1 00:00:01,910 --> 00:00:10,490 Understanding passive information gathering, passive information gathering is when you lose an indirect 2 00:00:10,490 --> 00:00:13,490 approach to obtain information about your target. 3 00:00:13,910 --> 00:00:21,800 This method obtains information that's publicly available from many sources to eliminating direct contact 4 00:00:21,800 --> 00:00:28,010 with the potential target based on information gathering is usually fruitful, and a lot of organizations 5 00:00:28,190 --> 00:00:35,750 usually publish information and details about their organization as a marketing strategy for their existing 6 00:00:35,750 --> 00:00:37,310 and potential customers. 7 00:00:37,670 --> 00:00:44,720 Sometimes, when organization advertise and reconcile when a job, uh, recruiting website, the recruiter 8 00:00:44,810 --> 00:00:50,960 now post technical requirements for the potential candidate for penetration testers. 9 00:00:50,960 --> 00:00:57,860 Point of view The technical details can indicate the types of platforms and applications that are running 10 00:00:57,860 --> 00:01:01,100 within the organization's network infrastructure. 11 00:01:01,580 --> 00:01:06,740 We have covered the concepts of past information gathering in previous lectures. 12 00:01:07,820 --> 00:01:17,030 Um, so now let's take a deep dive into learning about open source intelligent in the in this lecture. 13 00:01:18,200 --> 00:01:23,810 Understanding open source intelligent OSINT, as mentioned previously on the first stage of penetration 14 00:01:23,810 --> 00:01:30,830 test, is to gather as much information as possible on a given chariot or organization gathering information 15 00:01:30,830 --> 00:01:33,810 prior to exploiting and gaining access to a network. 16 00:01:33,830 --> 00:01:35,510 Ori System will have penetration. 17 00:01:35,510 --> 00:01:41,660 Tester narrowed the scope of the attack and the design specific types of attacks and payloads that are 18 00:01:41,660 --> 00:01:44,300 suitable for the attack surface of the target. 19 00:01:45,680 --> 00:01:51,200 We will begin our information gathering phase by utilizing the largest computer network in existence. 20 00:01:51,230 --> 00:01:52,400 This is the internet. 21 00:01:55,700 --> 00:02:02,600 And the internet has many platforms ranging from forums and messaging boards to social media platforms. 22 00:02:03,120 --> 00:02:09,320 A lot of companies create an online presence to help make their products and services potential clients. 23 00:02:09,560 --> 00:02:18,230 In doing so, the creation of a company's website Facebook, Instagram, Twitter, LinkedIn and so on 24 00:02:18,230 --> 00:02:26,360 ensures that their potential customers get to know who they are and what services and products are offered. 25 00:02:26,900 --> 00:02:33,110 The marketing department is usually responsible for ensuring that any organization's online presence 26 00:02:33,350 --> 00:02:45,950 is, uh, is, uh, felt and their origin and their digital portfolio is always is always up to date. 27 00:02:46,610 --> 00:02:56,300 A caching we have open source intelligence tools here, as you can see here, information gathering, 28 00:02:56,660 --> 00:03:01,880 DNS synth analysis, Maltego we have here and other tools here. 29 00:03:01,880 --> 00:03:04,790 We will all use all of these tools in this course. 30 00:03:06,060 --> 00:03:12,920 So organizations usually publish information about themselves on various internet platforms, such as 31 00:03:12,920 --> 00:03:20,910 the blogs and the requirement recruitment websites as the internet is so readily available and accessible. 32 00:03:21,060 --> 00:03:26,580 It's quite easy for someone to gather information on how to get the organization simpler by using search 33 00:03:26,580 --> 00:03:30,930 engines and determining their underlying infrastructure. 34 00:03:31,890 --> 00:03:36,020 This technique is known as open source intelligent OSINT. 