Presentation is loading. Please wait.

Presentation is loading. Please wait.

OSINT Sharad Kumar @sk_security.

Published byGeraldine Mason Modified over 6 years ago

Similar presentations

Presentation on theme: "OSINT Sharad Kumar @sk_security."— Presentation transcript:

1 OSINT Sharad Kumar @sk_security

2 $whoami Security Engineer OSINT Creeper Penetration Tester
Server Auditor Author – OSINT-SPY OSINT Trainer BlackHat Arsenal Presenter

3 Agenda Intelligence Gathering OSINT OSINT-SPY
OSINT Investigation & OSINT Workflow

4 SUN TZU -- Art of War If you know your opponent weaknesses and How to exploit them you will never loose.

5 Intelligence Gathering
Intelligence gathering is a process of collecting intelligence(data) from various sources. Open or closed

6 What is Espionage ? Use of spies by government to discover military and political secrets of other nation. It’s a subset of Intelligence Gathering

7 Intelligence Gathering Disciplines
HUMINT GEOINT SIGINT TECHINT FININT OSINT Intel gathered from Humans Intel gathered from images, geo location and human activity. Intel gathered from signals, communication Intel gathered about weapons, defense and military affairs. Intel gathered from documents, organizational data and financial affairs.

8 OSINT ?

9 What is OSINT? Information available publicly from public sources.
Sources might be - Media Internet Social meetings

10 What kind of data we can gather?

11 Main OSINT Search Area Email Social Accounts Real Time Monitoring
Websites IP Addresses OSINT for Blue Team and Red Team

12 OSINT Arsenal Search Engines People Search Engines Social Networks
Video Sharing Platforms Various public API’s Tools

13 Search Engines Google Bing Yandex

14 TOR Search Engines www.torchtorsearch.com https://ahmia.fi

15 Twitter Intel Gathering
Google Dork is not a bad option  Geosocialfootprint.com Tweetpaths.com App.echosec.net Onemilliontweetmap.com Conweets.com

16 Social Network Traffic Analysis
Social-searcher.com Icerocket.com Socialmention.com Delicious.com stumbleupon.com Topix.com Keyhole.co

17 Online Maps | GEOINT Flashearth.com Here.com Google.com/maps
Panoramio.com

18 People Search Engines Thatsthem.com Pipl.com Peepdb.com Zabasearch.com
Intelius.com Radaris.com Spokeo.com Yasni.com Advancedbackgroundchecks.com

19 Domain and IP Address Viewdns.info/whois Whoisology.com
Domainhistory.net Whoishostingthis.com Whoismind.com Spyonweb.com Sameid.net Pub-db.com Domaincrawler.com Nerdydata.com Semrush.com

20 OSINT-SPY OSINT-SPY is a powerful Open Source Intelligence tool.
Purely written in Python Features -- Scan IP Address Scan Domain | URL Scan Bitcoin Scan Device Scan Skype Forensics Remote Malware Analysis Stego Tool Cipher Scan

21 OSINT-SPY CLI | WEB @sk_security github.com/SharadKumar97/OSINT-SPY

22 OSINT-SPY In Action Bitcoin Latest Block Information

23 OSINT-SPY In Action Block info by date

24 OSINT-SPY In Action Bitcoin Balance

25 OSINT-SPY In Action Account

26 OSINT-SPY In Action Domain

27 OSINT-SPY In Action

28 OSINT-SPY In Action

29 OSINT-SPY In Action

30 Is there any standard process for OSINT

31 Can we develop?

32 Let’s Try Email Address No Yes Verify Search Engines Social Platforms
Username – Amazon, GitHub, PGP, Key Base, Breached Data

33 Let’s Try OSINT search on email Domain (www) whois Email, Country
DNS, subdomains Reverse IP check Search engines ( site: ) Robots.txt Analytics and Ad-sense Reverse Ad-sense Check Hidden Pages and Documents Metadata Web Spider and Foca

34

35 Thanks Sharad Kumar @sk_security www.osint-spy.com @sk_security
github.com/SharadKumar97/OSINT-SPY Thanks

Download ppt "OSINT Sharad Kumar @sk_security."

