OSINT- Leveraging data into intelligence
•
12 likes•1,788 views
Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (19)
Similar to OSINT- Leveraging data into intelligence
Similar to OSINT- Leveraging data into intelligence (20)
Recently uploaded
Recently uploaded (20)
OSINT- Leveraging data into intelligence
- 1. Open Source Intelligence Leveraging Data into Intelligence Deep Shankar Yadav Digital Forensics Analyst
- 2. root@charlie:~$ whoami • Digital Forensics Analyst • Co-Leader – OWASP AppSec India • OSINT Enthusiast • Consultant to a few Law Enforcement Agencies • @TheDeepSYadav
- 3. Agenda • What is Intelligence? • What is OSINT? • Why OSINT? • What is Value of OSINT? • Sources of Data • Demo
- 4. What is Intelligence? • Data : Raw Report, Images or Broadcast • Information : Collected Data of Generic Interest • Intelligence : concisely tailored answer reflecting a deliberate process of discovery, discrimination, distillation, and delivery of data precisely suited to need
- 5. Types of Intelligence • HUMINT – Human Intelligence Sleeper Cells • SIGINT - Signal Intelligence Traffic Analysis, TEMPEST • MSINT – Measurement and Signature Intelligence Radar, Nuclear and Earthquake • Tactical Intelligence – Intelligence about Weapons used by Forces • OSINT – Open Source Intelligence
- 6. What is OSINT? Open-source intelligence (OSINT) is intelligence collected from publicly available sources. It’s not a tool, It’s not a website, It’s not with any fee but it’s not free….. :)
- 7. Why OSINT?
- 8. Why OSINT? • Internet is not limited to Google Searches. • Not even limited to search engines, social media and blogs. • Huge number of sensational hacks in recent times Organizations getting hacked even after using so called "sophisticated" defense mechanisms. • Basic recon usually ignored during security assessments. • If your SECRET is out there in the open, someone WILL find it. • It's just data until you leverage it to create intelligence.
- 9. If you are lucky you will get everything
- 10. Sensitive Information Hard coded keys in Github Credential leaks in Pastebin 0-days sold in darknet Hack info in micro blog Corporate email credentials Open Bugs or ports
- 11. Why is it becoming easy?
- 13. Typical Pentesting Methodology Post- Exploit Cover Tracks Write report I.G Scan Enumerate Exploit
- 14. What everyone focus on: Enumera te Post- Exploit Cover Tracks Write report I.G Scan Exploit
- 15. Attacker Methodology Informaion Gathering Discover what makes the company money Do whatever it takes... Steal it Discover what is valuable to the atacker
- 17. OSINT PROCESS Source Identification Data harvesting Data processing and Integration Data Analysis Results Delivery
- 19. Data Harvesting
- 20. Data Processing
- 21. Data Analysis • Selecting Data as per Case. • Removing Noise (Buy Disprin Before it :P ) • Making Intelligence on behalf of data. (Give wake up call to your inner Sherlock)
- 22. Results Delivery
- 23. Data Sources • Web Directories – WWW Library and Internet Public Library • Search Engines – Google, Yahoo, Bing, Baidu, MSN etc. etc. • Important Engine – Wolframe Alpha, ROBTEX • Serial Search Engines – Soolve , myallsearch • Hardware Search Engine – Shodan • Scientific Search Engine – Google Scholar, Academia • Encyclopedia – Wikipedia • Book Stores – Amazon, Google Books etc. • Translations – Google, Bing and many more • Aeronautical – flightradar24.com and many more • Blogs – Blogspot, Wordpress and many more
- 24. Cntd. • Company Information – MCA.gov.in, Zaubacorp • Images – Google Images, Flickr, PICASA and much important – Tineye • Internet Tools – Archive.org, Whois, VisualRoute, ip2location.com etc etc • Thousand of Journals and Print Media Sources • Maps – Google Maps, Google Earth, Wikimap • People Finders – pipl, spokeo etc etc, Public Records - Intellius • Social Networking Websites – Facebook, Twitter, G Plus, LinkedIn etc etc • Matrimonial Websites • Job Portals
- 25. Data Harvesting A.K.A: • Information Gathering: The act of collecing informaion • Foot printing: Is the technique of gathering informaion about computer systems and the eniies they belong to. • Web mining: The act of collecing informaion from the web
- 26. Data Harvesting – How? • • • • • • • • Scraping (raw) Open APIs Commercial APIS Network Scanning Purchasing data Open source Data sets Databases Logfiles
- 27. Offensive OSINT – goals • • • • • Phishing Social Engineering Denial of Services Password brute force Target infiltraion atacks
- 28. What data is interesting? Emails Users / Employees names -Interests -People relationships -Alias
- 30. Employees linkedin.com jigsaw.com people123.com pipl.com peekyou.com / Usernames / Alias Glassdoor.com Hoovers.com Corpwatch.org intelius.com Google Finance / Etc. Usernamecheck.com checkusernames.com
- 31. Username checks
- 32. Social Media
- 33. Metadata Metadata: is data about data. Is used to facilitate the understanding, use and management of data. • • • • • Office documents Openoffice documents PDF documents Images EXIF metadata Others
- 36. Brace yourself Demo is starting
- 37. Some Notable tools to work upon • Datasploit (http://github.com/upgoingstar) • Metagoofil • The Harvestor • FOCA • Creepy • Maltego
- 38. Current Problems in OSINT • • • Source availability Changes in Terms of Use Generaing valid intelligence
- 39. Any Queries?
- 41. Sources • Slideshare.com • Google.com • Some Deep Web Forums I might have copied some images and content from other ppt’s and articles and credits are given where required so don’t worry I got them via googling only
- 42. Deep Shankar Yadav • mail@deepshankaryadav.net • advisorcybercell@gmail.com • http://www.deepshankaryadav.net • fb.me/deepshankaryadav • @TheDeepSYadav