This document discusses open source intelligence (OSINT) tools and techniques that can be used for both passive and active information gathering. It provides examples of passive tools like DNSDumpster and archive.org for reconnaissance without interacting with targets. Active tools mentioned include Nmap, Recon-NG, and Metasploit for scanning networks and potentially exploiting vulnerabilities. The document emphasizes planning methodically for penetration testing and vulnerability assessments.

1. Open
Source
INTelligence

2. $ who
Black Hat Hackers
White Hat Hackers
Bounty Hunters

3. The opinions expressed in this
presentation are those of the
speaker and do not reflect
those of past, present or future
employers, partners or
customers
$ cat disclaimer.txt

4. vulnerability assessment
vs
penetration testing

5. $ lsof penetration-testing.txt
planning (figuring out the scope)
reconnaissance (OSINT, Footprinting etc..)
scanning
gaining access
maintaining access
clearing tracks
reporting

6. Active
Vs
Passive

7. $ ls /passive
https://dnsdumpster.com/

8. $ ls /passive
https://pentest-tools.com/

9. $ ls /passive
https://www.exploit-db.com/google-hacking-database/

10. $ ls /passive
https://archive.org/

11. $ ls /active
https://nmap.org/

12. https://nmap.org/movies/

13. https://www.linkedin.com/in/gordonf1/

16. $ ls /active
https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Home

17. https://www.linkedin.com/in/lanmaster53/

20. $ vi exploit
https://cve.mitre.org/
https://www.exploit-db.com/
https://www.metasploit.com/
http://beefproject.com/

21. $ man help
https://www.owasp.org/index.php/Main_Page