Recon DSU GenCyber.

Slides:



Advertisements
Similar presentations
Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?
Advertisements

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
The Business of Penetration Testing
Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
E safety. Ads It’s always best to not click on ads when you see them, and it’s always a good idea to ignore them, but if there are too many you can always.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.

Ethical Hacking License to hack. OVERVIEW Ethical Hacking ? Why do ethical hackers hack? Ethical Hacking - Process Reporting Keeping It Legal.
Computer crimes.
Web Security Introduction to Ethical Hacking, Ethics, and Legality.
Internet safety. Dangers of a poor password How people guess your password Your partner, child, or pet's name, possibly followed by a 0 or 1 The last.
The Front Range’s Largest AppSec Conference is BACK February 18, 2016 Details & registration at Keynote by Jeremiah Grossman.
Modern information gathering Dave van Stein 9 april 2009.
CURRENT STATUS OF CYBERCRIME  Security is the fastest growing service in IT  Cyber Crime Costs $750 Billion annually  70% of threats arrive via .
Common System Exploits Tom Chothia Computer Security, Lecture 17.
THE BEST CRM SOFTWARE FOR YOUR BUSINESS
Online Reputation A guide for children aged 7+
An Anatomy of a Targeted Cyberattack
Important Information Provided by Information Technology Center
Technical Implementation: Security Risks
Cyber Security and Computer Safety
Penetration Testing Reconnaissance 2
Cyber Info Gathering Techniques
Intro to Ethical Hacking
As modern children, we have a huge number of electronic devices available to us. We might use computers, tablets, mobile phones or games consoles; for.
Creating your online identity
MEDIA LITERACY Isabelle M.
Seminar On Ethical Hacking Submitted To: Submitted By:
Cyber Safe – WGC Parents
Cyber Safe – WGC Wellness Day
Lesson Objectives Aims You should be able to:
Learn how to protect yourself against common attacks
Poole CPD Online - Lisa Tickhill
Module 3 (Ground Rules and Rules of Engagement)
Foot Printing / Scanning Tools Lect 4 – NETW 4006
One OSINT Tool to Rule Them All
HISTORY Of API.
E-safety Staying safe online 2017/18.
Phishing is a form of social engineering that attempts to steal sensitive information.
More leads, More enquiries, More sales
Key Term to understand:
Fast Action Links extension A love letter to CiviCRM
Naviance: Do What You Are Personality Survey
Forensics Week 11.
Intro to Ethical Hacking
Call AVG Antivirus Support | Fix Your PC
Setting Up Your Personal Representative Profile
Finding a Job Gathering Leads
Web Penetration Testing and Ethical Hacking Capture the Flag
How to build a defense-in-depth
Topic 5: Communication and the Internet
Intro to Ethical Hacking
Facebook Cover Photo Trick
E-safety and what you need to know!
RECONNAISSANCE & ENUMERATION
Intro to Ethical Hacking
Cyber Security and Computer Safety
SafeSurfing Module 5 September 2016.
Learning objectives By the end of this unit you should: Explain
Network Security Best Practices
Finding a Job Gathering Leads
Acknowledgement Content from the book:
Spear Phishing Awareness
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Company Name | Phone Number | Website | Address
Chapter 1 Key Security Terms.
Presentation transcript:

Recon DSU GenCyber

Before we start talking about hacking… This can be you! This is not you. GenCyber

White Hat vs. Black Hat The Good Guys! Ethical hackers Use your abilities for good ONLY operates with permission/approval Exploits vulnerabilities in systems Reports findings to organizations, to help better their security posture Discloses vulnerabilities to developers The Bad Guys. Always in the news Use their abilities for their own personal gain Operates without permission/approval Exploits vulnerabilities in systems Steals valuable information Sells such information Disrupting services Sells vulnerabilities to the highest bidder GenCyber

Offensive Security Ethics Don’t do bad stuff Play nice ALWAYS gain written permission Stay legal GenCyber

Offensive Security Overview Don’t only the bad guys play the offense? No!! “The best defense is a good offense” Kind of, but not quite… Goal isn’t to hack the people who are hacking us BAD IDEA! Let’s hack our own stuff before someone else does And fix it! Need to know how the offense works to be able to do defense well Offensive Network Security, Penetration Testing Security Research, Reverse Engineering, Exploitation GenCyber

Cyber Kill Chain How an attack works Learn about the target Find vulnerabilities Find weaknesses Create the exploit Execute the exploit Post-Exploitation tasks GenCyber

