Cybersecurity - One Byte at a Time
Only Amateurs attack machines, Professionals target PEOPLE
- Information Security is BIG
- How do we start?
- How do we learn?
- Leveraging our existing tools
- Positioning ourselves
Think Like a Hacker!Passive (and Semi-Passive) Reconnaissance
|
|
Common Passive Recon Activities
- Identifying IP Addresses and Sub-domains
- Identifying External/3rd Party sites
- Identifying People
- Identifying Technologies
- Identifying Content of Interest
- Identifying Vulnerabilities
WHOIS
Names, numbers, pretexting, phishing, social engineering, trolling
|
Page Source Code
Coders leave all kinds of notes
|
Google Search
|
PING, NSLOOKUP and TRACERT
There will be a 'Ping' assignment for homework. Check your inbox later.
|
Other Methods
The WayBack Machine |
Maltego |
NetCraft |
JOB SEARCHES!What a job search can reveal to the Hacker
|
|
You're too kind!
What does this job search data reveal?
|
|
The tip of the Iceberg...
Company Website - Identifying People
Third Party Data Repositories
Social Media - Message Boards and User Forums
Document Metadata
People Search Sites
Financials (SEC databases)
Look for Signatures (Powered by Drupal or WordPress)
Publically posted password policies
Technologies revealed in the website - 'for tips on installing Avast click here'
Wappalyzer (reveals technologies used on a website)
Document Searches (site:<target_site> filetype:xls intitle:inventory)
Look for webportals, admin consoles, webmail
Password reset hints
Database dump files and user password files
Third Party Data Repositories
Social Media - Message Boards and User Forums
Document Metadata
People Search Sites
Financials (SEC databases)
Look for Signatures (Powered by Drupal or WordPress)
Publically posted password policies
Technologies revealed in the website - 'for tips on installing Avast click here'
Wappalyzer (reveals technologies used on a website)
Document Searches (site:<target_site> filetype:xls intitle:inventory)
Look for webportals, admin consoles, webmail
Password reset hints
Database dump files and user password files
Think like a hacker
Hopefully this tutorial has demonstrated some of the ways in which passive reconnaissance can be used to understand how an attackers sees the network