35 00:03:37,500 --> 00:03:44,970 This is where a penetration tester or ethical hacker uses the various tools and techniques that harness 36 00:03:44,970 --> 00:03:50,220 information that's publicly available on the internet to create a portfolio of the target. 37 00:03:52,690 --> 00:03:58,960 Open source intelligence is a type of passive information gathering where their penetration tester does 38 00:03:58,960 --> 00:04:05,650 not make direct contact or a connection with the actual target, but rather asks legitimate and reliable 39 00:04:05,650 --> 00:04:07,330 sources about the target. 40 00:04:08,350 --> 00:04:16,450 Over the years, I have noticed a lot of job hunting web sites where recruiters post vacancies for internet 41 00:04:16,450 --> 00:04:18,640 technologist positions within a company. 42 00:04:18,940 --> 00:04:24,370 But the recruiter specifies that an ideal candidate should have experience with the specific technologies, 43 00:04:24,610 --> 00:04:28,120 so this can be a good thing for the company and the applicant. 44 00:04:28,420 --> 00:04:31,690 However, it can lead, it can be as well. 45 00:04:32,490 --> 00:04:39,190 So there are some pros and cons of companies posting their technologies or requirement websites. 46 00:04:39,310 --> 00:04:46,000 The purpose of this, the potential candidate will know what type of environment to expect if they are 47 00:04:46,000 --> 00:04:48,760 hired and the process will. 48 00:04:48,910 --> 00:04:54,820 The potential candidate can determine beforehand whether they have the skill set required for the job 49 00:04:55,240 --> 00:04:56,890 and then as a concept as well. 50 00:04:56,890 --> 00:05:03,800 Here, the company is passionately exposing their technologies to public so ethical can when there's 51 00:05:03,850 --> 00:05:09,640 infrastructure and better selling exploits and tools to perform cyber attack. 52 00:05:13,520 --> 00:05:20,090 So let's uh, we have open source intelligence tools here in this next year to be able to demonstrate 53 00:05:20,090 --> 00:05:25,550 some of the most popular Open-Source intelligence tools that are available for Linux. 54 00:05:25,850 --> 00:05:31,670 You should all that help us create a profile about a target using various sources of information that 55 00:05:31,670 --> 00:05:37,510 can be found on the internet over the knee and then five subsections. 56 00:05:37,520 --> 00:05:45,020 We will cover awesome tools like Maltego here uh, Maltego Recon Engine. 57 00:05:45,470 --> 00:05:50,750 Uh, the harvester here we have, uh, the harvester. 58 00:05:50,750 --> 00:05:54,800 As you can see here we have here, the harvester, the Shodan. 59 00:05:54,800 --> 00:05:55,490 Here we will. 60 00:05:55,490 --> 00:05:56,690 Shorten is the left side. 61 00:05:57,170 --> 00:06:01,370 Um, so we can use it as well or see a framework. 62 00:06:01,370 --> 00:06:04,610 We will, uh, use it. 63 00:06:04,790 --> 00:06:08,130 So let's start with Maltego. 64 00:06:09,280 --> 00:06:14,450 Multiorgan was created by, uh, here let's open a browser, so we will need it. 65 00:06:16,060 --> 00:06:17,670 Surely we can't close it as well. 66 00:06:19,900 --> 00:06:21,520 Here, don't say. 67 00:06:23,310 --> 00:06:24,530 Uh, Maltego. 68 00:06:26,990 --> 00:06:34,280 Uh, Proterra, whatever uh, matter of, uh, that come. 69 00:06:35,850 --> 00:06:42,180 So multiple was created by Patrick Van Adcom as a graphical interface, interactive data mining application 70 00:06:42,330 --> 00:06:49,560 with the ability to query and gather information from various sources on the internet and present data 71 00:06:49,560 --> 00:06:51,180 in easy to read graphics. 72 00:06:51,630 --> 00:06:58,040 The graphs demonstrate the relationship between each entity and the Typekit, so to get started, you 73 00:06:58,050 --> 00:07:03,420 need the user account to access these functions and features of Maltego. 74 00:07:03,690 --> 00:07:11,850 So, um, go to this website here, Maltego here, and uh, click on, uh, plants here, actually. 