PTES Penetration Testing Execution Standard Seven main sections Pre-engagement interactions Getting the legal documents in place, determining scope, etc. Intelligence Gathering Reconnaissance – learning about the target, systems, people Threat Modeling Determining highest value assets Vulnerability Analysis Finding vulnerabilities in the systems Exploitation Taking advantage of the vulnerabilities Post Exploitation What do we do once we got in? Move around, find other information, other systems, etc. Reporting A test is useless if we can’t tell the customer how we got in, and how to fix it. GenCyber

Reconnaissance GenCyber

Reconnaissance Preliminary surveying or research. Before we start interacting with the target What can we learn? Information gathered during this phase guides the rest of the penetration test Arguably most important part of Penetration Testing Example: Bank Robbery Walk right in “Give me all your money!” Methodical, planned approach GenCyber

Recon the Recon Active vs. Passive OSINT: Open-Source Intelligence Passive: Not interacting with the target; using information available through other means Active: Interacting directly with the target The target may know you are gathering information, or probing their systems OSINT: Open-Source Intelligence Publicly available information Never touching the target GenCyber

Targeted Data Collection - Business Details about the business Who they are What they do (products/services) Relationships with other companies Organizational Chart Physical Location Employees Websites Usernames Email Addresses GenCyber

Your turn! What can you learn about the following company through open source research on the internet? Best Buy Business size IT size IT Budget C-level employees (Chief….) Services rendered Partners GenCyber

Job Postings These can be great recon tools for you Often will list specific technologies in use by the company. CVE - Common Vulnerabilities and Exposures GenCyber

Breaking down the recon Three different major categories User Recon Business Recon Network Recon GenCyber

User Recon - Phishing Phishing – attempting to acquire sensitive information by disguising as a trustworthy entity Often carried out via email Phishing vs. Spear Phishing Broad, not targeted phishing Very specific, targeted phishing GenCyber

Phishing Example What’s wrong with this? GenCyber

Phishing Example What’s wrong with this? From jymiller2@gmail.com Why gmail? Shouldn’t it be lehigh.edu? Do you really need to login to remain active? Best to contact the real Julie to confirm The link takes you to library.lehigh.saea.ga What is .ga? Why not lehigh.edu? GenCyber

Spearphish Me Find me (Cody Welu) on Instagram Using ONLY what I post there, learn about me. Interests Where I’ve been/locations Friends/Family Anything else interesting? Draft a spearphishing email to me. Try to get me to click on a link, or open an attachment. Submit here: http://link.weluc.com/phishCody Not so great example Dearest Cody: Your long lost cousin is actually a Prince with too much money, and it’s your lucky day! Click <here> to claim your payday! GenCyber

Hi Cody I noticed your photography online, and I’m looking to hire you for an event. My daughter’s softball club is holding a 2-day tournament in August, and we’d like you to be our official photographer for the event. There are more details about the tournament here: <link>. Please let me know if you’re interested. Looking forward to hearing back from you! GenCyber

Could you be phished? Know what to look for Be critical of emails, especially attachments and links Practice good OPSEC For your safety, security, and wellbeing What do you want the world to know about you? Where you work Where you live What new expensive toy you got When you’re on vacation And not home GenCyber

Network Recon Now we’re getting a bit closer to the actual computer systems we’d be attacking Domain Names dsu.edu webmail.dsu.edu catalog.dsu.edu IP addresses Possible usernames Email addresses Specific port information GenCyber

Google-Fu Google Hacking Google Dorks Advanced Search Operators inurl: site: intext: ext: https://www.exploit-db.com/google-hacking-database GenCyber

If you search too much… GenCyber

Tools Lots of different tools that can help us gather information All of these are available in Kali Linux Recon-ng All sorts of data acquisition tools Metagoofil Extracts metadata of documents Maltego Good at showing relations between data Nmap Network mapping/scanning Etc…. GenCyber

Info Gathering with Recon-ng In a terminal, open recon-ng recon-ng Create a new workspace and add DSU workspaces add dsu.edu add domains dsu.edu Find some hosts using osint load netcraft run load bing_domain_web load google_site_web load brute_hosts Resolve to IP addresses load recon/hosts-hosts/resolve run load recon/hosts-hosts/reverse_resolve Gather information on contacts (people) load whois_pocs load pgp_search Generate a nice HTML report of info use html set creator YOURNAME set customer CUSTOMERNAME GenCyber