Join Us
Hcon
  • Home
  • Blog
  • HconSTF
    • HconSTF Firebase
    • HconSTF Aquabase
    • HconSTF Docs
    • Contribute
    • Survey
  • Downloads
  • Community
  • Groups
  • About

Leveraging OSINT in Penetration Testing - nullcon mumbai talk sildes

11/5/2012

1 Comment

 
    Hello all,
This are my talk slides at null mumbai on one of the utilization of open source intelligence(OSINT)
it shows how we can use OSINT and explore more attack surface in a pentest.

Download slides
Tools links and some information :

metadata:
FOCA - http://www.informatica64.com/foca.aspx
focaonline - http://www.informatica64.com/foca/
Metagoofil - http://www.edge-security.com/metagoofil.php
exiftool - http://www.sno.phy.queensu.ca/~phil/exiftool/
online exif - regex.info/exif.cgi

image search:   for extracting metadata out of them
http://tineye.com
http://picfog.com
https://twitpic.com/search
http://www.pixsy.com/
http://www.flickr.com/

document resource search:   for extracting metadata out of them
Docstoc - http://www.docstoc.com/
Scribd - http://www.scribd.com/
SlideShare - http://www.slideshare.net/
PDF Search - http://www.pdf-search-engine.com/
Toodoc - http://www.toodoc.com/
google 'filetype:' oprator

metadata removal:
MAT - https://mat.boum.org/
Oometa extractor - https://oometaextractor.codeplex.com/
Doc scrubber - http://www.javacoolsoftware.com/docscrubber.html
openDLP - https://code.google.com/p/opendlp/
myDLP - http://www.mydlp.com/

Tools with plenty of OSINT functions:
netglub - http://www.netglub.org/
maltego - http://www.paterva.com/
HconSTF - http://www.hcon.in/

network related info:
http://serversniff.net/
http://www.robtex.com/
centralops - http://centralops.net/co/

software info:
shodanhq - http://www.shodanhq.com/
netcraft - http://toolbar.netcraft.com/site_report?url=
wappalyzer - http://wappalyzer.com/
meta generator version check - https://addons.mozilla.org/en-US/firefox/addon/meta-generator-version-check/
http://www.1337day.com/webapps

password list generator:
wyd - http://www.remote-exploit.org/content/wyd-0.2.tar.gz
cupp - http://www.remote-exploit.org/content/cupp-3.0.tar.gz
crunch - http://sourceforge.net/projects/crunch-wordlist/
cewl - http://www.digininja.org/projects/cewl.php

email info:   email , username ,people info
theharvester - http://www.edge-security.com/theHarvester.php
esearchy - https://github.com/FreedomCoder/esearchy

dorking tools:   for software info , vulnerability analysis , password
ghdb - http://www.exploit-db.com/google-dorks/
sitedigger - http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx
seat - http://midnightresearch.com/projects/search-engine-assessment-tool/
searchdiggity - http://www.stachliu.com/resources/tools/google-hacking-diggity-project/

user name search:
http://www.checkusernames.com/
http://knowem.com/
www.namechk.com
http://webmii.com/

social networks:
www.facebook.com
www.twitter.com
www.myspace.com

people info:
http://www.123people.com/
http://pipl.com/
http://youropenbook.org/
fbpwn - https://code.google.com/p/fbpwn/

geo location:
http://www.infosniper.net/
http://twittermap.appspot.com
http://www.geobytes.com/iplocator.htm
creepy - http://ilektrojohn.github.com/creepy/

tool having some mixed functions:
passive recon - https://addons.mozilla.org/en-US/firefox/addon/passiverecon/
1 Comment
may keen gyn sr
3/12/2012 12:28:32 pm

thx man. Think i have an idea beta than i had few seconds ago

Reply

Your comment will be posted after it is approved.


Leave a Reply.

Copyright  © Hcon.in 2010-2014

Links | Disclaimer | Contact us