-Detecting Cyber AttacksLannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber Attacks
Security Bootcamp725 views
Real life hacking101Real life hacking101
Real life hacking101
Florent Batard588 views
Malware Analysis Using Free SoftwareMalware Analysis Using Free Software
Malware Analysis Using Free Software
Xavier Mertens4.3K views
Pentesting with linuxPentesting with linux
Pentesting with linux
Hammad Ahmed Khawaja353 views
Humla workshop on Android Security Testing - null SingaporeHumla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null Singapore
n|u - The Open Security Community952 views
Lalith Sai436 views
Hunting Ghost RAT Using Memory ForensicsHunting Ghost RAT Using Memory Forensics
Hunting Ghost RAT Using Memory Forensics
securityxploded2.5K views
Malware forensicsMalware forensics
Malware forensics
Sameera Amjad367 views

Viewers also liked(6)

My pwk & oscp journeyMy pwk & oscp journey
My pwk & oscp journey
M.Syarifudin, ST, OSCP, OSWP 25.5K views
Prepare Yourself to Become Infosec ProfessionalPrepare Yourself to Become Infosec Professional
Prepare Yourself to Become Infosec Professional
M.Syarifudin, ST, OSCP, OSWP 14.4K views
Pentest with MetasploitPentest with Metasploit
Pentest with Metasploit
M.Syarifudin, ST, OSCP, OSWP 23.6K views
Wireless LAN Security-Bimtek KominfoWireless LAN Security-Bimtek Kominfo
Wireless LAN Security-Bimtek Kominfo
M.Syarifudin, ST, OSCP, OSWP 13.3K views
Social Network Security & Backdooring emailSocial Network Security & Backdooring email
Social Network Security & Backdooring email
M.Syarifudin, ST, OSCP, OSWP 16.6K views
IPTV SecurityIPTV Security
IPTV Security
M.Syarifudin, ST, OSCP, OSWP 18.4K views

Similar to Information gath(20)

Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
HassanAhmedShaikh150 views
Ceh introCeh intro
Ceh intro
Animesh Roy70 views
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
Vishal Kumar4.9K views
Itis pentest slides  hydItis pentest slides  hyd
Itis pentest slides hyd
Rama krishna591 views
Ce hv8 module 03 scanning networksCe hv8 module 03 scanning networks
Ce hv8 module 03 scanning networks
Mehrdad Jingoism1.3K views
Hunt down the evil of your infrastructureHunt down the evil of your infrastructure
Hunt down the evil of your infrastructure
Bangladesh Network Operators Group340 views
Ethical hackingEthical hacking
Ethical hacking
Meghal Murkute192 views
Ethical hEthical h
Ethical h
kawsarahmedchoudhuryzzz826 views
Ethical hackingEthical hacking
Ethical hacking
kawsarahmedchoudhuryzzz6.1K views
Ethical hEthical h
Ethical h
Dr. Salman Iqbal774 views
Ethical hackingEthical hacking
Ethical hacking
sumanth12011.4K views
Ethical Hacking: A Comprehensive CheatsheetEthical Hacking: A Comprehensive Cheatsheet
Ethical Hacking: A Comprehensive Cheatsheet
Megawatt Content Marketing263 views
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with Phirelight
Hostway|HOSTING1.4K views

Recently uploaded(20)

STYP infopack.pdfSTYP infopack.pdf
STYP infopack.pdf
Fundacja Rozwoju Społeczeństwa Przedsiębiorczego159 views
Dance KS5 BreakdownDance KS5 Breakdown
Dance KS5 Breakdown
WestHatch53 views
RajaulKarim2061 views
Classification of crude drugs.pptxClassification of crude drugs.pptx
Classification of crude drugs.pptx
GayatriPatra1460 views
BYSC infopack.pdfBYSC infopack.pdf
BYSC infopack.pdf
Fundacja Rozwoju Społeczeństwa Przedsiębiorczego160 views
SukhwinderSingh895865480 views
nisrinamadani2159 views
Narration lesson plan.docxNarration lesson plan.docx
Narration lesson plan.docx
TARIQ KHAN92 views
ACTIVITY BOOK key water sports.pptxACTIVITY BOOK key water sports.pptx
ACTIVITY BOOK key water sports.pptx
Mar Caston Palacio275 views
Lecture: Open InnovationLecture: Open Innovation
Lecture: Open Innovation
Michal Hron94 views
Plastic waste.pdfPlastic waste.pdf
Plastic waste.pdf
alqaseedae94 views
Nico Baumbach IMR Media ComponentNico Baumbach IMR Media Component
Nico Baumbach IMR Media Component
InMediaRes1368 views
ICS3211_lecture 08_2023.pdfICS3211_lecture 08_2023.pdf
ICS3211_lecture 08_2023.pdf
Vanessa Camilleri79 views
231112 (WR) v1  ChatGPT OEB 2023.pdf231112 (WR) v1  ChatGPT OEB 2023.pdf
231112 (WR) v1 ChatGPT OEB 2023.pdf
WilfredRubens.com118 views
Class 10 English  lesson plansClass 10 English  lesson plans
Class 10 English lesson plans
TARIQ KHAN189 views

Information gath