osint tools for security auditing
play

OSINT tools for security auditing Open Source Intelligence with - PowerPoint PPT Presentation

Sep 27, 2023 •119 likes •743 views

OSINT tools for security auditing Open Source Intelligence with python tools Jos Manuel Ortega @jmortegac http://jmortega.github.io https://github.com/jmortega/osint_tools_security_auditing Agenda OSINT introduction Server

  1. OSINT tools for security auditing Open Source Intelligence with python tools José Manuel Ortega @jmortegac

  2. http://jmortega.github.io

  3. https://github.com/jmortega/osint_tools_security_auditing

  4. Agenda ▪ OSINT introduction ▪ Server information(Censys,Shodan) ▪ OSINT tools developed with python ▪ Geolocation,Metadata ▪ Twitter,Footprinting,FullContact

  5. OSINT ▪ Define a specific target and data you wish to obtain ▪ Technical-Accounts,servers,services,software ▪ Social-Social Media,Email,Photos ▪ Physical-Address,Home IP address,Footprinting ▪ Logical-Network,Operational intelligence

  6. OSINT ▪ GeoLocation ▪ IP address ▪ Email address ▪ Telephone Number ▪ Usernames in social network profiles ▪ Metadata information from images ▪ Server information & vulnerabilities

  7. Censys.io

  8. Censys.io https://www.censys.io/api/v1/view/ipv4/ip_address ▪ https://www.censys.io/api/v1/view/websites/domain ▪

  9. Censys.io

  10. Shodan

  11. Shodan

  12. Shodan

  13. Shodan ▪ Checking data with ip address ▪ https://www.shodan.io/host/31.22.22.135

  14. Shodan CVE vulns

  15. Shodan Developer API https://developer.shodan.io/api

  16. Recon-ng ▪ https://bitbucket.org/LaNMaSteR53/recon-ng ▪ Open Source OSINT toolkit written in python ▪ Actively maintained ▪ Uses modules and saves all recollected information in databases

  17. Recon-ng dependences ▪ dnspython - http://www.dnspython.org/ ▪ dicttoxml - https://github.com/quandyfactory/dicttoxml/ ▪ jsonrpclib - https://github.com/joshmarshall/jsonrpclib/ ▪ lxml - http://lxml.de/ ▪ slowaes - https://code.google.com/p/slowaes/ ▪ XlsxWriter - https://github.com/jmcnamara/XlsxWriter/ ▪ Mechanize ▪ PyPDF2 ▪ sqlite3

  18. Recon-ng modules

  19. Recon-ng modules

  20. Recon-ng modules

  21. Recon-ng subdomains

  22. Recon-ng Shodan API

  23. The harvester ▪ https://github.com/laramies/theHarvester

  24. The harvester modules

  25. Python modules ▪ httplib ▪ socket ▪ requests ▪ shodan

  26. The harvester

  27. OSR framework ▪ pip install osrframework ▪ Developed in python 2.7 ▪ Integrates with maltego transforms ▪ https://pypi.python.org/pypi/osrframework/0.13.2 ▪ https://github.com/i3visio/osrframework

  28. OSR python modules ▪ BeautifulSoup ▪ Requests ▪ Mechanize ▪ pyDNS →resolving name servers ▪ python-whois →to recover the whois info from a domain ▪ tweepy →for connecting with Twitter API ▪ Skype4Py → for connecting with Skype API ▪ Python-emailahoy →for checking email address ▪ Multiprocessing →import Process, Queue, Pool

  29. OSR python scripts

  30. OSR python scripts

  31. OSR python scripts

  32. OSR python scripts

  33. SpiderFoot-modules ▪ Python 2.7 ▪ BeautifulSoup ▪ DNSPython ▪ Socks ▪ Socket ▪ SSL ▪ CherryPy ▪ M2MCrypto ▪ Netaddr ▪ pyPDF

  34. SpiderFoot-data sources

  35. SpiderFoot-Results

  36. SpiderFoot-Results

  37. Github repositories

  38. Github repositories

  39. Extract Metadata ▪ PDF→PyPDF2,PDFMiner ▪ Images→Pillow,pyexiv2(python 2.7),gexiv2(python 3)

  40. GeoLocation http://dev.maxmind.com/geoip/geoip2/geolite2/ import geoip2 import geoip2.database

  41. FootPrinting tools ▪ Orb(Python 2.x) • https://github.com/epsylon/orb • python-whois - Python module for retrieving WHOIS information • python-dnspython - DNS toolkit for Python • python-nmap - Python interface to the Nmap port scanner • InstaRecon(Python 2.x) • https://github.com/vergl4s/instarecon • Dnspython,ipaddress • ipwhois,python-whois • requests,shodan

  42. InstaRecon

  43. InstaRecon

  44. Python modules ▪ BeautifulSoup for parsing web information ▪ Requests,urllib3 for synchronous requests ▪ Asyncio,aiohttp for asynchronous requests ▪ Robobrowser,Scrapy for web crawling ▪ PyGeoIP,geoip2,geojson for GeoLocation ▪ python-twitter,tweepy for connecting with twitter ▪ Shodan for obtain information for servers ▪ DNSPython,netaddr for resolving ip address

