SlideShare una empresa de Scribd logo

Practical White Hat Hacker Training - Passive Information Gathering(OSINT)

PRISMA CSI
PRISMA CSI

This presentation part of Prisma CSI's Practical White Hat Hacker Training v1 PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.

Educación
1 de 52
www.prismacsi.com © All Rights Reserved. 1 Practical White Hat Hacker Training #2 Passive Information Gathering This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
www.prismacsi.com © All Rights Reserved. 2 OSINT • Open Source Intelligence (OSINT) • No communication with the target that may create an anomaly • Gathering information using internet services • Do searches on search engines • Analyze developer sites • Assemble all the information you obtained • Have an overview before active scanning to obtain the most accurate data
www.prismacsi.com © All Rights Reserved. 3 Sceriano • We are a group of Zambian hackers. • Capital: Lusaka • Language: English • Let’s suppose we are a hacker group for hire. • We need to collect information. • We need to look from every point of view.
www.prismacsi.com © All Rights Reserved. 4 OSINT • Let's start by identifying the basics. • Finding the main site by Google search • IP detection by Pinging • IP Range Detection • IANA • Arın , Ripe , Apnic , Japnic may be used • Researching the location with IP2Location
www.prismacsi.com © All Rights Reserved. 5 IP Range Detection - DEMO ripe.net
www.prismacsi.com © All Rights Reserved. 6 IP Range Detection - DEMO Netname üzerine kayıtlı tüm IP aralıkları iplocation.com
www.prismacsi.com © All Rights Reserved. 7 OSINT • What we can find through domain information? • Whois record analysis - Who.is • Discovering the other domains by using Reverse Whois • Whois history analysis • Discovering the attack area through subdomain detection • Detecting virtual hosts is important! • Detecting Email addresses • Detection of email structure • Important for creating missing mail addresses!
www.prismacsi.com © All Rights Reserved. 8 Whois Analysis - DEMO who.is
www.prismacsi.com © All Rights Reserved. 9 Reverse Whois Analysis - DEMO whoisology.com
www.prismacsi.com © All Rights Reserved. 10 Subdomain, Virtualhost and Email Discovery - DEMO theharvester
www.prismacsi.com © All Rights Reserved. 11 Subdomain, Virtualhost and Email Discovery theharvester
www.prismacsi.com © All Rights Reserved. 12 Aquatone - DEMO https://github.com/michenriksen/aquatone
www.prismacsi.com © All Rights Reserved. 13 Aquatone-Discover - DEMO aquatone-discover –d yandex.com
www.prismacsi.com © All Rights Reserved. 14 Sublist3r - DEMO https://github.com/aboul3la/Sublist3r
www.prismacsi.com © All Rights Reserved. 15 OSINT • What can we collect from DNS? • Analysis via Robtex.com • Analysis through Mxtoolbox.com • Analysis via Dnsstuff.com • Analysis with Dig
www.prismacsi.com © All Rights Reserved. 16 DNS Information - DEMO robtex.com
www.prismacsi.com © All Rights Reserved. 17 DNS Information dnsdumpster.com
www.prismacsi.com © All Rights Reserved. 18 DNS Information - DEMO mxtoolbox.com
www.prismacsi.com © All Rights Reserved. 19 DNS Information- DEMO dnsstuff.com
www.prismacsi.com © All Rights Reserved. 20 Subdomain, Virtualhost and Email Discovery- DEMO dig
www.prismacsi.com © All Rights Reserved. 21 Subdomain, Virtualhost and Email Discovery dig
www.prismacsi.com © All Rights Reserved. 22 OSINT • Discovery through the other useful resources has its benefits! • Analysis can be done via Yougetsignal. • Subdomain discovery • Analysis through Bing • Subdomain discovery • Analysis via Netcraft • Technology and service analysis • Analysis through Archive.org • Content analysis by time
www.prismacsi.com © All Rights Reserved. 23 Yougetsignal - DEMO yougetsignal.com
www.prismacsi.com © All Rights Reserved. 24 Bing - DEMO bing.com
www.prismacsi.com © All Rights Reserved. 25 Netcraft - DEMO netcraft.com
www.prismacsi.com © All Rights Reserved. 26 Wayback Machine - DEMO Archive.org
www.prismacsi.com © All Rights Reserved. 27 Wayback Machine - DEMO archive.org
