osint tools for security auditing
play

OSINT tools for security auditing Open Source Intelligence with - PowerPoint PPT Presentation

Sep 27, 2023 •119 likes •743 views

OSINT tools for security auditing Open Source Intelligence with python tools Jos Manuel Ortega @jmortegac http://jmortega.github.io https://github.com/jmortega/osint_tools_security_auditing Agenda OSINT introduction Server

  1. OSINT tools for security auditing Open Source Intelligence with python tools José Manuel Ortega @jmortegac

  2. http://jmortega.github.io

  3. https://github.com/jmortega/osint_tools_security_auditing

  4. Agenda ▪ OSINT introduction ▪ Server information(Censys,Shodan) ▪ OSINT tools developed with python ▪ Geolocation,Metadata ▪ Twitter,Footprinting,FullContact

  5. OSINT ▪ Define a specific target and data you wish to obtain ▪ Technical-Accounts,servers,services,software ▪ Social-Social Media,Email,Photos ▪ Physical-Address,Home IP address,Footprinting ▪ Logical-Network,Operational intelligence

  6. OSINT ▪ GeoLocation ▪ IP address ▪ Email address ▪ Telephone Number ▪ Usernames in social network profiles ▪ Metadata information from images ▪ Server information & vulnerabilities

  7. Censys.io

  8. Censys.io https://www.censys.io/api/v1/view/ipv4/ip_address ▪ https://www.censys.io/api/v1/view/websites/domain ▪

  9. Censys.io

  10. Shodan

  11. Shodan

  12. Shodan

  13. Shodan ▪ Checking data with ip address ▪ https://www.shodan.io/host/31.22.22.135

  14. Shodan CVE vulns

  15. Shodan Developer API https://developer.shodan.io/api

  16. Recon-ng ▪ https://bitbucket.org/LaNMaSteR53/recon-ng ▪ Open Source OSINT toolkit written in python ▪ Actively maintained ▪ Uses modules and saves all recollected information in databases

  17. Recon-ng dependences ▪ dnspython - http://www.dnspython.org/ ▪ dicttoxml - https://github.com/quandyfactory/dicttoxml/ ▪ jsonrpclib - https://github.com/joshmarshall/jsonrpclib/ ▪ lxml - http://lxml.de/ ▪ slowaes - https://code.google.com/p/slowaes/ ▪ XlsxWriter - https://github.com/jmcnamara/XlsxWriter/ ▪ Mechanize ▪ PyPDF2 ▪ sqlite3

  18. Recon-ng modules

  19. Recon-ng modules

  20. Recon-ng modules

  21. Recon-ng subdomains

  22. Recon-ng Shodan API

  23. The harvester ▪ https://github.com/laramies/theHarvester

  24. The harvester modules

  25. Python modules ▪ httplib ▪ socket ▪ requests ▪ shodan

  26. The harvester

  27. OSR framework ▪ pip install osrframework ▪ Developed in python 2.7 ▪ Integrates with maltego transforms ▪ https://pypi.python.org/pypi/osrframework/0.13.2 ▪ https://github.com/i3visio/osrframework

  28. OSR python modules ▪ BeautifulSoup ▪ Requests ▪ Mechanize ▪ pyDNS →resolving name servers ▪ python-whois →to recover the whois info from a domain ▪ tweepy →for connecting with Twitter API ▪ Skype4Py → for connecting with Skype API ▪ Python-emailahoy →for checking email address ▪ Multiprocessing →import Process, Queue, Pool

  29. OSR python scripts

  30. OSR python scripts

  31. OSR python scripts

  32. OSR python scripts

  33. SpiderFoot-modules ▪ Python 2.7 ▪ BeautifulSoup ▪ DNSPython ▪ Socks ▪ Socket ▪ SSL ▪ CherryPy ▪ M2MCrypto ▪ Netaddr ▪ pyPDF

