Upload
c0c0n-international-cyber-security-and-policing-conference
View
2.102
Download
6
Embed Size (px)
DESCRIPTION
OSINT - Open Source Intelligence by Rohit Srivastwa at c0c0n - International Cyber Security and Policing Conference http://is-ra.org/c0c0n/speakers.htm
Citation preview
a civilian approach to fight cyberwar
introducing
OSINT
Founder, ClubHack
Mentor, ClubHack Magazine
Awarded as Microsoft Most Valuable Professional 2012 in Enterprise Security.
Advisor eGov - Science & Technology park, DST
Ex- Head of Technology, Commonwealth Game(s)
Shameless Self Promotion
rohit11
Agenda for next 30min
Remember, it can save a lot of pain in future
What is OSINT
Tools & Tricks Case Study
Open Source Intelligence
Nothing to do with Open Source Software though
OSINT: Open Source INTelligence
“Is an information processing
discipline that involves finding,
selecting, and acquiring
information from publicly available
sources and analyzing it to produce
actionable intelligence.”
What is it?
A lo
t o
f in
form
atio
n o
ut
the
re
Sou
rce
s Too much information everywhere !
Cable Gating is not OSINT, its crime. But wiki leaks is a OS info :D
Never Cross boundaries
Tools & Tricks
Again not a rocket science
Too
ls
Maltego
Too
ls
LeakedIn
The primary purpose of leakedin.com is to make visitors aware about the risks of loosing data. This blog just compiles samples of data lost or disclosed on sites like pastebin.com.
Too
ls
LeakedIn
Too
ls
AnonPaste Monitor
Too
ls
Tweeter Monitoring
Too
ls
Facebook Monitoring
Too
ls
http://talkback.volvent.org/items.html
Too
ls
More Tools
Metadata : – Foca , metagoofil , exiftool Online sites : – Shodanhq, Serversniff, netcraft, centralops, FF extensions :– wappalyzer, Passive recon, Our Own Mantra
Too
ls
Nostradamus
Nostradamus Police reports, recorded at the
regional police departments
Mass media articles and other public sources (including the
web)
Communication records
Databases of security services and other law enforcement
authorities
Information from the field on: accidents, incidents, interviews,
etc
Life scan systems
Geographically spread sources of
different types and formats
Too
ls
Nostradamus
Nostradamus A complete, powerful analytical tool
Analysis of Relationships, Graphical visualization of Relationships
Detection of Direct and Hidden networks, patterns, trends
GIS Analysis, Space-Time Analysis
Telephone Call Analysis, Contacts Analysis
GIS enabled Analysis; Movement & Location Analysis
Crime Pattern Analysis, Proactive Analysis
Multi-lingual Phonetic & Semantic Search & Query
Intelligence Accumulation
Completely web-based; includes online & real-time capabilities
Automated data capture. IP, GPRS, SMS enabled
Structured information access privileges
Client side Platform independent. No special requirement w.r.t. the User PC
Efficient operations even with low communication capabilities
Too
ls
Nostradamus
Nostradamus Criminal Intelligence Analytical System
Case Study
“Lord of Dharamaraja”
Lord
s o
f D
har
mar
aja
Lord
s o
f D
har
mar
aja
If we have the will...
Thanks
[email protected] +91-92-CLUBHACK