www.prismacsi.com © All Rights Reserved. 28 OSINT • It is useful to take advantage of the internet's active analysis resources! • Analysis should be done via Shodan • Analysis should be done via Censys • Haveibeenpwned.com • Have email addresses detected previously been used at a given address and have these addresses been previously hacked? • Have they been shared in Paste sites? • Are the passwords of these e-mail addresses still in use?
www.prismacsi.com © All Rights Reserved. 29 Shodan - DEMO shodan.io
www.prismacsi.com © All Rights Reserved. 30 Censys - DEMO censys.io
www.prismacsi.com © All Rights Reserved. 31 Haveibeenpwned - DEMO haveibeenpwned.com
www.prismacsi.com © All Rights Reserved. 32 Serversniff - DEMO • Online Research Resources – Serversniff.net
www.prismacsi.com © All Rights Reserved. 33 Hackertarget - Demo • Online Research Resources – Hackertarget.com
www.prismacsi.com © All Rights Reserved. 34 OSINT • Developer sites are one of the most critical points! • Analysis must be done through Alexa • Pastebin sites must definitely be examined • Critical data can be captured by analysis via Stackoverflow • Analysis through Github can give access to source code and perhaps internal critical data.
www.prismacsi.com © All Rights Reserved. 35 Alexa - Demo alexa.com
www.prismacsi.com © All Rights Reserved. 36 Pastebin- Demo pastebin.com
www.prismacsi.com © All Rights Reserved. 37 Pastebin Search - Demo https://inteltechniques.com/OSINT/pastebins.html
www.prismacsi.com © All Rights Reserved. 38 Stackoverflow - Demo stackoverflow.com
www.prismacsi.com © All Rights Reserved. 39 Github - Demo github.com
www.prismacsi.com © All Rights Reserved. 40 Google Hacking DB • Google Hacking DB • Dork concept • Frequently used parameters • Site , -site, Inurl, intitle, intext • Filetype: , ext : , cache:
www.prismacsi.com © All Rights Reserved. 41 Google Hacking DB • Example Dorks • Intitle:index.of url:domain.com • Intitle:index.of inurl:domain.com filetype:sql • Site:domain.com –site:www.domain.com unique • Filetype:log intext:”putty” • Filetype:xls “username | password” • Ext:phps “mysql_connect” • inurl:/view/index/shtml
www.prismacsi.com © All Rights Reserved. 42 Google Hacking DB - Demo • https://www.exploit-db.com/google-hacking-database/
www.prismacsi.com © All Rights Reserved. 43 Google Hacking DB - Demo • Google Images
www.prismacsi.com © All Rights Reserved. 44 Tineye - Demo • https://www.tineye.com/
www.prismacsi.com © All Rights Reserved. 45 OSINT • Important data can be obtained from search engines and social media thereby expanding the attack surface. • User login screens must be discovered. (For social engineering attacks) • Job postings must be analyzed • Social media analysis must be done
www.prismacsi.com © All Rights Reserved. 46 OSINT • One can obtain data on people using search engines • Linkedin.com • Jigsaw.com • People123.com • Pipl.com • Peekyou.com
www.prismacsi.com © All Rights Reserved. 47 OSINT • Metadata analysis should be done, important data can also be obtained from this. • Office files can be examined • Pdf files can be inspected • Images – EXIF data can be analyzed. • Available tools • Exif-reader • Foca • Metagoofil
www.prismacsi.com © All Rights Reserved. 48 List of Additional Tools Processes handled manually with these tools can be automated for a wide-scale application. • theHarvester • Spiderfoot • Recon-ng • Foca • Metagoofil • Maltego • Searchsploit
www.prismacsi.com © All Rights Reserved. 49 In the end • Domains have been determined • IP ranges have been determined • Technologies used have been analyzed and preparations done • Used software have been analyzed and preparations done • Leak data have been analyzed and added to password lists • We are now ready for active scanning!
www.prismacsi.com © All Rights Reserved. 50 Demo Practice
www.prismacsi.com © All Rights Reserved. 51 Questions ?
www.prismacsi.com © All Rights Reserved. 52 www.prismacsi.com info@prismacsi.com 0 850 303 85 35 /prismacsi Contacts

