Speaker is going to conduct hands-on training on how an individual can use Open-source intelligence (OSINT) to collect data from publicly available sources. Speaker will showcase tools and techniques used in collecting information from the public sources.
https://nsconclave.net-square.com/advanced-reconnaissance-using-OSINT.html
OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD), as "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.
SOURCE :https://en.wikipedia.org/wiki/Open-source_intelligence
Durante l’intervento verranno presentati i cardini del processo di ricerca delle informazioni mediante la consultazione di fonti di pubblico accesso. Sarà illustrata la teoria alla base di questo processo che prevede l’identificazione delle fonti, la selezione e la valutazione del loro contenuto informativo per arrivare infine all’utilizzo stesso dell’informazione estratta. Nella seconda fase della presentazione verranno mostrati i tool e le metodologie per l’estrazione di informazioni mediante l’analisi di documenti, foto, social network e altre fonti spesso trascurate. In ultimo saranno mostrati sistemi in grado di correlare diverse informazioni provenienti dalle fonti aperte e verranno discussi i relativi scenari di utilizzo nonché le possibili contromisure.
Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
OSINT: Open Source Intelligence gathering 101
Slides from my talk on OSINT. I listed examples in the slides about tools, legal methods for both online and physical information security reconnaissance.
OSINT - Open Source Intelligence by Rohit Srivastwa at c0c0n - International Cyber Security and Policing Conference http://is-ra.org/c0c0n/speakers.htm
OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD), as "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.
SOURCE :https://en.wikipedia.org/wiki/Open-source_intelligence
Durante l’intervento verranno presentati i cardini del processo di ricerca delle informazioni mediante la consultazione di fonti di pubblico accesso. Sarà illustrata la teoria alla base di questo processo che prevede l’identificazione delle fonti, la selezione e la valutazione del loro contenuto informativo per arrivare infine all’utilizzo stesso dell’informazione estratta. Nella seconda fase della presentazione verranno mostrati i tool e le metodologie per l’estrazione di informazioni mediante l’analisi di documenti, foto, social network e altre fonti spesso trascurate. In ultimo saranno mostrati sistemi in grado di correlare diverse informazioni provenienti dalle fonti aperte e verranno discussi i relativi scenari di utilizzo nonché le possibili contromisure.
Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
OSINT: Open Source Intelligence gathering 101
Slides from my talk on OSINT. I listed examples in the slides about tools, legal methods for both online and physical information security reconnaissance.
OSINT - Open Source Intelligence by Rohit Srivastwa at c0c0n - International Cyber Security and Policing Conference http://is-ra.org/c0c0n/speakers.htm
How OSINT will play an important role in the future, helping to predict, prevent and react against incidents that threaten the Global security.
The presentation will delve into the tools and techniques that enable OSINT practitioners to measure the Global security signals conveyed by the Internet. Multiple facets of information dissemination, collection, analysis and interpretation will be examined, with a focus on the security dimension of the information.
Owasp osint presentation - by adam nurudiniAdam Nurudini
Open-Source Intelligence (OSINT) is intelligence collected from public available sources
“Open” refers overt, public available sources (as opposed to covert sources)
Its not related to open-source software or public intelligence
This information comes from a variety of sources, including the social media pages of your company and staff. These can be a goldmine of information, revealing information such as the design of ID badges, layout of the buildings and software used on internal systems.
OSINT - Open Source Intelligence "Leading Intelligence and Investigation Tech...Falgun Rathod
As per Wiki - Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
There are lots of other ways to collect information from Public Source which may not provided in this document, This is just an Introductory Document for whose who are beginners and students.
How to Use Open Source Intelligence (OSINT) in InvestigationsCase IQ
Every investigator needs the skills and knowledge to use OSINT competently in investigations. As online information continues to multiply in volume and complexity, the tools required to find, sift through, authenticate and preserve that information become more and more important for investigators. Failure to master these tools to tap into the rich resources of the web can hamper your investigations.
