Enterprise Open Source Intelligence Gathering Part 1 Social Networks spylogic.net. UPDATE: You can now download my slide deck from SlideShare.
Next week I will be speaking at the 7th Annual Ohio Information Security Summit on “Enterprise Open Source Intelligence Gathering”. Here is the talk abstract: What does the Internet say about your company? Do you know what is being posted by your employees, customers, or your competition? We all know information or intelligence gathering is one of the most important phases of a penetration test. Leading up to my talk at the summit this series of posts will focus on several of the main topics of my presentation. This first post in the series will focus on gathering intelligence on social networks.
What is OSINT? Why look for OSINT about your company? OSINT and Social Networks Social networks have recently become the 4th most popular method for online communication (even ahead of email) today. 1. Don’t forget about photo/video social networks and social bookmarking sites: Pay Services (might be worth checking out): Filtrbox. Enterprise Open Source Intelligence Gathering Part 2 Blogs, Message Boards and Metadata spylogic.net. This post is part two of my three part series on Enterprise Open Source Intelligence Gathering.
This information relates to the presentation that I am giving this week at the 7th Annual Ohio Information Security Summit. For more background information, see part 1. Part three will be about putting together a simple monitoring program/toolkit and creating a Internet postings (social media) policy for your company. Part one of the series discussed ways to gather OSINT on social networks and some of the challenges this creates. Besides gathering OSINT on social networks there are many more sources of information that company information may be posted on. OSINT and Blogs Blogs can be searched via any traditional search engine, however, the challenge with blogs are not necessarily the posts themselves but the comments. Listed below are some of the blog and comment search sites that I recommend you add to your monitoring arsenal which I will talk about creating in part three: Great!
Enterprise Open Source Intelligence Gathering Part 3 Monitoring and Social Media Policies spylogic.net. This is the final article in my series on Enterprise Open Source Intelligence Gathering.
This information relates to the main topics from my presentation that I am giving this week at the 7th Annual Ohio Information Security Summit. For more background information, see part one. If you missed part two (blogs, message boards and metadata) you can check that out here. This last article will be about putting together a simple monitoring program/toolkit and creating a social media policy for your company. OSINT and Monitoring After reading this series you are probably asking yourself…what do I do will all of these feeds and information that I have gathered? What do you want to monitor? Free tools to aggregate this information Lets discuss briefly some tools to aggregate and monitor all the information sources you have decided as important. 1. “Pipes is a powerful composition tool to aggregate, manipulate, and mashup content from around the web. 2.
What’s easy and works best? Tactical Information Gathering. Document_metadata_the_silent_killer__32974 (application/pdf Object) Footprinting - passive information gathering before a pentest. A pentest must be planned and prepared by several preliminary actions to obtain the most comprehensive inventory of resources hardware, software and even human target network.
It is to recover the maximum information on the network architecture, operating systems, applications and users. This step should not be limited to port scanning or fingerprinting. Indeed, lots of informations can be gathered through passive means, without any access to the target, for example using DNS servers or search engines as Google. We must therefore distinguish passive - footprinting - and active recognition. The aim of footprinting is to passivly gather intelligence about web, mail, DNS, directory servers and look for IP addresses, domain names, network protocols, active services, operating systems, softwares and users. The purpose of this article is to present methods for passive recognition (footprinting). Owasp.org is a website hosted by Fast.net. Domain names IP addresses subdomains www.owasp.org.tw dig.