Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Rv defcon25 osint tactics on source code intelligence - simon roses

168 views

Published on

http://reconvillage.org/osint-tactics-on-source-code-and-developers/

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Rv defcon25 osint tactics on source code intelligence - simon roses

  1. 1. Recon Village DEF CON 25 29 July Las Vegas, USA
  2. 2. ME & VULNEX Simon Roses Femerling •  Founder & CEO, VULNEX www.vulnex.com •  @simonroses •  Former Microsoft, PwC, @Stake •  US DARPA award to research on software security •  Speaker: Black Hat, DEF CON, RSA, HITB, OWASP, SOURCE, AppSec, DeepSec, TECHNET •  Blog: http://www.simonroses.com/ •  Youtube: https://www.youtube.com/channel/UC8KUXxTSEdWfpFzAydjEzyQ •  CyberSecurity Startup •  @vulnexsl •  Professional Services & Training •  Products: BinSecSweeper (Unified File Security Analysis) VULNEX
  3. 3. TALK OBJECTIVES •  Basic Source Code analysis •  Applying OSINT tactics on source code
  4. 4. AGENDA 1.  Introduc,on 2.  OSINT Developers 3.  Conclusions
  5. 5. KEEP IN MIND
  6. 6. 1. TARGET
  7. 7. 1. WHY DEVELOPERS? •  Technical people but usually not security savvy –  Influencers –  Access to information & systems –  Common habits we can exploit: •  Science Fiction •  Anime •  Porn •  Beer
  8. 8. 1. METHODOLOGY 1. Identify source code repo 1.  Organization 2.  Individuals 2. Search for OSINT patterns in code 3. Go to Social Networks
  9. 9. 1. OSINT PATTERNS IN SOURCE CODE •  Classics: –  IPs –  Domain names –  URLs –  Emails –  Credit Cards –  Phones •  New: –  Twitter alias –  Comments
  10. 10. 2. RIGHT
  11. 11. 2. AMERICAN FUZZY LOP (AFL)
  12. 12. 2. AIRCRACK-NG
  13. 13. 2. KNOW YOUR TOOLS
  14. 14. 2. GITHUB-RANK.COM
  15. 15. 2. GITROB I •  Reconnaissance tool for GitHub organizations •  Search for sensitive information in repos: –  Credentials –  Private keys •  https://github.com/michenriksen/gitrob
  16. 16. 2. GITROB II
  17. 17. 2. GITROB III
  18. 18. 2. GITHUB CRAWLERS •  https://github.com/ Microsoft/ghcrawler •  https://github.com/ dfm/github-repo- crawler/tree/master/ crawler •  https:// www.npmjs.com/ package/repo-crawler
  19. 19. 2. SOURCE CODE PROFANITY •  Get feeling of developer angriness – Source Code vs. Twitter
  20. 20. 2. LINUX BAD WORDS https://www.linuxcounter.net/statistics/kernel
  21. 21. 2. LINUX GOOD WORDS https://www.linuxcounter.net/statistics/kernel
  22. 22. 2. COMMENT: DATA CLEANING •  Comments contain plenty of dirty data: – Code – Bad Chars: //, #, *, $, -, --, =, “, ‘, [,] – Useless text •  Licenses
  23. 23. 2. COMMENTS
  24. 24. 2. TINTORERA •  Source Code Intelligence •  https://github.com/vulnex/Tintorera
  25. 25. 2. TINTORERA
  26. 26. 2. COLLECTING OSINT PATTERNS •  Regex is your friend •  Data – IPs – Links – Emails – Etc.
  27. 27. 2. I WANT EMAILS
  28. 28. 2. OSINT PATTERNS REGEX KUNGFU
  29. 29. 2. MOVE TO YOUR OSINT TOOLKIT •  Time for usual OSINT tools – Maltego – Recon-ng – DataSploit – Custom scripting “Hello Python”
  30. 30. 2. SOURCE CODE IS GOLD •  Information – OSINT – Sensitive – Comments/Sentiments – Vulnerabilities •  Code Repos not/less monitor
  31. 31. 2. NEXT STEPS •  Improved tools/automatization •  Comment analysis/classification •  OSINT integration – DataSploit – Recon-ng
  32. 32. 5. Q&A •  Thanks! •  Beer appreciated!!! •  @simonroses •  @vulnexsl •  www.vulnex.com •  www.simonroses.com

×