OPEN-SOURCE INTELLIGENCE OSINT OSINT - OWASP
2y ago
50 Views
1 Downloads
793.22 KB
17 Pages
Report/dmca
Download PDF

Transcription

OSINTOPEN-SOURCEINTELLIGENCE OSINTOffensive OSINT*1

Whoami Adam NurudiniCEH, ITIL V3, CCNA, CCNP, CASP, PCI-DSS, BSC-ITLead Security Researcher @ Netwatch TechnologiesProject Consultant, Information Security Architects LtdMember, Cybersecurity Resilience Service TeamWeb Application Penetration TesterPresident – GIMPA School Of Technology Student Association*2

DISCLAIMERAny Views or opinions presented in this presentation are solely mine and do notnecessarily represent my employer. I am not a lawyer or giving you legal advice I am not giving you permission or authorizing you to do anything ever. In fact don't do anything ever .*3

*4

TakeAways *What is OSINTCollect data indirectly without knowing other informationCollect data about servers, location, operating systems, etc.Threat intelligence for your organizationData gathering that could protect you and your companySkills of GHDBShodan methods and operationsOSINT using free tools only5

OSINTOpen-Source Intelligence (OSINT) is intelligence collected from publicavailable sources“Open” refers overt, public available sources (as opposed to covertsources)Its not related to open-source software or public intelligenceThis information comes from a variety of sources, including the socialmedia pages of your company and staff. These can be a goldmine ofinformation, revealing information such as the design of ID badges,layout of the buildings and software used on internal systems.Source: https://en.wikipedia.org/wiki/Open-source intelligence*6

Open-Source Intelligence (OSINT)Fields and Sectors where OSINT is mostly required.Government, Finance, Telecom, Critical Infrastructure, Cyber Security AdvisoryFirms, Cyber Threat Intelligence Teams, Law, Cyber Forensic Teams and etc.TYPES OF OSINTFrom Security perspective we can separate OSINT into: Offensive: Gathering information before an attack Defensive: Learning about attacks against the company.The OSINT gives opportunities to both the defender and attacker; you can learnthe weakness of a company and fix it while at the same time the weakness couldbe exploited.*7

The OSINT Process*8

OSINT - What information to look1. Technology infrastructureIP, Hostname, Services, Networks, Software / hardware versions and OSinformation, Geo-location and Network diagrams.2. DatabaseDocuments, papers, presentations, spreadsheets and configuration files3. MetadataEmail and employee search (name and other personal information)*9

Offensive OSINT – End goalsThe information above can lead to the following cyber attacks:1.2.3.4.5.6.7.*Social EngineeringDenial of ServicePassword brute force attacksTarget infiltrationUser accounts take overIdentity theftData theft10

Brace your self demo is starting*Everybody is interested in something11

Offensive OSINT – Resources and tools1. OSINT Search EnginesAttackers rely on these OSINT search engines to conduct passive reconnaissance. *Google - https://google.comShodan - https://shodan.ioCensys - https://censys.ioFofa- https://fofa.soDogpile - http://www.dogpile.comArchives - https://archive.org/12

Offensive OSINT – Resources and tools2. Email HarvestingHarvesting email address is an OSINT technique that gives attackers more informationto conduct attacks such as password stuffing and social engineering aveibeenpawned https://haveibeenpwned.com/*13

Offensive OSINT – Resources and tools3. Google Hacking Database (GHDB)The GHDB is an index of search queries (we call them dorks) used to find publiclyavailable information. Dorks - https://www.exploit-db.com*14

Offensive OSINT – Resources and tools3. DNS / Subdomain EnumerationSubdomain enumeration is the process of finding valid (resolvable) subdomains for oneor more domain(s).Having unsecured subdomain can lead to serious risk to your business.Tools for subdomain enumerationAquatone- https://github.com/michenriksen/aquatoneSublister- https://github.com/aboul3la/Sublist3rDNS dumpster - https://dnsdumpster.com/Facebook- https://developers.facebook.com/tools/ct*15

OSINT is important and still gets overlooked byattackers and defendersI hope that you found this talk *16

Thank YouQuestions & AnswersLets connectTwitter: @Bra QwesiEmail: adam.nurudini@st.gimpa.edu.gh*17

Open-Source Intelligence (OSINT) Fields and Sectors where OSINT is mostly required. Government, Finance, Telecom, Critical Infrastructure, Cyber Security Advisory Firms, Cyber Threat Intelligence Teams, Law, Cyber Forensic Teams and etc. TYPES OF OS

Related Books

Leveraging Open-Source Intelligence (OSINT)

Leveraging Open-Source Intelligence (OSINT)

Open Source INTelligence (OSINT)

Open Source INTelligence (OSINT)

Open Source Due Diligence in M&A: Open Source Software .

Open Source Due Diligence in M&A: Open Source Software .

OPEN SOURCE INTELLIGENCE TOOLS AND RESOURCES HANDBOOK

OPEN SOURCE INTELLIGENCE TOOLS AND RESOURCES HANDBOOK

Open Stack and Cloud Stack: Open Source Solutions for .

Open Stack and Cloud Stack: Open Source Solutions for .

Open Source B.I. comparative

Open Source B.I. comparative

KNIME for Open-Source BioImage Analysis - A Tutorial

KNIME for Open-Source BioImage Analysis - A Tutorial

Open-Source Tools for Data Mining in Social Science

Open-Source Tools for Data Mining in Social Science

OPEN SOURCE SOFTWARE (OSS) FOR LIBRARY MANAGEMENT - A

OPEN SOURCE SOFTWARE (OSS) FOR LIBRARY MANAGEMENT - A

Closed caption, open source - alumni.media.mit.edu

Closed caption, open source - alumni.media.mit.edu

Open Source Used In Cisco Telepresence Management Suite .

Open Source Used In Cisco Telepresence Management Suite .

The OPN Microtome: An Inexpensive, Open Source Hand-Held .

The OPN Microtome: An Inexpensive, Open Source Hand-Held .

PopularTags

Recent Views