The document summarizes a webinar on ethical hacking and cybersecurity. It introduces the speaker, Mohammed Adam, and his background. It then outlines the 5 stages of ethical hacking that will be covered: reconnaissance, scanning and enumeration, exploitation, post-exploitation, and clearing tracks. It focuses on the reconnaissance stage, explaining the concepts of open-source intelligence (OSINT) and different types of intelligence like human, geospatial, signals, and open-source intelligence. It provides examples of how OSINT is used in ethical hacking and penetration testing as well as examples of traditional and modern OSINT methods and tools.
2. WHO AM I ?
Mohammed Adam
Senior Security Consultant at Crossbow Labs
Foss Activist in VGLUG (Villupuram Gnu/Linux Users
group)
Acknowledged by Top 50+ Companies like US Dept
of defense, AT & T, OPPO, Nokia, Honeywell,
Mcafee, Virus total, Mastercard, Bitdefender, Dell
Technologies, Asus, Intel, Carbon black etc in Bug
bounties.
Youtuber – youtube.com/technux0
3. LITTLE WARMUP BEFORE STARTING THE SESSION
• Are you a hacker ?
• Do you hack your friends Facebook or WhatsApp accounts ?
• Hacking – is it legal or illegal ?
• What type of hacker you are: Black or grey or white ?
• Have you hacked something in your entire life ?
• Is there a career for hacking ?
4. 5 - STAGES OF ETHICAL HACKING
• Reconnaissance - Information gathering
• Scanning & Enumeration
• Exploitation - Gaining Access
• Post Exploitation - Maintaining Access
• Clearing tracks
5. WILL START WITH RECON !
• What is Intelligence ?
Wikipedia defines Intelligence as:
One's capacity for logic, understanding, self-awareness, learning, emotional
knowledge, planning, creativity, and problem solving
• In other words:
It is the ability to understand and draw a logical conclusion from the available
information
6. TYPES OF INTELLIGENCE
● Human Intelligence (HUMINT)
● Geospatial Intelligence (GEOINT)
● Signals Intelligence (SIGINT)
● Open-Source Intelligence (OSINT)
7. OPEN SOURCE INTELLIGENCE (OSINT)
● Art of collecting information which is scattered on publicly available sources
● Open here refers to overt, publicly available sources
● Not completely legal, as it is against the privacy of a person
● Gathering bits to form the big picture
● Depends on sources. Continuously evolving.
● Information sources could be anything not limited to metadata, social media and
blogs
8. TRADITIONAL METHODS
● Using search engines Eg: Google, Bing etc
● News sites Eg: CNN, BBC, etc
● Corporate Websites
● Government Websites
● Blogs
● Modern Resources - Advanced Search Engines, Social Media sites,
Deepweb/Darkweb, Automated tool
9.
10. OSINT IN REAL LIFE
We use OSINT in everyday life
● Finding download links for Game of Thrones series
● Finding the best-looking person
● Knowing about the company before applying for a position
● Knowing your ex’s latest crush :P
11. WHY OSINT HAS BECOME SO IMPORTANT ?
● Humans by nature try to get others attention
● So many post (personal) information on online platforms thinking that only
intended members will look.
● New smartphones have geo-tagging feature enabled by default
● Metadata of those images can give a glimpse of your daily life