75 00:07:13,630 --> 00:07:14,590 On plants here. 76 00:07:15,010 --> 00:07:21,580 Oh, it's eight a.m. and as you can see, we have Maltego community here and click on that. 77 00:07:25,700 --> 00:07:29,000 Here we can register and download it free. 78 00:07:29,480 --> 00:07:37,400 So this is for free for non-commercial use is available across platforms and Amazon ships with colored 79 00:07:37,400 --> 00:07:39,800 inks out of the box, as you can see here. 80 00:07:40,010 --> 00:07:42,110 We have them all together here. 81 00:07:43,490 --> 00:07:44,480 Multi-Angle. 82 00:07:44,570 --> 00:07:47,120 We have here Maltego, so I've not done with it. 83 00:07:48,470 --> 00:07:48,830 So. 84 00:07:52,830 --> 00:07:57,000 Actually, we need open user accounts for logging in. 85 00:07:57,240 --> 00:07:59,400 Let's all let's load the mouse over here. 86 00:08:03,380 --> 00:08:05,490 And we need to, uh. 87 00:08:05,630 --> 00:08:13,760 Yes, uh, actually, we don't need to install multi, uh, rigged system Maltego for using here, I 88 00:08:13,760 --> 00:08:14,120 think. 89 00:08:14,900 --> 00:08:22,910 But in previous months, actually it was like, yes, we have to log in here after reading the license 90 00:08:22,910 --> 00:08:23,540 agreement. 91 00:08:24,140 --> 00:08:24,830 Click next. 92 00:08:25,100 --> 00:08:29,870 And here, as you can see here, uh, we have to give passwords and email addresses. 93 00:08:30,020 --> 00:08:33,230 So I will, uh, use fake email here. 94 00:08:33,950 --> 00:08:36,350 Uh, that go here. 95 00:08:36,890 --> 00:08:41,390 And, uh, let's email fake. 96 00:08:46,280 --> 00:08:46,670 OK. 97 00:08:46,700 --> 00:08:55,340 Open this man with a crate and register and donate here, so let's, uh, first name is, for example, 98 00:08:56,030 --> 00:09:01,910 hokey pokey, and it's get corporate as a. 99 00:09:03,700 --> 00:09:06,010 And here are passwords. 100 00:09:08,980 --> 00:09:10,780 As for this year? 101 00:09:13,310 --> 00:09:14,690 And I'm not a robot. 102 00:09:16,210 --> 00:09:17,740 Motorcycles, yes. 103 00:09:18,860 --> 00:09:20,150 And click on to register. 104 00:09:22,460 --> 00:09:25,460 Actually, it's safe passport, so emails sent to this. 105 00:09:27,750 --> 00:09:28,980 P.M. Here, this is the. 106 00:09:30,050 --> 00:09:34,400 Fake email, temporary use, so it will. 107 00:09:35,660 --> 00:09:37,040 Come here, let's uh. 108 00:09:38,340 --> 00:09:39,450 Let's start with Page. 109 00:09:46,900 --> 00:09:47,320 OK. 110 00:10:16,350 --> 00:10:21,270 Yes, it's 3:00 a.m. We enter tomorrow to go here. 111 00:10:22,640 --> 00:10:25,060 Actually, it's trying this here. 112 00:10:25,880 --> 00:10:28,820 She be six harsh words. 113 00:10:29,980 --> 00:10:31,210 It was six hush. 114 00:10:32,790 --> 00:10:33,630 Each year. 115 00:10:34,730 --> 00:10:40,130 Well, it's sort of in your account has not been activated. 116 00:10:42,170 --> 00:10:42,920 Click here. 117 00:10:47,420 --> 00:10:52,400 So the email provides mean letters to a principal number here. 118 00:10:52,700 --> 00:10:54,050 So email didn't came. 119 00:10:56,200 --> 00:11:04,650 Here, so we will use we will open up baby news actually another a.m. fake here, email fake. 120 00:11:05,410 --> 00:11:06,130 Uh, here. 121 00:11:07,660 --> 00:11:08,680 Temporary email. 122 00:11:11,610 --> 00:11:13,020 You can't use it. 123 00:11:15,160 --> 00:11:16,840 So let me copy. 124 00:11:18,490 --> 00:11:19,630 It didn't came right. 125 00:11:19,810 --> 00:11:20,170 Yes. 126 00:11:20,240 --> 00:11:23,470 It didn't came here, so let's open a new account. 127 00:11:25,590 --> 00:11:29,360 Here's our email address here. 128 00:11:32,040 --> 00:11:32,350 Years. 129 00:11:35,340 --> 00:11:36,330 We'll keep watching. 130 00:11:38,850 --> 00:11:42,600 Yes, and I am not a robot here. 131 00:11:45,050 --> 00:11:47,750 And click on to register Sabes as well. 132 00:11:49,590 --> 00:11:50,460 Mail sent. 133 00:11:53,100 --> 00:11:54,570 Your inbox is empty. 134 00:12:24,120 --> 00:12:27,050 Which is a problem here, I will start with you.