Learn the intricacies of online investigating from an expert in the field. Join Sandra Stibbards, owner and president of Camelot Investigations and a financial fraud investigator, speaker and trainer, for a free webinar on How to Use OSINT in Investigations.
Webinar attendees will learn:
-How to find information on the hidden web
-How to find publicly available information in government and private databases
-Dos and don’ts for searching social media effectively
-Tips for remaining anonymous while researching investigation subjects
-Accessing archived information
-How criminals hide, and how to find them
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
Index
Top Cyber Crimes
What is OSINT
Resource For OSINT
Goal - OSINT
Information Gathering
Analysis
Career as a Digital Forensics Investigator
Case Study - Malaysian Airlines Flight MH17
OSINT Process
Confidential Data of GOV
Preventive Measures
www.fomada.com
Presented By Syed Amoz: CEO Fomada
Threat hunting - Every day is hunting seasonBen Boyd
Breakout Presentation by Ben Boyd during the 2018 Nebraska Cybersecurity Conference.
Introduction to Threat Hunting and helpful steps for building a Threat Hunting Program of any size, from small to massive.
Empowering red and blue teams with osint c0c0n 2017reconvillage
This talk will discuss Open Source Intelligence (OSINT) gathering tools and techniques that are highly useful and effective for both Blue teams and Red teams.
How OSINT will play an important role in the future, helping to predict, prevent and react against incidents that threaten the Global security.
The presentation will delve into the tools and techniques that enable OSINT practitioners to measure the Global security signals conveyed by the Internet. Multiple facets of information dissemination, collection, analysis and interpretation will be examined, with a focus on the security dimension of the information.
Owasp osint presentation - by adam nurudiniAdam Nurudini
Open-Source Intelligence (OSINT) is intelligence collected from public available sources
“Open” refers overt, public available sources (as opposed to covert sources)
Its not related to open-source software or public intelligence
This information comes from a variety of sources, including the social media pages of your company and staff. These can be a goldmine of information, revealing information such as the design of ID badges, layout of the buildings and software used on internal systems.
OSINT - Open Source Intelligence "Leading Intelligence and Investigation Tech...Falgun Rathod
As per Wiki - Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
There are lots of other ways to collect information from Public Source which may not provided in this document, This is just an Introductory Document for whose who are beginners and students.
How to Use Open Source Intelligence (OSINT) in InvestigationsCase IQ
Every investigator needs the skills and knowledge to use OSINT competently in investigations. As online information continues to multiply in volume and complexity, the tools required to find, sift through, authenticate and preserve that information become more and more important for investigators. Failure to master these tools to tap into the rich resources of the web can hamper your investigations.
Learn the intricacies of online investigating from an expert in the field. Join Sandra Stibbards, owner and president of Camelot Investigations and a financial fraud investigator, speaker and trainer, for a free webinar on How to Use OSINT in Investigations.
Webinar attendees will learn:
-How to find information on the hidden web
-How to find publicly available information in government and private databases
-Dos and don’ts for searching social media effectively
-Tips for remaining anonymous while researching investigation subjects
-Accessing archived information
-How criminals hide, and how to find them
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
Index
Top Cyber Crimes
What is OSINT
Resource For OSINT
Goal - OSINT
Information Gathering
Analysis
Career as a Digital Forensics Investigator
Case Study - Malaysian Airlines Flight MH17
OSINT Process
Confidential Data of GOV
Preventive Measures
www.fomada.com
Presented By Syed Amoz: CEO Fomada
Threat hunting - Every day is hunting seasonBen Boyd
Breakout Presentation by Ben Boyd during the 2018 Nebraska Cybersecurity Conference.
Introduction to Threat Hunting and helpful steps for building a Threat Hunting Program of any size, from small to massive.
Empowering red and blue teams with osint c0c0n 2017reconvillage
This talk will discuss Open Source Intelligence (OSINT) gathering tools and techniques that are highly useful and effective for both Blue teams and Red teams.