Recomendados

Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Ch 6: Attacking Authentication
Ch 6: Attacking AuthenticationCh 6: Attacking Authentication
Ch 6: Attacking AuthenticationSam Bowne
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourWAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
 
From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentationJesse Ratcliffe, OSCP
 
Owasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOwasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOWASP Delhi
 
Social Engineering the Windows Kernel by James Forshaw
Social Engineering the Windows Kernel by James ForshawSocial Engineering the Windows Kernel by James Forshaw
Social Engineering the Windows Kernel by James ForshawShakacon
 

Recomendados

Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Ch 6: Attacking Authentication
Ch 6: Attacking AuthenticationCh 6: Attacking Authentication
Ch 6: Attacking AuthenticationSam Bowne
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourWAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
 
From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentationJesse Ratcliffe, OSCP
 
Owasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOwasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOWASP Delhi
 
Social Engineering the Windows Kernel by James Forshaw
Social Engineering the Windows Kernel by James ForshawSocial Engineering the Windows Kernel by James Forshaw
Social Engineering the Windows Kernel by James ForshawShakacon
 
Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0
Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0
Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0Cyber Security Alliance
 
How to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHow to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHaydn Johnson
 
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowdCVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowdCasey Ellis
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0Michael Gough
 
aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundDirkjanMollema
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemRoss Wolf
 
Building an Empire with PowerShell
Building an Empire with PowerShellBuilding an Empire with PowerShell
Building an Empire with PowerShellWill Schroeder
 
Getting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureGetting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureBeau Bullock
 
Security Code Review 101
Security Code Review 101Security Code Review 101
Security Code Review 101Paul Ionescu
 
Lightweight static code analysis with semgrep
Lightweight static code analysis with semgrepLightweight static code analysis with semgrep
Lightweight static code analysis with semgrepNull Bhubaneswar
 
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01MW_Arch Fastest_way_to_hunt_on_Windows_v1.01
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01Michael Gough
 
Racing The Web - Hackfest 2016
Racing The Web - Hackfest 2016Racing The Web - Hackfest 2016
Racing The Web - Hackfest 2016Aaron Hnatiw
 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema
 
I hunt sys admins 2.0
I hunt sys admins 2.0I hunt sys admins 2.0
I hunt sys admins 2.0Will Schroeder
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposureabodiford
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat HuntingGIBIN JOHN
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Derbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryDerbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryWill Schroeder
 
Bsides Knoxville - OSINT
Bsides Knoxville - OSINTBsides Knoxville - OSINT
Bsides Knoxville - OSINTAdam Compton
 
hacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxhacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxsconalbg
 
Scrapy
ScrapyScrapy
ScrapyFrancisco Sousa
 

Más contenido relacionado

La actualidad más candente

Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0
Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0
Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0Cyber Security Alliance
 
How to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHow to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHaydn Johnson
 
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowdCVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowdCasey Ellis
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0Michael Gough
 
aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundDirkjanMollema
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemRoss Wolf
 
Building an Empire with PowerShell
Building an Empire with PowerShellBuilding an Empire with PowerShell
Building an Empire with PowerShellWill Schroeder
 
Getting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureGetting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureBeau Bullock
 
Security Code Review 101
Security Code Review 101Security Code Review 101
Security Code Review 101Paul Ionescu
 
Lightweight static code analysis with semgrep
Lightweight static code analysis with semgrepLightweight static code analysis with semgrep
Lightweight static code analysis with semgrepNull Bhubaneswar
 
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01MW_Arch Fastest_way_to_hunt_on_Windows_v1.01
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01Michael Gough
 
Racing The Web - Hackfest 2016
Racing The Web - Hackfest 2016Racing The Web - Hackfest 2016
Racing The Web - Hackfest 2016Aaron Hnatiw
 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposureabodiford
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat HuntingGIBIN JOHN
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Derbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryDerbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryWill Schroeder
 
