Why OSINT
Open-source intelligence is a
multi-factor methodology for
collecting, analyzing and
making decisions about data
accessible in publicly available
sources to be used in an
intelligence context.
I Love Because
discovering
unknown assets I
Love most
censys.io
Slide 4
Slide 4 text
I do Part time Bugbounty
Hunting And mostly i do recon
using search engine Eg:
shodan, censys which Gives
lot's of info And My $$$$$
Lets Start Bugbounty and censys
And $$$$
censys
Slide 5
Slide 5 text
Navigate to censys.io
As we see we have option lookup Host info or
Certificates info by IP, Domain Name , CIDR etc.
This discover, monitor, and analyze Our target
info
But
How it work?
How this help us to find your Critical Bug
Slide 6
Slide 6 text
How to Lookup Host Info
Lookup Host details using domain name
Lookup Certificate Details Belongs to target eg: facebook.com
Slide 7
Slide 7 text
Look for Specific Services/port
Finding for `8880' PORT Use Keyword:
(target.com) and services.port=`8880`
Slide 8
Slide 8 text
Look for ftp
Finding for 'ftp' Use Keyword:
(target.com) and services.service_name=`FTP
Slide 9
Slide 9 text
How I found Some cool bug Using
Slide 10
Slide 10 text
Navigate to censys.io
I was Testing on Private Program And where i found
All 500+ employee data From Misconfigure
This discover, monitor, and analyze Our target
info
But
How it work?
How this help us to find your Critical Bug
Slide 11
Slide 11 text
Always Look for unique port in my case i found 5001
come to know through One IP Which is AWS and
deploying TableAir.AdminFlow
And What They replied to me And Issue is resolved
within 2 days .