  45. Wig-WebApp Information gatherer

  46. Wig-WebApp Information gatherer https://github.com/jekyc/wig

  47. Tinfoleak-fosdem python tinfoleak.py -u fosdem -i -s --sdate 2016-01-01 --hashtags --mentions --meta --media media --social --top 10 --conv -o report.html

  48. Tinfoleak-python dependences ▪ import tweepy→ Twitter API library for Python ▪ from PIL import Image, ExifTags, ImageCms→ metadata from images ▪ import pyexiv2→ metadata from images ▪ import urllib2→ requests ▪ from OpenSSL import SSL ▪ from jinja2 import Template, Environment, FileSystemLoader→ report

  49. Tinfoleak-parameters

  50. Tinfoleak

  51. Tinfoleak-get auth configuration

  52. Tinfoleak-Geolocation

  53. Tinfoleak-Geolocation

  54. FullContact API ▪ We know we have a valid email address ▪ What other profiles are associated with this address? ▪ Go to fullcontact.com for an API key…..

  55. FullContact API

  56. FullContact API

  57. FullContact API

  58. FullContact API

  59. Kali Linux

  60. References ▪ http://osintframework.com ▪ https://sourceforge.net/projects/spiderfoot ▪ http://www.edge-security.com/theharvester.php ▪ https://developer.shodan.io/api ▪ http://www.clips.ua.ac.be/pattern ▪ http://www.pentest-standard.org/index.php/PTES_Technic al_Guidelines#OSINT ▪ http://www.vicenteaguileradiaz.com/tools ▪ https://github.com/automatingosint/osint_public ▪ http://www.automatingosint.com/blog/

  61. Books

  62. AMSTERDAM 9-12 MAY 2016 Thanks! @jmortegac

Recommend

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL V3, CCNA, CCNP, CASP, PCI-DSS, BSC-IT Lead Security Researcher @ Netwatch Technologies Project Consultant, Information Security Architects Ltd

454 views • 17 slides
Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1

Auditing Chapter 25 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 25-1 Outline Overview What is auditing? What does an audit system look like? How do you design an auditing system? Auditing mechanisms

1.4k views • 88 slides
Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of

Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of

Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of Cyber Operations KnowBe4, Inc. The worlds most popular integrated Security Awareness Training and Simulated Phishing platform Based

296 views • 25 slides
Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December 2017 OSINT OSINT Google Search VAT numbers OSINT Payments by Ministry of Interior due to transparency law n33/2013 OSINT Google

399 views • 36 slides
Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown Akamai

Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown Akamai

Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown Akamai Technologies Security Architecture * Law Enforcement Engagement * Systems Safety * Threat Intelligence * Security Research - Novel Attack

1.76k views • 140 slides
Security Audit Principles and Practices Logging and auditing are two of the most unpleasant

Security Audit Principles and Practices Logging and auditing are two of the most unpleasant

Security Audit Principles and Practices Logging and auditing are two of the most unpleasant chores facing information security professionals. Chapter 11 tedious, time-consuming, boring Lecturer: Pei-yih Ting 1 Overview Configuring Logging

401 views • 7 slides
Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst

Remarks on Auditing, Regulatory Auditing and Regulatory Auditing Strategy Prof. Dr. Horst Frankenberger University of Applied Sciences Lbeck SG 4: Auditing - Lbeck 16.09.2002 1 Remarks on Auditing, Regulatory Auditing and Regulatory

305 views • 16 slides
Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg

Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg

Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg What is OSINT? Used by Law Enforcement Used by the ARMY Used by Private Investigators Used by Sourcers MAINLY ONLINE, mainly

610 views • 14 slides
Lazy-Mode RF OSINT and Reverse Engineering Marc Newlin | @marcnewlin | TROOPERS18 $(whoami)

Lazy-Mode RF OSINT and Reverse Engineering Marc Newlin | @marcnewlin | TROOPERS18 $(whoami)

Lazy-Mode RF OSINT and Reverse Engineering Marc Newlin | @marcnewlin | TROOPERS18 $(whoami) Red Team @ Snap Former Wireless Security Researcher @ Bastille Networks Wireless CVEs in products from 21 vendors Radios

755 views • 64 slides
Cyber@UC Meeting 64 Wireless Auditing and Monitoring Tools If Youre New! Join our Slack:

Cyber@UC Meeting 64 Wireless Auditing and Monitoring Tools If Youre New! Join our Slack:

Cyber@UC Meeting 64 Wireless Auditing and Monitoring Tools If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees:

503 views • 15 slides
Auditing hooks and security transparency for CPython Steve Dower, Christian Heimes EuroPython

Auditing hooks and security transparency for CPython Steve Dower, Christian Heimes EuroPython

Auditing hooks and security transparency for CPython Steve Dower, Christian Heimes EuroPython 2019, Basel, Switzerland Auditing Hooks and Security Transparency for Python Why is SkelSec so sad? @zooba @christianheimes EuroPython 2019, Basel -

845 views • 55 slides
Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby,

Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby,

Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby, Keith Winstein, Philip Levis, Dan Boneh Stanford University Auditing Standard Devices MITM Used for: security audit automated exfiltration

971 views • 64 slides
Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J.