Taking the Share out of Sharepoint: SharePoint Application Security.Aspenware
The beauty of SharePoint is you can quickly enable the business to do anything anywhere. That freedom and flexibility can create a serious security risk for your organization. With every service and application you roll out you also roll out new ways for hackers to get at your data.
NetSource Secure, HOSTING, and Aspenware are pleased to bring you this critical SharePoint security presentation. In this presentation Senior SharePoint Architect Waughn Hughes and Senior Security Consultant Justin Tibbs will give you the information necessary to assess your SharePoint security risks and develop a plan for mitigating risks.
hacking techniques and intrusion techniques useful in OSINT.pptxsconalbg
Cyber reconnaissance related to OSINT. This course emphaises on the importance of reconnaisance and e-discovery , along with hacking techniques along with intrusion detection. This is a very useful course on this subject which will help many students to understand the basic concepts of cyber ssecurity and cyber intelligence.
OSINT for Proactive Defense - RootConf 2019RedHunt Labs
A presentation about using Open Source Intelligence for proactive defense delivered at Rootconf 2019 Bangalore, India.
RedHunt Labs
https://redhuntlabs.com/
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
The GDPR Developer Guide : Developping a Data protection culture for Developers
Jerome Gorin, Technologist at CNIL (French National Commission for Informatics and Freedoms)
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsSBWebinars
Research shows that 25% of organizations have cryptojacking activity in their AWS, Azure, and GCP environments. Is yours one of them? While S3 buckets continue to dominate headlines, cryptojacking and other threats lay quietly behind the scenes. Learn about the latest cloud threats and arm yourself with effective countermeasures.
Zero Day Malware Detection/Prevention Using Open Source SoftwareMyNOG
Zero Day Malware Detection/Prevention Using Open Source Software – Proof of Concept
Fathi Kamil Mohad Zainuddin
Senior Analyst (Malware Research Centre, MyCERT)
Experimental Analysis of Web Browser Sessions Using Live Forensics Method IJECEIAES
In today's digital era almost every aspect of life requires the internet, one way to access the internet is through a web browser. For security reasons, one developed is private mode. Unfortunately, some users using this feature do it for cybercrime. The use of this feature is to minimize the discovery of digital evidence. The standard investigative techniques of NIST need to be developed to uncover an ever-varied cybercrime. Live Forensics is an investigative development model for obtaining evidence of computer usage. This research provides a solution in forensic investigation effectively and efficiently by using live forensics. This paper proposes a framework for web browser analysis. Live Forensics allows investigators to obtain data from RAM that contains computer usage sessions.
What is Web Scraping and What is it Used For? | Definition and Examples EXPLAINED
For More details Visit - https://hirinfotech.com
About Web scraping for Beginners - Introduction, Definition, Application and Best Practice in Deep Explained
What is Web Scraping or Crawling? and What it is used for? Complete introduction video.
Web Scraping is widely used today from small organizations to Fortune 500 companies. A wide range of applications of web scraping a few of them are listed here.
1. Lead Generation and Marketing Purpose
2. Product and Brand Monitoring
3. Brand or Product Market Reputation Analysis
4. Opening Mining and Sentimental Analysis
5. Gathering data for machine learning
6. Competitor Analysis
7. Finance and Stock Market Data analysis
8. Price Comparison for Product or Service
9. Building a product catalog
10. Fueling Job boards with Job listings
11. MAP compliance monitoring
12. Social media Monitor and Analysis
13. Content and News monitoring
14. Scrape search engine results for SEO monitoring
15. Business-specific application
------------
Basics of web scraping using python
Python Scraping Library
It will be a quick intro about Cloud Security Alliance (CSA). Overview of current cloud security research, events and other opportunities are covered. We will touch cloud security related certifications (for professionals and companies that provide cloud offerings)/ CSA Lviv Chapter membership and active participation will be discussed as well.