Bsides Knoxville - OSINT
Bsides Knoxville - OSINTBsides Knoxville - OSINT
Bsides Knoxville - OSINTAdam Compton
 

La actualidad más candente (20)

Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0
Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0
Asfws 2014 slides why .net needs ma-cs and other serial(-ization) tales_v2.0
 
How to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHow to Plan Purple Team Exercises
How to Plan Purple Team Exercises
 
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowdCVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd
CVE-2021-44228 Log4j (and Log4Shell) Executive Explainer by cje@bugcrowd
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0
 
aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHound
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find Them
 
Building an Empire with PowerShell
Building an Empire with PowerShellBuilding an Empire with PowerShell
Building an Empire with PowerShell
 
Getting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureGetting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: Azure
 
Security Code Review 101
Security Code Review 101Security Code Review 101
Security Code Review 101
 
Lightweight static code analysis with semgrep
Lightweight static code analysis with semgrepLightweight static code analysis with semgrep
Lightweight static code analysis with semgrep
 
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01MW_Arch Fastest_way_to_hunt_on_Windows_v1.01
MW_Arch Fastest_way_to_hunt_on_Windows_v1.01
 
Racing The Web - Hackfest 2016
Racing The Web - Hackfest 2016Racing The Web - Hackfest 2016
Racing The Web - Hackfest 2016
 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
 
I hunt sys admins 2.0
I hunt sys admins 2.0I hunt sys admins 2.0
I hunt sys admins 2.0
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposure
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Derbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active DirectoryDerbycon - The Unintended Risks of Trusting Active Directory
Derbycon - The Unintended Risks of Trusting Active Directory
 
Bsides Knoxville - OSINT
Bsides Knoxville - OSINTBsides Knoxville - OSINT
Bsides Knoxville - OSINT
 

Similar a Practical White Hat Hacker Training - Passive Information Gathering(OSINT)

hacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxhacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxsconalbg
 
Osint, shoelaces, bubblegum
Osint, shoelaces, bubblegumOsint, shoelaces, bubblegum
Osint, shoelaces, bubblegumJamieMcMurray
 
Breadcrumbs to Loaves: BSides Austin '17
Breadcrumbs to Loaves: BSides Austin '17Breadcrumbs to Loaves: BSides Austin '17
Breadcrumbs to Loaves: BSides Austin '17Brandon Arvanaghi
 
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPractical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPRISMA CSI
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchainjasonhaddix
 
PENETRATION TESTING FROM A HOT TUB TIME MACHINE
PENETRATION TESTING FROM A HOT TUB TIME MACHINEPENETRATION TESTING FROM A HOT TUB TIME MACHINE
PENETRATION TESTING FROM A HOT TUB TIME MACHINEChris Gates
 
The Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptxThe Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptxlior mazor
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestSecuRing
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestPawel Rzepa
 
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)PROIDEA
 
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & ProfitsWeaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & ProfitsHarsh Bothra
 
Nmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanationNmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanationWangolo Joel
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestSecuRing
 
Html5: Something wicked this way comes (Hack in Paris)
Html5: Something wicked this way comes (Hack in Paris)Html5: Something wicked this way comes (Hack in Paris)
Html5: Something wicked this way comes (Hack in Paris)Krzysztof Kotowicz
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
BSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad GuysBSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad GuysJoff Thyer
 

Similar a Practical White Hat Hacker Training - Passive Information Gathering(OSINT) (20)

hacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxhacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptx
 
Scrapy
ScrapyScrapy
Scrapy
 
Osint, shoelaces, bubblegum
Osint, shoelaces, bubblegumOsint, shoelaces, bubblegum
Osint, shoelaces, bubblegum
 
Breadcrumbs to Loaves: BSides Austin '17
Breadcrumbs to Loaves: BSides Austin '17Breadcrumbs to Loaves: BSides Austin '17
Breadcrumbs to Loaves: BSides Austin '17
 
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPractical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber Security
 