Similar presentations

Surrey Libraries Computer Learning Centres January 2012 Internet Searching Teaching Script Totally New to Computers Internet Searching.

Surrey Libraries Computer Learning Centres January 2012 Internet Searching Teaching Script Totally New to Computers Internet Searching.
Let's say we want to access domain - reliablescribe.com First we need to buy a computer We need to subscribe to an Internet Service Provider (ISP) The.

Let's say we want to access domain - reliablescribe.com First we need to buy a computer We need to subscribe to an Internet Service Provider (ISP) The.
Cybercrime, Cyber Intelligence, Web 2.0

Cybercrime, Cyber Intelligence, Web 2.0
SEO PACKAGES. Types of Plans Starter Plan Business Plan Enterprises Plan.

SEO PACKAGES. Types of Plans Starter Plan Business Plan Enterprises Plan.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Over My Shoulder Training Session 4. Over My Shoulder Training Week 3 – Fulfillment – Search Engines and Citations Setting client expectations – More.

Over My Shoulder Training Session 4. Over My Shoulder Training Week 3 – Fulfillment – Search Engines and Citations Setting client expectations – More.
SCRAPING BUSINESS EMAIL ADDRESSES Anisha S. Agenda When business URLs are present When business URLs are not present; What is present is a list of keywords.

SCRAPING BUSINESS ADDRESSES Anisha S. Agenda When business URLs are present When business URLs are not present; What is present is a list of keywords.
Online Search Marketing OMI Certification Course – Discovery Documentation.

Online Search Marketing OMI Certification Course – Discovery Documentation.
The Internet. The World’s largest computer network A world wide collection of networks that connects millions of businesses, government agencies, educational.

The Internet. The World’s largest computer network A world wide collection of networks that connects millions of businesses, government agencies, educational.
Www.TASK.to GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.

GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.
TAG-Org Websites 1. Why Websites ? Branding: Since it's our website, we can set the design and build the awareness of our brand. To create our own Online.

TAG-Org Websites 1. Why Websites ? Branding: Since it's our website, we can set the design and build the awareness of our brand. To create our own Online.
3.4 Internet Strand 3 Sara Liquori. 3.4 Internet  A global computer network providing a variety of information and communication facilities, consisting.

3.4 Internet Strand 3 Sara Liquori. 3.4 Internet  A global computer network providing a variety of information and communication facilities, consisting.
Digital Literacy Concepts and basic vocabulary. Digital Literacy Knowledge, skills, and behaviors used in digital devices (computers, tablets, smartphones)

Digital Literacy Concepts and basic vocabulary. Digital Literacy Knowledge, skills, and behaviors used in digital devices (computers, tablets, smartphones)
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
Website Design:. Once you have created a website on your hard drive you need to get it up on to the Web. This is called uploading“ or “publishing” or.

Website Design:. Once you have created a website on your hard drive you need to get it up on to the Web. This is called "uploading“ or “publishing” or.
WHAT IS INTERNET?.  Today the internet offers the opportunity to access to any information, to correspond with someone who has an e-mail account, or.

WHAT IS INTERNET?.  Today the internet offers the opportunity to access to any information, to correspond with someone who has an account, or.
Week-6 (Lecture-1) Publishing and Browsing the Web: Publishing: 1. upload the following items on the web Google documents Spreadsheets Presentations drawings.

Week-6 (Lecture-1) Publishing and Browsing the Web: Publishing: 1. upload the following items on the web Google documents Spreadsheets Presentations drawings.
ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.

ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.
Quality and Reasonable SEO/SMO services www.aaditritechnology.com.

Quality and Reasonable SEO/SMO services
Modern information gathering Dave van Stein 9 april 2009.

Modern information gathering Dave van Stein 9 april 2009.

Similar presentations

Ads by Google