[Nulled] » Information security » OSINT » OSINT (Internet Intelligence) skills in Cybersecurity
February 26 2024

OSINT (Internet Intelligence) skills in Cybersecurity

OSINT (Open Source Intelligence) – collection and analysis of information from publicly available sources. In the current reality, we are talking mainly about Internet sources. From Russian-speaking experts, you can hear the term "Internet intelligence", which is equivalent to OSINT in meaning.

As part of cybersecurity, OSINT is used for pentest, forensics, reverse engineering, and social engineering. Information security training often includes a section with the study of OSINT techniques and tools.

Pentesters use OSINT to optimize the first stage of their work: exploration and collection of information about a certain online object or subject. In this case, OSINT is necessary to identify the targets that need to be attacked, or to understand that nothing needs to be broken – it is already available to everyone.

OSINT is convenient because:

it implies much fewer risks: you do not violate someone's privacy and laws;
cheaper – you don't need any additional hardware and expensive software;
such information is easy to access (go online), and most often it is always fresh.
There are two main methods of collecting information:

1. Passive. In this case, you do not give yourself away in any way and what you are looking for. The search is limited to the content on the site of the research object, archived or cached information, and unprotected files.

2. Active. This method is used for Internet intelligence much less often. To get information, you explore the company's IT infrastructure and actively interact with computers and machines. Advanced techniques are used to gain access to open ports, scan vulnerabilities and web server applications. In this case, your intelligence can be easily recognized. Social engineering also belongs here.

The choice of method depends on the conditions under which you collect information, as well as on what data you need. Are you analyzing the company's security, have you signed an NDA and can you go anywhere you want? Or were you asked to get information about competitors?

It is important to understand that what you can easily access is not always legal.

For example, through Shodan (an Internet of Things search engine), it is not difficult to access the management of any of the systems, both personal and corporate. You can do this in a few clicks. However, if you start interacting with it somehow, trying to enter different passwords, this can already be counted as a hacking attempt and goes into active information collection, where the permission of the system owner is needed.

OSINT (Internet Intelligence) skills in Cybersecurity
The main sources of OSINT that are used in information security
Any information in the public domain can be dangerous. Social networks, photos, data from profiles and third-party sites, public documentation, etc. After all, together with other data, it can tell hackers what they are looking for.

Let's focus on the main areas that information security specialists explore on a regular basis.

1. File metadata.

In them, you can find the date of creation of the document, user names, printer models, software installed on computers, and sometimes geolocation. Information about installed programs and their versions, for example, will allow you to select the most vulnerable and select exploits. User names, in turn, will become potential logins to personal or corporate systems.

2. Confidential documentation.

Even in the most advanced companies and serious government agencies, some classified document may accidentally end up in the public domain. Examples of how to search for such documents can be found in the lectures of Andrei Masalovich. Confidential information may include the password creation policy, as well as the software and services used.

3. Domain information.

There are a lot of tools that help collect all the data from the site (including those that are not visible to ordinary users). For example:

e-mails,
phones,
faxes,
technologies on which the site is built,
cryptographic certificates that are used on a specific domain.
After researching the main domain, it is worth exploring how the company organizes its Internet resources. Subdomains usually have poorly secured sites for testing new technologies. Such subdomains may contain some important documents left on the server.

4. Server-side web applications, Internet of Things. Servers, routers, CCTV cameras, webcams, online storage devices, etc. can be indexed. In addition to the fact that some can be accessed simply by clicking on the link, these devices contain technical information. Geolocation, open ports, running services, the domain name associated with the device, the Internet provider, web technologies.

 OSINT (Internet Intelligence) skills in Cybersecurity
OSINT training for use in information security
A couple of days will be enough for you to learn OSINT at a basic level and start doing some small research.

To immerse yourself in the topic and explore certain aspects, it is worth reading the following books:

Business Intelligence
Open Source Intelligence Techniques, Michael Bazzell;
The development in OSINT is divided roughly into the following stages:

1. Mastering basic techniques like Google dorks (advanced Google search). To do this, read the blogs of specialists or specialized companies. For example:

Hrazvedka – in the section "Razvednet" you can find a selection of different tools. In addition, the blog collects videos, articles, books, and films on the topic in Russian;
Sector035 – weekly collections with new techniques and tools;
OSINT Curious – in addition to the blog, they have a webcast where they invite guests and discuss the news;
Aware Online;
a significant crowd is gathered on Twitter: i-intelligence, Dutch OSINT Guy, Henk van Ess. In this collection, you can find other figures who will be interesting to subscribe to.
2. Start applying knowledge in practice. Look for interesting approaches to using tools and techniques and try to write small reports about it with visualization of the results. Share your insights on Twitter by adding appropriate hashtags or in the community on Reddit.