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Mobodexter
BlackHat USA 2015 got recently concluded and we head a bunch of news around how BlackHat brought to light various security vulnerabilities in day-to-day life like ZigBee protocol, Device for stealing keyless cars & ATM card skimmers. However the presenters, who are also ethical hackers, also gave a bunch of tools to help software community to detect & prevent security holes in the hardware & software while the product is ready for release. We have reviewed all the presentations from the conference and give you here a list of Top 10 tools/utilities that helps in security vulnerability detection & prevention.
Similar to OSINT: Open Source Intelligence - Rohan Braganza (20)
A red team or team red are a group that plays the role of an enemy or competitor to provide security feedback from that perspective.A red-team assessment is similar to a penetration test, but is more targeted.
These slides were used to explain the concepts such as android's native
library, NDK and JNI using which demonstration of native library
debugging at runtime was presented in #NSConclave2023.
Presentation on - How to create custom Burp Suite extensions using Jython to test the web
application / mobile applications with strong encryptions in HTTP requests and responses.
Logs are one of the most valuable assets when it comes to IT system management and monitoring. As they record every action that took place on your network, logs provide the insight you need to spot issues that might impact performance, compliance, and security.
This session is a part of the #TechieThursday initiative from Net-Square for the internal team. In this webinar, we discussed several introductory topics including:
The difference between containers and VMs
Defined key Docker terminology that beginners should familiarize themselves with Learned how to get started with docker with a hands-on demo
Security Architecture Consulting - Hiren ShahNSConclave
In modern age it has become crucial to perform secure architecture review along with regular pentest practice. Application architecture review can be defined as reviewing the current security controls in the application architecture. This helps a user to identify potential security flaws at an early stage and mitigate them before starting the development stage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
When stars align: studies in data quality, knowledge graphs, and machine lear...
OSINT: Open Source Intelligence - Rohan Braganza
1. 09/05/2018 1COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD.
OSINT:
Open Source Intelligence
By Rohan Braganza, Pradnya Karad and
Zubair Khan
2. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 2
Overview
-Introduction
-What is OSINT
-What can be gained from OSINT
-How are OSINT activities carried out
-What you need to know before starting out
-Introduction to IP addressing and networking
-DNS and whois
-Some tools we will look at:
- Kali linux
- OSINT Framework
- theHarvester
- Fierce
- dnsenum
- Censys
- shodan
- builtwith
- maltigo
- vortimo
5. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 5
Knowledge is power
So much information is out there for the
taking:
• About people(names, contact info., addresses,
etc.)
• About companies
• About computers (the list is endless)
• About networks
• About mobile phone (phone numbers, device
information…)
• And many more
6. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 6
What is OSINT
§ The term OSINT stands for Open
Source Intelligence.
§ It originated from within the US military
agencies in the late 1980’s.
§ OSINT is all intelligence that is gathered
from public sources such as the Internet
but is not limited to digital sources.
§ It is intelligence that can be gathered for
free.
§ Examples of OSINT include:
- Asking questions on a search engine
- Researching on public forums on how to fix your
computer
- Using Youtube to lookup recipes.
7. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 7
What you can learn
- Collect employee full names, job roles as well as the software
they use.
- Review and monitor search engine information from Google
(especially using Google dorks), Bing, Yahoo, and others.
- Monitoring personal and corporate blogs, as well as review
user activity on digital forums.
- Identify all social networks used by the target user or
company.
- Review content available on social media like Facebook,
Twitter, Google Plus, or Linkedin.
- Use people data collection tools like Pipl, who will help you to
reveal a lot of information about people in one place.
- Access old cached data from Google – often reveal
interesting information.
- Exploring old versions of websites to reveal important
information using sites like the wayback machine (now
archive.org).
- Identify mobile phone numbers, as well as email addresses
from social networks, or google results.
- Search for photos and videos on common social photo
sharing sites.
- Use google maps and other open satellite imagery sources to
retrieve images of user’s geographic location.
- Use tools like GeoCreepy to track down geographic location
information to have a clear picture of the users' current
locations
8. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 8
Questions to ask yourself before
you begin
• What are you looking for?
• What is your main research
goal?
• What or who is your target?
• How are you going to
conduct your research?
11. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 11
• Kali is Debain based Linux distribution that
is designed for digital forensics and
penetration testing.
• It is maintained and funded by Offensive
Security.
• The benefit is that all tools come installed
and configured.
• It contains over 600 preinstalled
penetration testing programs.
Kali Linux
13. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 13
OSINT framework
• OSINT Framework is a cybersecurity framework which is a collection of
OSINT tools to simplify intel and data collection tasks.
• This tool is mostly used by security researchers and penetration testers for
digital footprinting, OSINT research, intelligence gathering, and
reconnaissance.
• It provides a simple web-based interface that allows you to browse
different OSINT tools filtered by categories.
• It also provides an excellent classification of all existing intel sources,
making it a great resource for knowing what infosec areas you are
neglecting to explore, or what will be the next suggested OSINT steps for
your investigation.
• OSINT Framework is classified based on different topics and goals. This can
be easily seen while taking a look at the OSINT tree available through the
web interface.
14. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 14
Gathering Email Addresses
*******************************************************************
* _ _ _ *
* | |_| |__ ___ / /__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| _ / _ / /_/ / _` | '__ / / _ / __| __/ _ '__| *
* | |_| | | | __/ / __ / (_| | | V / __/__ || __/ | *
* __|_| |_|___| / /_/ __,_|_| _/ ___||___/_____|_| *
* *
* theHarvester 3.1.0 *
* Coded by Christian Martorella *
* Edge-Security Research *
* cmartorella@edge-security.com *
* *
*******************************************************************
• theHarvester is a program that is
designed to retrieve information
such as email addresses,
subdomains, hosts, employee
names, open ports and banners
from different public sources
such as search engines and
Shodan computer database.
• It is intended to help penetration
testers during the early stages of
the test to understand the
footprint of the customer on the
Internet.
• It is also helpful to anyone who
wants to know what an attacker
can see about their organization.
15. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 15
Fierce
• Fierce is a semi-lightweight scanner that helps locate
non-contiguous
IP space and hostnames against specified domains.
• It is meant specifically to locate likely targets both inside
and outside a corporate network.
• Because it uses DNS primarily you will often find mis-
configured networks that leak internal address space.
That's especially useful in targeted malware.
16. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 16
Getting DNS information:
DNSEnum
• DNSEnum is a
multithreaded pearl script
to enumerate DNS
information of a domain
and to discover non-
contiguous IP blocks.
17. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 17
Censys
• Censys is a search engine that allows
researchers to quickly get answers to
questions about the hosts that
compose the Internet.
• Censys was created by a team of
security researchers.
• The goal of this project is to be able to
measure if Internet security was
improving.
• The project aims to track every
reachable host on the internet and
collect as much information as
possible about that host.
18. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 18
Shodan
• Shodan is the
world’s first search
engine for Internet-
connected devices.
• Shodan can be used
to discover
19. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 19
What is BuiltWith
• BuiltWith is a database that
provides a way to detect
technologies that a site is
buit on.
• It includes full detailed
information about CMS such
as WordPress, Joomla, and
Drupal as well as full
detailed Javascript and CSS
libraries like jquery,
bootstrap/foundation,
esternal fonts, server types
such as Nginx, Apache, IIS,
SSL provider as well as web
hosting provider used.
20. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 20
Maltego
• Maltego is an amazing tool that is used
to track down footprints of any target
you may need to track.
• Maltego allows you to launch
reconnaissance tests against specific
targets.
• One of the best features of the product
is transforms. This allows you to run
different kinds of tests and data
integration with external applications.
• Finally, Maltigo shows you the results of
specific targets, like IP, domains, AS
numbers, and much more.
21. 09/05/2018 COPYRIGHT: NET SQUARE SOLUTIONS PVT. LTD. 21
Vortimo
• Vortimo is a software that
records information on
webpages you visit.
• It records pages as you go,
extracts data from it and
enriches the extracted data.
• It allows you to tag objects
of interest as well as
decorating objects that it
deems important.
• The data is then arranged
in a UI for easy review.