OSINT

[Audio] OSINT Presented by :- KARAN J. MEHTA. IOO.

[Audio] OSINT OSINT stands for OPEN-SOURCE INTELLIGENCE, which refers to any information that can legally be gathered from free, public sources about an individual or organization. In practice, that tends to mean information found on the internet, but technically any public information falls into the category of OSINT whether it’s books or reports in a public library, articles in a newspaper or statements in a press release. OSINT also includes information that can be found in different types of media, too. Though we typically think of it as being text-based, information in images, videos, webinars, public speeches, and conferences all fall under the term..

[Audio] . Interviews, CT News ops CT MEDIA Leaflets, booklets, books Videos, audio recordings TERRORIST'S DELIVERABLE Academic research ARTICLES Journalists NGO OSINT REPORTS Websites, forums INTERNET Social media International agencies Courts and law Governments enforcement.

[Audio] OSINT sources can be divided into the following categories : Media: Newspapers, magazines, TV, and radio. Internet: Websites, blogs, discussion forums, and social media. Public data: Government reports, budgets, conferences, and speeches. Publications: Journals, symposia, research papers, dissertations, and theses. Commercial data: Imagery, financial and industrial assessments, and databases. Grey literature: Technical reports, patents, business documents, unpublished works.

[Audio] Purpose Gathering publicly available sources of information about a particular target an attacker – or friendly penetration tester – can profile a potential victim to better understand its characteristics and to narrow down the search area for possible vulnerabilities. Without actively engaging the target, the attacker can use the intelligence produced to build a threat model and develop a plan of attack. Gathering OSINT on yourself or your business is also a great way to understand what information you are gifting potential attackers. Once you are aware of what kind of intel can be gathered about you from public sources, you can use this to help you or your security team develop better defensive strategies..

[Audio] .

[Audio] OSINT can be used in the following areas: Business Intelligence: Employee background checks, due diligence on clients and competitors, and competitor analysis. Government Intelligence: Products required for military and non-military applications. Individual intelligence: Finding people by name, email, address, and phone number..

[Audio] Some of the most popular OSINT techniques used in cybersecurity are as follows: Collecting employee information like name, job role, and software they use; Reviewing and monitoring search engines like Google, Bing, and Yahoo, etc.; Monitoring blogs and reviewing user activities on digital forums; Identifying social media platforms used by the user or company; Reviewing the content on social media like Facebook, Twitter, or Linkedin, etc.; Accessing cached data from Google to reveal information; Exploring old versions of websites to reveal imperative information; Identifying email addresses and mobile phone numbers;.

[Audio] Searching for photographs and videos on websites like Flickr and Google Photos; Using Google Maps and other imagery sources to retrieve images of the location; Using tools like GeoCreepy to track down geographic location information; Using automated tools such as Spiderfoot to retrieve information; Using popular extensions that include useful sources like the OSINT browser; Exploring DNS Services, domains, subdomains, and IP addresses; Running port scanners against the target company server infrastructure; Using tools to search for internet-connected devices like Shodan;.

[Audio] The Intelligence Process of OSINT. The Intelligence Process of OSINT.

[Audio] IDENTIFYING SOURCE: In the first phase, potential sources are identified from where information can be gathered HARVESTING DATA: In the second phase, information is collected and harvested from different sources. PROCESSING DATA: In the third phase, the harvested information is processed for actionable intelligence. ANALYZING DATA: In the fourth phase, data analysis of the processed information is done using OSINT analysis tools. DELIVERING RESULTS: In the final phase, findings are compiled and shared with the other members of the team..

[Audio] Different Kinds Of OSINT Gathering PASSIVE COLLECTION - This is the most used type when collecting OSINT intelligence, by default most OSINT gathering methods should use passive collection because the main aim of OSINT gathering is to collect information about the target via publicly available resources. SEMI-PASSIVE - More technical in nature, this type of gathering sends internet traffic to target servers in order to acquire general information about them. In this way, you are not implementing in-depth investigation of the target’s online resources, but only investigating lightly without launching any alarm within the group you are investigating..

[Audio] ACTIVE COLLECTION - In this type, you interact directly with the system to gather intelligence about it, but The target can become aware of the reconnaissance process since the person/entity collecting information will use advanced techniques to harvest technical data about the target IT infrastructure such as accessing open ports, scanning vulnerabilities (unpatched Windows systems), scanning web server applications, and more. This traffic will look like suspicious behaviour and will more than likely leave traces on the target’s intrusion detection system (IDS) or intrusion prevention system (IPS)..

[Audio] OSINT Framework Classification The OSINT Framework can be accessed from websites https://osintframework.com/ On the right top corner of the screen, you can find indicators for some of the listed tools. (T) — Indicates a link to a tool that must be installed and run locally (D) — Google Dork (or Google Hacking) (R) — Requires registration (M) — Indicates a URL that contains the search term and the URL itself must be edited manually.

[Audio] Conclusion As you can see, the OSINT architecture encompasses a huge network of topics, linkages, and tools. There are numerous methods for obtaining information on the target; you must choose the best one for you, and you will be amazed at how effective the framework is..