Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ECSA - Certified Security Analyst > 3 - OSINT Methodology > Flashcards

3 - OSINT Methodology Flashcards

1
Q

What are the OSINT gathering steps?

A
  • OSINT through WWW
  • OSINT through Website Analysis
  • OSINT through DNS Interrogation
  • Automating Your OSINT Effort
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some steps for OSINT through WWW?

A
  • Find the domain and Sub-domains of the Target
    • Subdomains represent different applications and help to view the attack surface of a organization
  • Find similar or parallel domain names
  • Refine searches using Advanced Operators
    • Tool: Sitedigger
  • Footprint the Target using Shodan (tool)
  • Find the Geographical Location of a Company
  • List Employees and their Email Addresses
  • Identify the Key Email Addresses through Email Harvesting
    • Tools: Theharvester, Phishing Frenzy, etc.
  • List Key Personnel of the Company
  • Use People Search Online Services to Collect the Information
  • Browse Social Network Websites to Find Information about Company and Employees
  • Use Web Investigation Tools to Extract Sensitive Data about the Company
  • Identify the Type of Network Devices used in Organization
  • Look for Sensitive Information in email Headers
  • Look for Valuable Information in the NNTP USENET Newsgroups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are some Google advanced operators?

A
  • site: restricts results to websites in domain
  • intitle: restricts results to documents containing search key
  • allintitle: restricts results to those websites with all the keywords in the title
  • allintext: Searches pages with content specified in search criteria
  • inurl: restricts results to documents containing search keyword
  • allinurl: restricts results to those with all the search keywords in the URL
  • link: Lists web pages that have links to the specified web page
  • info: presents some information that Google has about a particular web page
  • related: Lists web pages that are similar to a specified web page
  • cache: displays the web pages stored in the Google cache
  • location: Finds information for a specific location
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the steps for OSINT through Website Analysis?

A
  • Search contact info, email addresses, and telephone numbers from company website
  • Search for Web Pages Posting Patterns and Revision Numbers
  • Search the Archive.org for Old Information about the Company
  • Monitor Web Updates using WebSite-Watcher
    • Checks for pages for updates and changes
  • Examine HTML Source of the Web Pages
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the steps for OSINT through DNS Interrogation?

A
  • Perform Whois Lookup
  • Find IP Address Block Allocated to the Organization
  • Find DNS Records for Domain
  • Perform Reverse Lookup
  • Perform DNS Zone Transfer
  • Draw a network Diagram using Traceroute Analysis
  • Create Topological Map of the Networka
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the steps for OSINT through DNS Interrogation?

A
  • Perform Whois Lookup
  • Find IP Address Block Allocated to the Organization
  • Find DNS Records for Domain
  • Perform Reverse Lookup
  • Perform DNS Zone Transfer
  • Draw a network Diagram using Traceroute Analysis
  • Create Topological Map of the Network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ECSA - Certified Security Analyst (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions