DataSploit - Tool Demo at Null Bangalore - March Meet. Shubham Mittal
This presentation was given at Null / OWASP / Garage4Hackers - Bangalore meet on 18th March.
After a little talk on what this tool is all about, I gave a demonstration on how to setup the tool followed by how to use the same.
This is the slides of the online talk given at @NullBhopal. This introduces people to Open Source INTelligence and their uses in daily life and pentesting.
OSINT x UCCU Workshop on Open Source IntelligencePhilippe Lin
OSINT is a reconnaissance of intelligence from publicly available information to address a specific intelligence requirement. The slides are used in UCCU's workshop of OSINT.
DataSploit - Tool Demo at Null Bangalore - March Meet. Shubham Mittal
This presentation was given at Null / OWASP / Garage4Hackers - Bangalore meet on 18th March.
After a little talk on what this tool is all about, I gave a demonstration on how to setup the tool followed by how to use the same.
This is the slides of the online talk given at @NullBhopal. This introduces people to Open Source INTelligence and their uses in daily life and pentesting.
OSINT x UCCU Workshop on Open Source IntelligencePhilippe Lin
OSINT is a reconnaissance of intelligence from publicly available information to address a specific intelligence requirement. The slides are used in UCCU's workshop of OSINT.
OSINT for Proactive Defense - RootConf 2019RedHunt Labs
A presentation about using Open Source Intelligence for proactive defense delivered at Rootconf 2019 Bangalore, India.
RedHunt Labs
https://redhuntlabs.com/
Enterprise Open Source Intelligence GatheringTom Eston
Presented at the Ohio Information Security Summit, October 30, 2009.
What does the Internet say about your company? Do you know what is being posted by your employees, customers, or your competition? We all know information or intelligence gathering is one of the most important phases of a penetration test. However, gathering information and intelligence about your own company is even more valuable and can help an organization proactively determine the information that may damage your brand, reputation and help mitigate leakage of confidential information.
This presentation will cover what the risks are to an organization regarding publicly available open source intelligence. How can your enterprise put an open source intelligence gathering program in place without additional resources or money. What free tools are available for gathering intelligence including how to find your company information on social networks and how metadata can expose potential vulnerabilities about your company and applications. Next, we will explore how to get information you may not want posted about your company removed and how sensitive metadata information you may not be aware of can be removed or limited. Finally, we will discuss how to build a Internet posting policy for your company and why this is more important then ever.
OSINT mindset to protect your organization - Null monthly meet versionChandrapal Badshah
This presentation covers different sources of information about organization, some breach case studies and how we could have prevented it using OSINT and other techniques.
Social Engineering is never considered as serious attack vector. This presentation will educate how to use it handy even to bypass 2 factor authentication.
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
This presentation part of Prisma CSI's Practical White Hat Hacker Training v1
PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com
This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
Understand how essential it is to do memory analysis in order to find evidences which are rarely found anywhere else. This is not a copyright material and the information included is collected from various sources for educational purposes
Another Hacker Tool Talk from the Fujitsu Edmonton Security Lab. This presentation looks at how to install and use Maltego CE v 3.0 for open source intelligence (OSINT) gathering.
Open Source Intelligence Gathering (OSINT) is growing in popularity among attackers and defenders alike. When an attacker comes knocking on your network's front door, the warning lights go off in multiple systems (IDS, IPS, SIEM, WAF). More sophisticated attackers, however, spend considerable time gathering information using tools and techniques that never touch any of your systems. As a result, these attackers are able to execute their attacks and make off with proprietary data before you even know they are there. This presentation provides an introduction to many OSINT tools and techniques, as well as methods you can use to minimize your exposure.
Empowering red and blue teams with osint c0c0n 2017reconvillage
This talk will discuss Open Source Intelligence (OSINT) gathering tools and techniques that are highly useful and effective for both Blue teams and Red teams.
OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD), as "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.
SOURCE :https://en.wikipedia.org/wiki/Open-source_intelligence
OSINT Black Magic: Listen who whispers your name in the dark!!!Nutan Kumar Panda
Open Source Intelligence is the art of collecting information which is scattered on publicly available sources. With evolution of social media and digital marketplaces a huge amount of information is constantly generated on the Internet (sometimes even without our conscious consent). This is of great concern for organizations and businesses as chances of confidential data floating in the public domain may seriously harm their business integrity. All recent hacks are related to internal source code disclosure, API keys leakage, known vulnerability in third party plugin, data dump leaks etc. Based on experience and robust research in this domain, for this talk the speakers have created a tool which will help all kind of organizations to monitor cyberspace effectively without much investment. This tool is simple but an effective solution which is capable of hearing digital whispers which are usually missed or ignored but shouldn’t be.
Social Media Data Collection & AnalysisScott Sanders
A non-technical primer on how to collect and analyze social media data. This was an invited lecture by Biostatistics and Bioinformatics Department in the School of Public Health at the University of Louisville.
Slides from the ECU Security Research Institute seminar Monday 29 April 2013, presented by Professor Craig Valli.
Our increasing interconnection networks and production of data of various types such as pictures and videos (artefacts), are producing an increasingly unseen amount of data.
Metadata is data about an artefact that may, for instance, give away the location where a
photo was taken, the device that created the artefact, or what operating systems and applications were used in the construction of the artefact.
Furthermore, the device that transmitted the artefact may be reliably fingerprinted and identified by the applications and operating systems that it runs. Most organisations and individuals are unaware of the attendant risk that the production of artefacts with embedded metadata represents to privacy and security.
This presentation will explore those risks and also demonstrate some of the capabilities of the tools publicly available to extract intelligence from metadata.
Speaker Profile
Professor Craig Valli is the Director of the ECU Security Research Institute (ECUSRI) at Edith Cowan University. Professor Valli has over 25 years experience in the IT industry. He conducts research and consults to industry and government on network security and digital forensics issues. His main consultancy focus is on securing networks and critical infrastructures, detection of network borne threats and forensic analysis of cyber security incidents.
The ECU Security Research Institute (ECUSRI) is a research unit with Edith Cowan University.
OSINT for Proactive Defense - RootConf 2019RedHunt Labs
A presentation about using Open Source Intelligence for proactive defense delivered at Rootconf 2019 Bangalore, India.
RedHunt Labs
https://redhuntlabs.com/
Enterprise Open Source Intelligence GatheringTom Eston
Presented at the Ohio Information Security Summit, October 30, 2009.
What does the Internet say about your company? Do you know what is being posted by your employees, customers, or your competition? We all know information or intelligence gathering is one of the most important phases of a penetration test. However, gathering information and intelligence about your own company is even more valuable and can help an organization proactively determine the information that may damage your brand, reputation and help mitigate leakage of confidential information.
This presentation will cover what the risks are to an organization regarding publicly available open source intelligence. How can your enterprise put an open source intelligence gathering program in place without additional resources or money. What free tools are available for gathering intelligence including how to find your company information on social networks and how metadata can expose potential vulnerabilities about your company and applications. Next, we will explore how to get information you may not want posted about your company removed and how sensitive metadata information you may not be aware of can be removed or limited. Finally, we will discuss how to build a Internet posting policy for your company and why this is more important then ever.
OSINT mindset to protect your organization - Null monthly meet versionChandrapal Badshah
This presentation covers different sources of information about organization, some breach case studies and how we could have prevented it using OSINT and other techniques.
Social Engineering is never considered as serious attack vector. This presentation will educate how to use it handy even to bypass 2 factor authentication.
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
This presentation part of Prisma CSI's Practical White Hat Hacker Training v1
PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com
This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
Understand how essential it is to do memory analysis in order to find evidences which are rarely found anywhere else. This is not a copyright material and the information included is collected from various sources for educational purposes
Another Hacker Tool Talk from the Fujitsu Edmonton Security Lab. This presentation looks at how to install and use Maltego CE v 3.0 for open source intelligence (OSINT) gathering.
Open Source Intelligence Gathering (OSINT) is growing in popularity among attackers and defenders alike. When an attacker comes knocking on your network's front door, the warning lights go off in multiple systems (IDS, IPS, SIEM, WAF). More sophisticated attackers, however, spend considerable time gathering information using tools and techniques that never touch any of your systems. As a result, these attackers are able to execute their attacks and make off with proprietary data before you even know they are there. This presentation provides an introduction to many OSINT tools and techniques, as well as methods you can use to minimize your exposure.
Empowering red and blue teams with osint c0c0n 2017reconvillage
This talk will discuss Open Source Intelligence (OSINT) gathering tools and techniques that are highly useful and effective for both Blue teams and Red teams.
OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD), as "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.
SOURCE :https://en.wikipedia.org/wiki/Open-source_intelligence
OSINT Black Magic: Listen who whispers your name in the dark!!!Nutan Kumar Panda
Open Source Intelligence is the art of collecting information which is scattered on publicly available sources. With evolution of social media and digital marketplaces a huge amount of information is constantly generated on the Internet (sometimes even without our conscious consent). This is of great concern for organizations and businesses as chances of confidential data floating in the public domain may seriously harm their business integrity. All recent hacks are related to internal source code disclosure, API keys leakage, known vulnerability in third party plugin, data dump leaks etc. Based on experience and robust research in this domain, for this talk the speakers have created a tool which will help all kind of organizations to monitor cyberspace effectively without much investment. This tool is simple but an effective solution which is capable of hearing digital whispers which are usually missed or ignored but shouldn’t be.
Social Media Data Collection & AnalysisScott Sanders
A non-technical primer on how to collect and analyze social media data. This was an invited lecture by Biostatistics and Bioinformatics Department in the School of Public Health at the University of Louisville.
Slides from the ECU Security Research Institute seminar Monday 29 April 2013, presented by Professor Craig Valli.
Our increasing interconnection networks and production of data of various types such as pictures and videos (artefacts), are producing an increasingly unseen amount of data.
Metadata is data about an artefact that may, for instance, give away the location where a
photo was taken, the device that created the artefact, or what operating systems and applications were used in the construction of the artefact.
Furthermore, the device that transmitted the artefact may be reliably fingerprinted and identified by the applications and operating systems that it runs. Most organisations and individuals are unaware of the attendant risk that the production of artefacts with embedded metadata represents to privacy and security.
This presentation will explore those risks and also demonstrate some of the capabilities of the tools publicly available to extract intelligence from metadata.
Speaker Profile
Professor Craig Valli is the Director of the ECU Security Research Institute (ECUSRI) at Edith Cowan University. Professor Valli has over 25 years experience in the IT industry. He conducts research and consults to industry and government on network security and digital forensics issues. His main consultancy focus is on securing networks and critical infrastructures, detection of network borne threats and forensic analysis of cyber security incidents.
The ECU Security Research Institute (ECUSRI) is a research unit with Edith Cowan University.
The Hacking Game - Think Like a Hacker Meetup 12072023.pptxlior mazor
Stay safe, grab a drink and join us virtually for our upcoming "The Hacking Game - Think Like a Hacker" meetup to learn how hackers can compromise applications, advanced data protection methods and how to focus on fixing your most critical vulnerabilities.
Defending the Enterprise with Evernote at SourceBoston on May 27, 2015grecsl
Most people are already familiar with Evernote. It’s easy to just throw all our miscellaneous data into the Elephant and effortlessly find it later with a quick search or correlate similar ideas with tags. Evernote is literally our external brain that increases our intelligence and helps us become more productive overall. This presentation discusses an experiment of using Evernote as a defensive management platform, the specific concepts and strategies used, and its overall effectiveness. Specific topics covered will include the advantages of using an open and flexible platform that can be molded into an open/closed source threat intelligence database, an information sharing platform, and an incident case management system. Although using Evernote in this way in large enterprises is probably not possible, the same lessons learned can be applied to implement a similarly effective system using internally-hosted open source or commercial software.
This talk was at California Information Technology in Education (CITE 2022. This talk discussed tool that a blue team can use to gain to better respond to threats on their networks
DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...Cisco DevNet
Are you ready to dive deeper into using Python and REST? This class continues the Coding Skills 101 topics and goes deeper into techniques for parsing JSON, and debugging.
Reproducibility and automation of machine learning processDenis Dus
A speech about organization of machine learning process in practice. Conceptual and technical aspects discussed. Introduction into Luigi framework. A short story about neural networks fitting in Flo - top-level mobile tracker of women health.
A series of tweets I posted about my 11hr struggle to make a cup of tea with my WiFi kettle ended-up going viral, got picked-up by the national and then international press, and led to thousands of retweets, comments and references in the media. In this session we’ll take the data I recorded on this Twitter activity over the period and use Oracle Big Data Graph and Spatial to understand what caused the breakout and the tweet going viral, who were the key influencers and connectors, and how the tweet spread over time and over geography from my original series of posts in Hove, England.
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia.
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/121/121_F16.shtml
War stories from building the Global Patent Search Network, and why Data folks need to think more about UX and Discovery, and UX folks need to think more about Data.