  34. SpiderFoot-data sources

  35. SpiderFoot-Results

  36. SpiderFoot-Results

  37. Github repositories

  38. Github repositories

  39. Extract Metadata ▪ PDF→PyPDF2,PDFMiner ▪ Images→Pillow,pyexiv2(python 2.7),gexiv2(python 3)

  40. GeoLocation http://dev.maxmind.com/geoip/geoip2/geolite2/ import geoip2 import geoip2.database

  41. FootPrinting tools ▪ Orb(Python 2.x) • https://github.com/epsylon/orb • python-whois - Python module for retrieving WHOIS information • python-dnspython - DNS toolkit for Python • python-nmap - Python interface to the Nmap port scanner • InstaRecon(Python 2.x) • https://github.com/vergl4s/instarecon • Dnspython,ipaddress • ipwhois,python-whois • requests,shodan

  42. InstaRecon

  43. InstaRecon

  44. Python modules ▪ BeautifulSoup for parsing web information ▪ Requests,urllib3 for synchronous requests ▪ Asyncio,aiohttp for asynchronous requests ▪ Robobrowser,Scrapy for web crawling ▪ PyGeoIP,geoip2,geojson for GeoLocation ▪ python-twitter,tweepy for connecting with twitter ▪ Shodan for obtain information for servers ▪ DNSPython,netaddr for resolving ip address

  45. Wig-WebApp Information gatherer

  46. Wig-WebApp Information gatherer https://github.com/jekyc/wig

  47. Tinfoleak-fosdem python tinfoleak.py -u fosdem -i -s --sdate 2016-01-01 --hashtags --mentions --meta --media media --social --top 10 --conv -o report.html

  48. Tinfoleak-python dependences ▪ import tweepy→ Twitter API library for Python ▪ from PIL import Image, ExifTags, ImageCms→ metadata from images ▪ import pyexiv2→ metadata from images ▪ import urllib2→ requests ▪ from OpenSSL import SSL ▪ from jinja2 import Template, Environment, FileSystemLoader→ report

  49. Tinfoleak-parameters

  50. Tinfoleak

  51. Tinfoleak-get auth configuration

  52. Tinfoleak-Geolocation

  53. Tinfoleak-Geolocation

  54. FullContact API ▪ We know we have a valid email address ▪ What other profiles are associated with this address? ▪ Go to fullcontact.com for an API key…..

  55. FullContact API

  56. FullContact API

  57. FullContact API

  58. FullContact API

  59. Kali Linux

  60. References ▪ http://osintframework.com ▪ https://sourceforge.net/projects/spiderfoot ▪ http://www.edge-security.com/theharvester.php ▪ https://developer.shodan.io/api ▪ http://www.clips.ua.ac.be/pattern ▪ http://www.pentest-standard.org/index.php/PTES_Technic al_Guidelines#OSINT ▪ http://www.vicenteaguileradiaz.com/tools ▪ https://github.com/automatingosint/osint_public ▪ http://www.automatingosint.com/blog/

  61. Books

  62. AMSTERDAM 9-12 MAY 2016 Thanks! @jmortegac

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL V3, CCNA, CCNP, CASP, PCI-DSS, BSC-IT Lead Security Researcher @ Netwatch Technologies Project Consultant, Information Security Architects Ltd

454 views • 17 slides
Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1 Outline Overview What is auditing? What does an audit system look like? How do you design an auditing system? Auditing mechanisms

1.4k views • 88 slides
Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of

Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of

Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of Cyber Operations KnowBe4, Inc. The worlds most popular integrated Security Awareness Training and Simulated Phishing platform Based

296 views • 25 slides
Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December 2017 OSINT OSINT Google Search VAT numbers OSINT Payments by Ministry of Interior due to transparency law n33/2013 OSINT Google

399 views • 36 slides
Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown Akamai

Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown Akamai

Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown Akamai Technologies Security Architecture * Law Enforcement Engagement * Systems Safety * Threat Intelligence * Security Research - Novel Attack