The necessary tools for exploration are available in the collections:


OSINT Framework;
OSINT Essentials;
Toddington;
Technisette.
3. Become as anonymous as possible. When studying OSINT, a lot of time is devoted to ensuring your security when searching. This is necessary so that the company or person cannot recognize that you are collecting some information. Here are some practices:

creating fake profiles;
using Android emulators (you access mobile applications through a special program on your computer);
VPN;
the Tor browser;
rules like it's not worth scouting at the same time of day. This can give away even the most skilled hackers.
To what extent to ensure anonymity depends on what kind of goal you have in front of you. You don't need to create a lot of social media accounts if you don't need to do research there. Or install security software just to search for geographical data on the map.

A lot of materials on this subject can be found in the blogs and books described above. Here is one of them.

4. Learn more advanced tools that require knowledge:

Kali Linux. There are many OSINT tools that only work on this operating system.
Python – working with some tools requires knowledge of the syntax of the language.
5. Try to write automated information collection and analysis tools in Python yourself.

 OSINT (Internet Intelligence) skills in Cybersecurity
OSINT tools in Information security
1. Shodan is a search engine for devices connected to the network (including the Internet of Things and web applications). The "Explore" section will help you start searching, as user requests are collected there. To get access to the advanced search, you need to register. In the paid versions, you will have access to more devices, as well as an unlimited number of search queries per day. The Shodan manual in Russian (download link).

2. MaltegoMaltego is a software that collects all the data together, helps to see the relationships and draw conclusions. The result is visualized as a tree that collects IP addresses, e-mails, phones, domains, etc. Into a single system. There are three versions of the client, but for most specialists it will be enough for free. Maltego tutorials: in Russian and English (they are different).

3. Google Dorks are queries to Google using special operators. You've probably heard that to find the exact phrase, you need to put the words in quotation marks, and to exclude a word from the output, you need to put a "-" in front of it. This is just about Google dorking. Here you will find the basic operators, and here you will find a huge number of holes for finding vulnerabilities.

4. Foca is a program that helps with uploading, classifying and analyzing files on a remote web server. To do this, it scans a specific domain using Google, Bing, DuckDuckGo search engines. The software is free and installs quickly. In this material, you can find a small instruction on how to use the program.

5. Spyse is a search engine for technical information on websites. With it, you will find a variety of data, such as vulnerabilities, IP addresses, subdomains and SSL/TLS.

Conclusion
OSINT will help you reduce time and money when searching for information, and the tools and techniques you have learned will be useful outside of professional activities.

OSINT (Internet Intelligence) skills in Cybersecurity

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

    1. Maykweb (👨‍💼🅿🆁🅴🅼🅸🆄🅼)

      26 March 2024 10:33 44 commenti

      Great information for beginners

    1. Josep (👨‍💼🅿🆁🅴🅼🅸🆄🅼)

      22 March 2024 09:16 21 comments

      A very useful article, Nothing superfluous, But it would be possible to add a little

Information the publication:

  • Author of the publication: Aslan
  • Date of publication: 26 February 2024 01:39
  • Publication category(s): Information security»,OSINT
  • Number of views of the publication: 151
  • Number of comments to the publication: 2

Related News

15 February 2024
OSINT
Cyber Detective's OSINT

A collection of several hundred online tools for OSINT

Read more
22 February 2024
OSINT
Dark Web OSINT Tool

TOR Bot Dark Web OSINT Tool

Read more
15 February 2024
OSINT
Awesome OSINT

A curated list of amazingly awesome open source intelligence tools and resources. Open-source intelligence (OSINT)

Read more
15 February 2024
OSINT
OSINT collection

Collections of Tools, Bookmarks, and other guides created to aid in OSINT collection

Read more
15 February 2024
OSINT
OSINT Framework

OSINT framework focused on gathering information from free tools or resources. The intention is to help people

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +4 Total articles 6750
  • +18 Comments 4226
  • +37 Users : 6046