Hands-On Network Security: Practical Tools & Methods Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Hands-On Network Security Module 1 Fundamental Tools Roadmap Review of generally useful tools

592 views • 35 slides
WAN HACKING with AutoHack - auditing security behind the firewall Alec Muffett Network Security

WAN HACKING with AutoHack - auditing security behind the firewall Alec Muffett Network Security

WAN-Hacking with AutoHack - Alec Muffett, USENIX Security Symposium 95 WAN HACKING with AutoHack - auditing security behind the firewall Alec Muffett Network Security Group Sun Microsystems Alec.Muffett@UK.Sun.COM alec@hicom.org

651 views • 9 slides
MSRPC Auditing Tools and Techniques DeepSec 2007 Aaron Portnoy 1 Cody Pierce 2 1

MSRPC Auditing Tools and Techniques DeepSec 2007 Aaron Portnoy 1 Cody Pierce 2 1

Background MSRPC RPC Tools What Weve Done Examples Questions MSRPC Auditing Tools and Techniques DeepSec 2007 Aaron Portnoy 1 Cody Pierce 2 1 aportnoy@tippingpoint.com 2 cpierce@tippingpoint.com DeepSec Fall 2007 Portnoy, Pierce MSRPC

779 views • 30 slides
My User-experience and Understanding of OSINT and Private Intelligence Agency as

My User-experience and Understanding of OSINT and Private Intelligence Agency as

My User-experience and Understanding of OSINT and Private Intelligence Agency as Fresh Intelligence Analyst Presented by Animus CHOW Chun Pong REVLUN 19 Before I joined the Industry Brief Outlook of My Background, My Skills,

429 views • 27 slides
Cyber Crime & OSINT Will your business be victorious or a victim? Dr Stephen Hill

Cyber Crime & OSINT Will your business be victorious or a victim? Dr Stephen Hill

Cyber Crime & OSINT Will your business be victorious or a victim? Dr Stephen Hill drshill@gmx.co.uk We believe that data is the phenomenon of our time. It is the worlds new natural resource. It is the new basis of competitive advantage,

676 views • 51 slides
Tools for Security Physical security Access control Encryption Authentication

Tools for Security Physical security Access control Encryption Authentication

Tools for Security Physical security Access control Encryption Authentication Encapsulation Intrusion detection Common sense Lecture 2 Page 1 CS 236 Online Physical Security Lock up your computer Actually,

465 views • 35 slides
THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with

THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with

16/11/2012 THE AUDITING OF SOCIAL ACCOUNTS SOME GENERAL CONSIDERATIONS INDEPENDENT AUDITING (with certification) OF SOCIAL ACCOUNTS A DEBATE (CONSIDERING IN THIS CASE ONLY ITALY): A) ONLY VOLUNTARY B) COMPULSORY BY LAW 1

322 views • 7 slides
Tools Google, et. al. Also, Ive tended to focus on Windows-based tools (with some mention

Tools Google, et. al. Also, Ive tended to focus on Windows-based tools (with some mention

Tools Here is a list of potentially useful tools and utilities with Computer Security which to fight the onslaught of viruses, worms, Trojan horses, and other malware. Dont consider it in any way a complete list! There are lots of

1.16k views • 9 slides
Security Principles, Policies, and Tools CS 236 On-Line MS Program Networks and Systems

Security Principles, Policies, and Tools CS 236 On-Line MS Program Networks and Systems

Security Principles, Policies, and Tools CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 2 Page 1 CS 236 Online Outline Security design principles Security policies Basic concepts Security

419 views • 12 slides
OSINT is the next Internet goldmine: Spain as an unexplored territory Javier Pastor Galindo

OSINT is the next Internet goldmine: Spain as an unexplored territory Javier Pastor Galindo

OSINT is the next Internet goldmine: Spain as an unexplored territory Javier Pastor Galindo Pantaleone Nespoli Flix Gmez Mrmol Gregorio Martnez Prez V Jornadas Nacionales de Investigacin en Ciberseguridad Contents Open Source

912 views • 13 slides
Auditing in the Public Interest Auditing in the Public Interest Victorian Government

Auditing in the Public Interest Auditing in the Public Interest Victorian Government

Victorian Auditor-Generals Office Auditing in the Public Interest Auditing in the Public Interest Victorian Government Solicitors Office Seminar 30 May 2007 Des Pearson - Auditor-General 1 Auditing in the Public Interest Personal

352 views • 20 slides
INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing

INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing

INNOVATIVE SOLUTIONS MEETING EXPECTATIONS Locations & Projects Auditing Auditing and assurance plays a crucial part of ensuring the safety and integrity of any diving system as well as ensuring safe and efficient diving

185 views • 14 slides

More recommend