Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OWASP - Introduction To OSINT In Real Life

Ashwani kumar
January 30, 2021
Technology
0
140

OWASP - Introduction To OSINT In Real Life

Session given by - Ashwani kumar a.k.a CyberK@Lki
Hobbies – Gaming & finding new places to go solo
Interest area – OSINT, Network Pentest, Malware analysis, Social
engineering , DevSecOps, Geopolitics & Quantum physics
Professional CS GO & Fortnite Player : Nick : GodWA
Certified ICS Security skills from US Homeland Security & CISA
Reported Scada bugs for BSNL, Railtel & other National critical
infrastructures
Provided OSINT training and consultancy to govt agencies & Private
entities
Worked closely with CyberPeace NGO helping Indian masses to stay safe in
cyberspace and build next-gen cyber warriors

Ashwani kumar

January 30, 2021
Tweet

More Decks by Ashwani kumar

See All by Ashwani kumar
OSINT:Ripping Apart Surface and Dark Web via OSINT
aksc_ck
0
210
OWASP - ICS Security Meetup
aksc_ck
3
250

Other Decks in Technology

See All in Technology
TypeScriptの次なる大進化なるか!? 条件型を返り値とする関数の型推論
uhyo
2
1.6k
適材適所の技術選定 〜GraphQL・REST API・tRPC〜 / Optimal Technology Selection
kakehashi
1
170
The Rise of LLMOps
asei
7
1.4k
Can We Measure Developer Productivity?
ewolff
1
150
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
220
AGIについてChatGPTに聞いてみた
blueb
0
130
いざ、BSC討伐の旅
nikinusu
2
780
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
Why App Signing Matters for Your Android Apps - Android Bangkok Conference 2024
akexorcist
0
120
ドメイン名の終活について - JPAAWG 7th -
mikit
33
20k
Incident Response Practices: Waroom's Features and Future Challenges
rrreeeyyy
0
160
Shopifyアプリ開発における Shopifyの機能活用
sonatard
4
250

Featured

See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Raft: Consensus for Rubyists
vanstee
136
6.6k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
131
33k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
GraphQLとの向き合い方2022年版
quramy
43
13k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
[RailsConf 2023] Rails as a piece of cake
palkan
52
4.9k
Designing Experiences People Love
moore
138
23k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
The World Runs on Bad Software
bkeepers
PRO
65
11k

Transcript

  1. Introduction To OSINT In Real Life A simple journey to

    gain passive & active info about target

  2. #whoami 👉 Ashwani kumar a.k.a CyberK@Lki 👉 Hobbies – Gaming

    & finding new places to go solo 👉 Interest area – OSINT, Network Pentest, Malware analysis, Social engineering , DevSecOps, Geopolitics & Quantum physics 👉 Professional CS GO & Fortnite Player : Nick : GodWA 👉 Certified ICS Security skills from US Homeland Security & CISA 👉 Reported Scada bugs for BSNL, Railtel & other National critical infrastructures 👉 Provide OSINT training and consultancy to govt agencies & Private entities 👉 Work closely with CyberPeace NGO helping Indian masses to stay safe in cyberspace and build next-gen cyber warriors 2 Website – https:/cyberkalki.com/ [ Work in Progress]
  3. None

  4. OSINT Use cases • Username lookup • Email lookup •

    Domain & IP lookup • Images & Docs lookup • Social Media OSINT • People OSINT • Telephone OSINT • Public ReCords • Corporate & Business OSINT • Geo OSINT • Darkweb OSINT • Malicious file OSINT • OSINT Frameworks

  5. Username & Email OSINT • http://checkusernames.com/ • https://namechk.com/ • https://whatsmyname.app/

    • Socialscan tool • Search4 tool • https://rocketreach.co/ • https://tools.verifyemailaddress.io/ • https://www.peekyou.com/ • https://hunter.io • https://www.spytox.com/people/search?email • https://intelx.io/tools?tab=email • https://en.gravatar.com/site/check/ • Harvester tool

  6. Domain & IP OSINT • https://securitytrails.com/domain • https://domaincrawler.com/ • https://viewdns.info/

    • Censys • Shodan • Greynoise : https://viz.greynoise.io/ • Onephye: https://www.onyphe.io/ • Virustotal : https://www.virustotal.com/gui/home/search • https://db-ip.com/ • https://www.projecthoneypot.org/list_of_ips.php • https://www.ipvoid.com/ • https://spyse.com/advanced-search/domain • https://www.zoomeye.org/

  7. Domain & IP OSINT • https://app.binaryedge.io/ • https://builtwith.com • www.visualsitemapper.com

    • r3con1z3r: https://github.com/abdulgaphy/r3con1z3r • https://whois.domaintools.com/ •

  8. Resources as per Use case

  9. Socialmedia OSINT • Telegram : https://www.telegramdb.org/ ◦ https://github.com/th3unkn0n/TeleGram-Scraper • Github

    : https://github.com/s0md3v/Zen • Whatsapp : https://github.com/LoranKloeze/WhatsAllApp • Instagram: https://github.com/Datalux/Osintgram • Twitter: https://github.com/twintproject/twint ◦ https://tweetdeck.twitter.com/ ◦ https://onemilliontweetmap.com/ ◦ https://www.tweetarchivist.com/c57fce2f/15287 ◦ https://www.trendsmap.com/ ◦ https://socialbearing.com/search/user ◦ https://github.com/atmoner/TwitWork ◦ https://doc.tafferugli.io/

  10. Socialmedia OSINT • Facebook : https://github.com/milo2012/osintstalker • Titktok: https://github.com/sc1341/TikTok-OSINT •

    https://github.com/GitSquared/sherlock-js • Linkedin: https://github.com/initstring/linkedin2username ◦ https://github.com/leapsecurity/InSpy ◦ https://github.com/dchrastil/ScrapedIn ◦ • https://github.com/batuhaniskr/twitter-intelligence • Reddit https://www.redective.com/ ◦ https://www.osintcombine.com/reddit-post-analyser • https://www.smat-app.com/ • SocialPwned : https://github.com/MrTuxx/SocialPwned

  11. Darkweb & Crypto OSINT • https://iaca-darkweb-tools.com/search-darkweb/ • https://github.com/MikeMeliz/TorCrawl.py • https://github.com/s-rah/onionscan

    • https://jakecreps.com/2019/05/16/osint-tools-for-the-dark-web/ • https://github.com/dirtyfilthy/freshonions-torscraper • Torbot : https://github.com/DedSecInside/TorBot • https://www.osintcombine.com/post/dark-web-searching • https://onion.live/ • https://www.blockchain.com/explorer • https://github.com/s0md3v/Orbit • https://bitcoinwhoswho.com/ • https://www.blockchain.com/explorer • https://www.bitcoinabuse.com/

  12. OSINT Frameworks • Maryam • Recon-ng • Vault Cyber Security

    https://github.com/Vault-Cyber-Security/osint • https://osintgeek.de/tools • https://github.com/digitaldisarray/OSINT-Tools • https://github.com/topics/osint-tool • https://github.com/ecstatic-nobel/pOSINT • https://www.osintcombine.com/tools •

  13. OSINT Tips & References • https://github.com/blaCCkHatHacEEkr/OSINT_TIPS • https://osint.link/ • Attack

    surface for OSINT • https://cheatsheet.haax.fr/open-source-intelligence-osint/ • Missing person OSINT • https://www.osintme.com/index.php/2020/11/21/list-of-darknet- markets-for-investigators/ •