3. OSINT – Open Source
INTelligence
â—Ź It is NOT related to open source software
â—Ź It is NOT related to open source licenses
â—Ź It is NOT related to artificial intelligence
4. What Is OSINT ?
Wikipedia :
“Open-source intelligence (OSINT) is a
form of intelligence collection management
that involves finding, selecting, and
acquiring information from publicly
available sources and analyzing it to
produce actionable intelligence”
5. What is OSINT ?
Publicly available information
Select / Collecting and storing it
Analysis and relating and filtering it
More target specific information
ATTACKS
13. Some things to consider
â—Ź Passive (most of it)
â—Ź Legally provides much larger and wider
view towards the target company / person
â—Ź Uncovers more attack surface
â—Ź Narrow downs many attack vectors
â—Ź Helps when you don't have 0days
â—Ź More specific social engineering attack
vector can be crafted
â—Ź Helps in other steps in a pentest
14. Leveraging OSINT
â—Ź Reconnaissance
â—Ź Vulnerability analysis
â—Ź Privilege escalation
â—Ź Social engineering/ profiling people
15. Reconnaissance
â—Ź We can have information like
– OS
– IP
– Software / Versions
– Geo location
22. Social engineering
/ profiling people
â—Ź All kind of personal and professional info
– Names - dob
– Residence address
– Phone no.
– Emails
– Close associates / friends
– Interest / hobbies
– Pictures
23. From ?
â—Ź People lookup databases
â—Ź Social networks
â—Ź Local yellow pages
â—Ź Mtnl / bsnl tele. Dir
â—Ź Public mobile info. services
25. â—Ź Email addresses
â—Ź Phone numbers
â—Ź User names / password
â—Ź OS info
â—Ź IP info
â—Ź Softwares / version
â—Ź Geo location
â—Ź Personal details
â—Ź vulnerabilities