Human SEO 101: How to Rank Your Website (Without Ads!) Through Authority, Tru...
Human SEO 101: How to Rank Your Website (Without Ads!) Through Authority, Tru...Human SEO 101: How to Rank Your Website (Without Ads!) Through Authority, Tru...
Human SEO 101: How to Rank Your Website (Without Ads!) Through Authority, Tru...
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchain
 
Google Hacking 101
Google Hacking 101Google Hacking 101
Google Hacking 101
 
PENETRATION TESTING FROM A HOT TUB TIME MACHINE
PENETRATION TESTING FROM A HOT TUB TIME MACHINEPENETRATION TESTING FROM A HOT TUB TIME MACHINE
PENETRATION TESTING FROM A HOT TUB TIME MACHINE
 
The Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptxThe Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptx
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
 
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & ProfitsWeaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
 
Nmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanationNmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanation
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
Html5: Something wicked this way comes (Hack in Paris)
Html5: Something wicked this way comes (Hack in Paris)Html5: Something wicked this way comes (Hack in Paris)
Html5: Something wicked this way comes (Hack in Paris)
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
 
BSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad GuysBSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad Guys
 

Más de PRISMA CSI

Sysmon ile Log Toplama
Sysmon ile Log ToplamaSysmon ile Log Toplama
Sysmon ile Log ToplamaPRISMA CSI
 
Practical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post ExploitationPractical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post ExploitationPRISMA CSI
 
Practical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPractical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPRISMA CSI
 
Practical White Hat Hacker Training - Vulnerability Detection
Practical White Hat Hacker Training - Vulnerability DetectionPractical White Hat Hacker Training - Vulnerability Detection
Practical White Hat Hacker Training - Vulnerability DetectionPRISMA CSI
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma SaldırılarıBeyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma SaldırılarıPRISMA CSI
 
Sızma Testi Metodolojileri
Sızma Testi MetodolojileriSızma Testi Metodolojileri
Sızma Testi MetodolojileriPRISMA CSI
 
Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?PRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit AşamasıPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet KeşfiBeyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet KeşfiPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit AşamasıPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi ToplamaBeyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi ToplamaPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik TemelleriBeyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik TemelleriPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)PRISMA CSI
 
Kaynak Kod Analiz Süreci
Kaynak Kod Analiz SüreciKaynak Kod Analiz Süreci
Kaynak Kod Analiz SüreciPRISMA CSI
 

Más de PRISMA CSI (15)

Sysmon ile Log Toplama
Sysmon ile Log ToplamaSysmon ile Log Toplama
Sysmon ile Log Toplama
 
Practical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post ExploitationPractical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post Exploitation
 
Practical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPractical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - Exploitation
 
Practical White Hat Hacker Training - Vulnerability Detection
Practical White Hat Hacker Training - Vulnerability DetectionPractical White Hat Hacker Training - Vulnerability Detection
Practical White Hat Hacker Training - Vulnerability Detection
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
 
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma SaldırılarıBeyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
 
Sızma Testi Metodolojileri
Sızma Testi MetodolojileriSızma Testi Metodolojileri
Sızma Testi Metodolojileri
 
Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?
 
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
 
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet KeşfiBeyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
 
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
 
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi ToplamaBeyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
 
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik TemelleriBeyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
 
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
 
Kaynak Kod Analiz Süreci
Kaynak Kod Analiz SüreciKaynak Kod Analiz Süreci
Kaynak Kod Analiz Süreci
 

Último

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 

Último (20)

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 

Practical White Hat Hacker Training - Passive Information Gathering(OSINT)