The web has changed! Users spend more time on mobile than on desktops and expect to have an amazing user experience on both. APIs are the heart of the new web as the central point of access data, encapsulating logic and providing the same data and same features for desktops and mobiles. In this workshop, Antonio will show you how to create complex APIs in an easy and quick way using API Platform built on Symfony.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
Italy Agriculture Equipment Market Outlook to 2027harveenkaur52
Agriculture and Animal Care
Ken Research has an expertise in Agriculture and Animal Care sector and offer vast collection of information related to all major aspects such as Agriculture equipment, Crop Protection, Seed, Agriculture Chemical, Fertilizers, Protected Cultivators, Palm Oil, Hybrid Seed, Animal Feed additives and many more.
Our continuous study and findings in agriculture sector provide better insights to companies dealing with related product and services, government and agriculture associations, researchers and students to well understand the present and expected scenario.
Our Animal care category provides solutions on Animal Healthcare and related products and services, including, animal feed additives, vaccination
Understanding User Behavior with Google Analytics.pdfSEO Article Boost
Unlocking the full potential of Google Analytics is crucial for understanding and optimizing your website’s performance. This guide dives deep into the essential aspects of Google Analytics, from analyzing traffic sources to understanding user demographics and tracking user engagement.
Traffic Sources Analysis:
Discover where your website traffic originates. By examining the Acquisition section, you can identify whether visitors come from organic search, paid campaigns, direct visits, social media, or referral links. This knowledge helps in refining marketing strategies and optimizing resource allocation.
User Demographics Insights:
Gain a comprehensive view of your audience by exploring demographic data in the Audience section. Understand age, gender, and interests to tailor your marketing strategies effectively. Leverage this information to create personalized content and improve user engagement and conversion rates.
Tracking User Engagement:
Learn how to measure user interaction with your site through key metrics like bounce rate, average session duration, and pages per session. Enhance user experience by analyzing engagement metrics and implementing strategies to keep visitors engaged.
Conversion Rate Optimization:
Understand the importance of conversion rates and how to track them using Google Analytics. Set up Goals, analyze conversion funnels, segment your audience, and employ A/B testing to optimize your website for higher conversions. Utilize ecommerce tracking and multi-channel funnels for a detailed view of your sales performance and marketing channel contributions.
Custom Reports and Dashboards:
Create custom reports and dashboards to visualize and interpret data relevant to your business goals. Use advanced filters, segments, and visualization options to gain deeper insights. Incorporate custom dimensions and metrics for tailored data analysis. Integrate external data sources to enrich your analytics and make well-informed decisions.
This guide is designed to help you harness the power of Google Analytics for making data-driven decisions that enhance website performance and achieve your digital marketing objectives. Whether you are looking to improve SEO, refine your social media strategy, or boost conversion rates, understanding and utilizing Google Analytics is essential for your success.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
6. Components
• Domain Osint
• Email Osint
• IP Osint
• Username Osint
• WIP
• Company Scoping
• Phone Number OSINT
• Active Modules
7. Sources and Flow
Email:
Basic Email Checks
Work History
Social profiles
Enumerated Usernames
Location Information
Slides
Scribd Documents
Related Websites
HaveIBeenPwned
Domain:
WhoIS
DNS Records
PunkSpider
Wappalyzer
Github
Email Harvestor
Domain IP History
Paste(s) Search
Pagelinks
Wikileaks
Links from Forums
Passive SSL Scan
ZoomEye
Shodan
Censys
Subdomains
Username:
Git Details
Check username on various sites.
Profile Pics –Output saved in
$username directory
Frequent Hashtags
Interaction on Twitter.
Active Modules
15. Roadmap
• Allows to set up periodic scans and alerting for product security companies.
• Intelligence on co-relation and identity verification.
• Reports in CSV.
• Reverse Image Search and profile validation.
• Works closely with various social network APIs.
• Refine Pastebin and Github Searches.
• IP Threat Intelligence.
• Organization Scoping.
• Integration with SE other tools.
• Cloud related OSINT and active modules.
• pip install datasploit (to be installed as both library as well as script)
17. How to Contribute
• Help us in testing the tool
• Expand : Write/Suggest modules
• Give Feedback: raise issues, tweet, drop an email.
• Use / Promote / Write about the tool.
• Write OSINT blogs / tool walkthrough(s) / etc.
• Report issues at https://github.com/datasploit/datasploit/issues
18. Core Contributors.
• Shubham Mittal (@upgoingstar)
• Nutan Kumar Panda (@nutankumarpanda)
• Sudhanshu (@sudhanshu_c)
• Kunal (@KunalAggarwal92)
• Kudos to
• @anantshri for mentoring.
• @ bnchandrapal for feedbacks, suggestions and other help around issues.