a civilian approach to fight cyberwar

introducing

OSINT

Founder, ClubHack

Mentor, ClubHack Magazine

Awarded as Microsoft Most Valuable Professional 2012 in Enterprise Security.

Advisor eGov - Science & Technology park, DST

Ex- Head of Technology, Commonwealth Game(s)

Shameless Self Promotion

rohit11

Agenda for next 30min

Remember, it can save a lot of pain in future

What is OSINT

Tools & Tricks Case Study

Open Source Intelligence

Nothing to do with Open Source Software though

OSINT: Open Source INTelligence

“Is an information processing

discipline that involves finding,

selecting, and acquiring

information from publicly available

sources and analyzing it to produce

actionable intelligence.”

What is it?

A lo

t o

f in

form

atio

n o

ut

the

re

Sou

rce

s Too much information everywhere !

Cable Gating is not OSINT, its crime. But wiki leaks is a OS info :D

Never Cross boundaries

Tools & Tricks

Again not a rocket science

Too

ls

Maltego

Too

ls

LeakedIn

The primary purpose of leakedin.com is to make visitors aware about the risks of loosing data. This blog just compiles samples of data lost or disclosed on sites like pastebin.com.

Too

ls

LeakedIn

Too

ls

AnonPaste Monitor

Too

ls

Tweeter Monitoring

Too

ls

Facebook Monitoring

Too

ls

http://talkback.volvent.org/items.html

Too

ls

More Tools

Metadata : – Foca , metagoofil , exiftool Online sites : – Shodanhq, Serversniff, netcraft, centralops, FF extensions :– wappalyzer, Passive recon, Our Own Mantra

Too

ls

Nostradamus

Nostradamus Police reports, recorded at the

regional police departments

Mass media articles and other public sources (including the

web)

Communication records

Databases of security services and other law enforcement

authorities

Information from the field on: accidents, incidents, interviews,

etc

Life scan systems

Geographically spread sources of

different types and formats

Too

ls

Nostradamus

Nostradamus A complete, powerful analytical tool

Analysis of Relationships, Graphical visualization of Relationships

Detection of Direct and Hidden networks, patterns, trends

GIS Analysis, Space-Time Analysis

Telephone Call Analysis, Contacts Analysis

GIS enabled Analysis; Movement & Location Analysis

Crime Pattern Analysis, Proactive Analysis

Multi-lingual Phonetic & Semantic Search & Query

Intelligence Accumulation

Completely web-based; includes online & real-time capabilities

Automated data capture. IP, GPRS, SMS enabled

Structured information access privileges

Client side Platform independent. No special requirement w.r.t. the User PC

Efficient operations even with low communication capabilities

Too

ls

Nostradamus

Nostradamus Criminal Intelligence Analytical System

Case Study

“Lord of Dharamaraja”

Lord

s o

f D

har

mar

aja

Lord

s o

f D

har

mar

aja

If we have the will...

Thanks

rohit@clubhack.com +91-92-CLUBHACK