  • 1. www.prismacsi.com © All Rights Reserved. 1 Practical White Hat Hacker Training #2 Passive Information Gathering This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
  • 2. www.prismacsi.com © All Rights Reserved. 2 OSINT • Open Source Intelligence (OSINT) • No communication with the target that may create an anomaly • Gathering information using internet services • Do searches on search engines • Analyze developer sites • Assemble all the information you obtained • Have an overview before active scanning to obtain the most accurate data
  • 3. www.prismacsi.com © All Rights Reserved. 3 Sceriano • We are a group of Zambian hackers. • Capital: Lusaka • Language: English • Let’s suppose we are a hacker group for hire. • We need to collect information. • We need to look from every point of view.
  • 4. www.prismacsi.com © All Rights Reserved. 4 OSINT • Let's start by identifying the basics. • Finding the main site by Google search • IP detection by Pinging • IP Range Detection • IANA • Arın , Ripe , Apnic , Japnic may be used • Researching the location with IP2Location
  • 5. www.prismacsi.com © All Rights Reserved. 5 IP Range Detection - DEMO ripe.net
  • 6. www.prismacsi.com © All Rights Reserved. 6 IP Range Detection - DEMO Netname üzerine kayıtlı tüm IP aralıkları iplocation.com
  • 7. www.prismacsi.com © All Rights Reserved. 7 OSINT • What we can find through domain information? • Whois record analysis - Who.is • Discovering the other domains by using Reverse Whois • Whois history analysis • Discovering the attack area through subdomain detection • Detecting virtual hosts is important! • Detecting Email addresses • Detection of email structure • Important for creating missing mail addresses!
  • 8. www.prismacsi.com © All Rights Reserved. 8 Whois Analysis - DEMO who.is
  • 9. www.prismacsi.com © All Rights Reserved. 9 Reverse Whois Analysis - DEMO whoisology.com
  • 10. www.prismacsi.com © All Rights Reserved. 10 Subdomain, Virtualhost and Email Discovery - DEMO theharvester
  • 11. www.prismacsi.com © All Rights Reserved. 11 Subdomain, Virtualhost and Email Discovery theharvester
  • 12. www.prismacsi.com © All Rights Reserved. 12 Aquatone - DEMO https://github.com/michenriksen/aquatone
  • 13. www.prismacsi.com © All Rights Reserved. 13 Aquatone-Discover - DEMO aquatone-discover –d yandex.com
  • 14. www.prismacsi.com © All Rights Reserved. 14 Sublist3r - DEMO https://github.com/aboul3la/Sublist3r
  • 15. www.prismacsi.com © All Rights Reserved. 15 OSINT • What can we collect from DNS? • Analysis via Robtex.com • Analysis through Mxtoolbox.com • Analysis via Dnsstuff.com • Analysis with Dig
  • 16. www.prismacsi.com © All Rights Reserved. 16 DNS Information - DEMO robtex.com
  • 17. www.prismacsi.com © All Rights Reserved. 17 DNS Information dnsdumpster.com
  • 18. www.prismacsi.com © All Rights Reserved. 18 DNS Information - DEMO mxtoolbox.com
  • 19. www.prismacsi.com © All Rights Reserved. 19 DNS Information- DEMO dnsstuff.com
  • 20. www.prismacsi.com © All Rights Reserved. 20 Subdomain, Virtualhost and Email Discovery- DEMO dig
  • 21. www.prismacsi.com © All Rights Reserved. 21 Subdomain, Virtualhost and Email Discovery dig
  • 22. www.prismacsi.com © All Rights Reserved. 22 OSINT • Discovery through the other useful resources has its benefits! • Analysis can be done via Yougetsignal. • Subdomain discovery • Analysis through Bing • Subdomain discovery • Analysis via Netcraft • Technology and service analysis • Analysis through Archive.org • Content analysis by time
  • 23. www.prismacsi.com © All Rights Reserved. 23 Yougetsignal - DEMO yougetsignal.com
  • 24. www.prismacsi.com © All Rights Reserved. 24 Bing - DEMO bing.com
  • 25. www.prismacsi.com © All Rights Reserved. 25 Netcraft - DEMO netcraft.com
  • 26. www.prismacsi.com © All Rights Reserved. 26 Wayback Machine - DEMO Archive.org
  • 27. www.prismacsi.com © All Rights Reserved. 27 Wayback Machine - DEMO archive.org