1.76k views • 140 slides
Security Audit Principles and Practices Logging and auditing are two of the most unpleasant

Security Audit Principles and Practices Logging and auditing are two of the most unpleasant

Security Audit Principles and Practices Logging and auditing are two of the most unpleasant chores facing information security professionals. Chapter 11 tedious, time-consuming, boring Lecturer: Pei-yih Ting 1 Overview Configuring Logging

401 views • 7 slides
Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst Frankenberger University of Applied Sciences Lbeck SG 4: Auditing - Lbeck 16.09.2002 1 Remarks on Auditing, Regulatory Auditing and Regulatory

305 views • 16 slides
Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg

Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg

Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg What is OSINT? Used by Law Enforcement Used by the ARMY Used by Private Investigators Used by Sourcers MAINLY ONLINE, mainly

610 views • 14 slides
Lazy-Mode RF OSINT and Reverse Engineering Marc Newlin | @marcnewlin | TROOPERS18 $(whoami)

Lazy-Mode RF OSINT and Reverse Engineering Marc Newlin | @marcnewlin | TROOPERS18 $(whoami)

Lazy-Mode RF OSINT and Reverse Engineering Marc Newlin | @marcnewlin | TROOPERS18 $(whoami) Red Team @ Snap Former Wireless Security Researcher @ Bastille Networks Wireless CVEs in products from 21 vendors Radios

755 views • 64 slides
Cyber@UC Meeting 64 Wireless Auditing and Monitoring Tools If Youre New! Join our Slack:

Cyber@UC Meeting 64 Wireless Auditing and Monitoring Tools If Youre New! Join our Slack:

Cyber@UC Meeting 64 Wireless Auditing and Monitoring Tools If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees:

503 views • 15 slides
Auditing hooks and security transparency for CPython Steve Dower, Christian Heimes EuroPython

Auditing hooks and security transparency for CPython Steve Dower, Christian Heimes EuroPython

Auditing hooks and security transparency for CPython Steve Dower, Christian Heimes EuroPython 2019, Basel, Switzerland Auditing Hooks and Security Transparency for Python Why is SkelSec so sad? @zooba @christianheimes EuroPython 2019, Basel -

845 views • 55 slides
Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby,

Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby,

Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby, Keith Winstein, Philip Levis, Dan Boneh Stanford University Auditing Standard Devices MITM Used for: security audit automated exfiltration

971 views • 64 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 1 Fundamental Tools Roadmap Review of generally useful tools

592 views • 35 slides
WAN HACKING with AutoHack - auditing security behind the firewall Alec Muffett Network Security

WAN HACKING with AutoHack - auditing security behind the firewall Alec Muffett Network Security

WAN-Hacking with AutoHack - Alec Muffett, USENIX Security Symposium 95 WAN HACKING with AutoHack - auditing security behind the firewall Alec Muffett Network Security Group Sun Microsystems Alec.Muffett@UK.Sun.COM alec@hicom.org

651 views • 9 slides
MSRPC Auditing Tools and Techniques DeepSec 2007 Aaron Portnoy 1 Cody Pierce 2 1

MSRPC Auditing Tools and Techniques DeepSec 2007 Aaron Portnoy 1 Cody Pierce 2 1

Background MSRPC RPC Tools What Weve Done Examples Questions MSRPC Auditing Tools and Techniques DeepSec 2007 Aaron Portnoy 1 Cody Pierce 2 1 aportnoy@tippingpoint.com 2 cpierce@tippingpoint.com DeepSec Fall 2007 Portnoy, Pierce MSRPC

779 views • 30 slides
My User-experience and Understanding of OSINT and Private Intelligence Agency as

My User-experience and Understanding of OSINT and Private Intelligence Agency as

My User-experience and Understanding of OSINT and Private Intelligence Agency as Fresh Intelligence Analyst Presented by Animus CHOW Chun Pong REVLUN 19 Before I joined the Industry Brief Outlook of My Background, My Skills,