  • 28. www.prismacsi.com © All Rights Reserved. 28 OSINT • It is useful to take advantage of the internet's active analysis resources! • Analysis should be done via Shodan • Analysis should be done via Censys • Haveibeenpwned.com • Have email addresses detected previously been used at a given address and have these addresses been previously hacked? • Have they been shared in Paste sites? • Are the passwords of these e-mail addresses still in use?
  • 29. www.prismacsi.com © All Rights Reserved. 29 Shodan - DEMO shodan.io
  • 30. www.prismacsi.com © All Rights Reserved. 30 Censys - DEMO censys.io
  • 31. www.prismacsi.com © All Rights Reserved. 31 Haveibeenpwned - DEMO haveibeenpwned.com
  • 32. www.prismacsi.com © All Rights Reserved. 32 Serversniff - DEMO • Online Research Resources – Serversniff.net
  • 33. www.prismacsi.com © All Rights Reserved. 33 Hackertarget - Demo • Online Research Resources – Hackertarget.com
  • 34. www.prismacsi.com © All Rights Reserved. 34 OSINT • Developer sites are one of the most critical points! • Analysis must be done through Alexa • Pastebin sites must definitely be examined • Critical data can be captured by analysis via Stackoverflow • Analysis through Github can give access to source code and perhaps internal critical data.
  • 35. www.prismacsi.com © All Rights Reserved. 35 Alexa - Demo alexa.com
  • 36. www.prismacsi.com © All Rights Reserved. 36 Pastebin- Demo pastebin.com
  • 37. www.prismacsi.com © All Rights Reserved. 37 Pastebin Search - Demo https://inteltechniques.com/OSINT/pastebins.html
  • 38. www.prismacsi.com © All Rights Reserved. 38 Stackoverflow - Demo stackoverflow.com
  • 39. www.prismacsi.com © All Rights Reserved. 39 Github - Demo github.com
  • 40. www.prismacsi.com © All Rights Reserved. 40 Google Hacking DB • Google Hacking DB • Dork concept • Frequently used parameters • Site , -site, Inurl, intitle, intext • Filetype: , ext : , cache:
  • 41. www.prismacsi.com © All Rights Reserved. 41 Google Hacking DB • Example Dorks • Intitle:index.of url:domain.com • Intitle:index.of inurl:domain.com filetype:sql • Site:domain.com –site:www.domain.com unique • Filetype:log intext:”putty” • Filetype:xls “username | password” • Ext:phps “mysql_connect” • inurl:/view/index/shtml
  • 42. www.prismacsi.com © All Rights Reserved. 42 Google Hacking DB - Demo • https://www.exploit-db.com/google-hacking-database/
  • 43. www.prismacsi.com © All Rights Reserved. 43 Google Hacking DB - Demo • Google Images
  • 44. www.prismacsi.com © All Rights Reserved. 44 Tineye - Demo • https://www.tineye.com/
  • 45. www.prismacsi.com © All Rights Reserved. 45 OSINT • Important data can be obtained from search engines and social media thereby expanding the attack surface. • User login screens must be discovered. (For social engineering attacks) • Job postings must be analyzed • Social media analysis must be done
  • 46. www.prismacsi.com © All Rights Reserved. 46 OSINT • One can obtain data on people using search engines • Linkedin.com • Jigsaw.com • People123.com • Pipl.com • Peekyou.com
  • 47. www.prismacsi.com © All Rights Reserved. 47 OSINT • Metadata analysis should be done, important data can also be obtained from this. • Office files can be examined • Pdf files can be inspected • Images – EXIF data can be analyzed. • Available tools • Exif-reader • Foca • Metagoofil
  • 48. www.prismacsi.com © All Rights Reserved. 48 List of Additional Tools Processes handled manually with these tools can be automated for a wide-scale application. • theHarvester • Spiderfoot • Recon-ng • Foca • Metagoofil • Maltego • Searchsploit
  • 49. www.prismacsi.com © All Rights Reserved. 49 In the end • Domains have been determined • IP ranges have been determined • Technologies used have been analyzed and preparations done • Used software have been analyzed and preparations done • Leak data have been analyzed and added to password lists • We are now ready for active scanning!
  • 50. www.prismacsi.com © All Rights Reserved. 50 Demo Practice
  • 51. www.prismacsi.com © All Rights Reserved. 51 Questions ?
  • 52. www.prismacsi.com © All Rights Reserved. 52 www.prismacsi.com info@prismacsi.com 0 850 303 85 35 /prismacsi Contacts