429 views • 27 slides
Longtime Behavior of Harvesting Spam Bots Oliver Hohlfeld TU Berlin / DT Labs Thomas Graf

Longtime Behavior of Harvesting Spam Bots Oliver Hohlfeld TU Berlin / DT Labs Thomas Graf

Longtime Behavior of Harvesting Spam Bots Oliver Hohlfeld TU Berlin / DT Labs Thomas Graf Florin Ciucu Modas GmbH TU Berlin / DT Labs Oliver Hohlfeld (TU Berlin / DT Labs) Longtime Behavior of Harvesting Spam Bots IMC12 1 / 10 Image

870 views • 43 slides
MCC assignment info Slides will be available in Noppa Assignment assistants: Rasmus Eskola

MCC assignment info Slides will be available in Noppa Assignment assistants: Rasmus Eskola

MCC assignment info Slides will be available in Noppa Assignment assistants: Rasmus Eskola (phases 1-2) Teemu Kmrinen (phase 3) Structure of the lecture We will discuss important tools for completing the assignment. Overview of the

1.03k views • 17 slides
End-to-end LSTM-based dialog control optimized with supervised and reinforcement learning

End-to-end LSTM-based dialog control optimized with supervised and reinforcement learning

End-to-end LSTM-based dialog control optimized with supervised and reinforcement learning Authors: Jason D. Williams and Geoffrey Zweig Speaker: Hamidreza Shahidi Outline Introduction Model description Optimizing with

388 views • 28 slides
Persistence CS 442: Mobile App Development Michael Saelee <lee@iit.edu> Things to persist

Persistence CS 442: Mobile App Development Michael Saelee <lee@iit.edu> Things to persist

Persistence CS 442: Mobile App Development Michael Saelee <lee@iit.edu> Things to persist - Application settings - Application state - Model data - Model relationships Persistence options - User defaults - Property lists serialization

1.48k views • 99 slides
EECS 373 Design of Microprocessor-Based Systems

EECS 373 Design of Microprocessor-Based Systems

EECS 373 Design of Microprocessor-Based Systems http://web.eecs.umich.edu/~prabal/teaching/eecs373 Prabal Dutta University of Michigan Lecture 1: Introduction September 2, 2014 1 What is an embedded system? 2 3 Embedded, Everywhere 4

796 views • 60 slides
1 T ype of F e de r al Assistanc e No n-c a sh Co o pe rative Gra nts c o ntrib utio ns/

1 T ype of F e de r al Assistanc e No n-c a sh Co o pe rative Gra nts c o ntrib utio ns/

What is a Single Audit? Pr e se nte d by: Ce nte r for Audit E xc e lle nc e Age nda Wha t is a sing le a udit? Whe n is a sing le audit ne e de d? What are my re spo nsib ilitie s as an audite e ? Wha t a re a udito rs lo o king fo

394 views • 7 slides
Academic Video projects in the Netherlands TF-Media, Athens, March 18-19, 2010 GRNET Workshop on

Academic Video projects in the Netherlands TF-Media, Athens, March 18-19, 2010 GRNET Workshop on

Frans Ward Academic Video projects in the Netherlands TF-Media, Athens, March 18-19, 2010 GRNET Workshop on Academic Media Casting ` Agenda Academic Video 15 min. About SURFnet projects SURFnet Services in the Netherlands SURFnet Video

929 views • 72 slides
Powering and Solar Energy Ermanno Pietrosemoli 1 Goals Examine some of the alternative

Powering and Solar Energy Ermanno Pietrosemoli 1 Goals Examine some of the alternative

Joint ICTP-IAEA School on LoRa Enabled Radiation and Environmental Monitoring Sensors ICTP, Trieste - Italy April 23 - May 11, 2018 Powering and Solar Energy Ermanno Pietrosemoli 1 Goals Examine some of the alternative energy sources

1.35k views • 48 slides

More recommend