OSINT Flashcards
What does OSINT stand for?
Open-Source Intelligence
What is OPSEC?
operational security – the practice of hiding yourself online by disassociating your online persona with your real self
What is a public exposure assessment
?
How is OSINT useful to attackes?
aids in potentially effective social-engineering attacks, and spear-phishing email campaigns to be conducted, tailored to their intended targets to make them more believable
What is the process of collecting publically available information for malicious purposes commonly referred to?
target information gathering, or passive information gathering (because the attacker is not directly engaging with the target’s systems, such as port or vulnerability scanning)
Which roles utilize OSINT?
- Tactical Threat Analyst
- Strategic Threat Analyst
- Security Analyst
- Vulnerability Analyst
- Penetration Tester/Red Teamer
How does a Tactical Threat Analyst
utilize OSINT?
- conduct intelligence operations, gathering information on adversaries that may target their organization
- stay up to date with the latest trends and techniques used by these groups, in order to implement defenses
- collect IOCs
How does a Strategic Threat Analyst
utilize OSINT?
- conduct threat exposure assessments
- identify any information that the organization is “leaking” out on the internet
How does a Security Analyst
utilize OSINT?
- checking the reputation of IOCs such as IP addresses (VirusTotal, IPVoid), or email addresses and file hashes (VirusTotal, IBM X-Force Exchange)
- investigating fake social-media accounts that are being used to launch social engineering attacks against employees
How does a Vulnerability Analyst
utilize OSINT?
- crucial for this role to as they need to keep up to date with the latest publicly-announced vulnerabilities
- great OSINT source is the National Vulnerability Database and using TweetDeck to monitor Twitter for vulnerability-related news and disclosures
How does a Penetration Tester/Red Teamer
utilize OSINT?
gain information about their target company, such as internal systems and employee information
What does the The Intelligence Cycle
term describe?
a series of stages and procedures that a researcher has to perform to convert the collected data and information into intelligence products capable of bringing solutions to the organization
What are the 5 steps in the The Intelligence Cycle
?
- Planning and Direction
- Collection (gathering of data and information)
- Processing of data and information
- Analysis to produce meaningful intelligence
- Dissemination of intelligence to the clients
What is determined in the Planning and Direction
phase?
the purpose of research and what kind of information you are looking for
What is the objective of the Collection
phase?
identification of which kind of processes you will use to carry out the collection of such information, and then, using all the techniques you know, obtain the data that will help you carry out your intelligence operation
What are the objectives in the Processing of data and information
phase?
- visualization of the information
- application of decoding, decryption, validation, and evaluation techniques to filter the huge amount of information obtained
- identify useful data for the research
What is done in the Analysis to produce meaningful intelligence
phase?
- compile all the information you filtered in the previous step to obtain the solutions to your initial problem
- creation of a coherent intelligence product (report, conference, etc.) that allows you to clearly explain the process you recently carried out
What is done in the Dissemination of intelligence to the clients
phase?
deliver the product you developed throughout the process to the stakeholders (individuals or groups) that requested it
Why are the OSINT operations called a “passive operation”?
they are completely invisible and at no time will the individual or organization you are investigating realize who you are
What are the 3 techniques used for online fingerprinting?
- IP address
- cookies
- browser fingerprinting
What is Sock Puppetry
?
a deceptive practice in which a single individual creates and controls multiple accounts or personas to manipulate or deceive others
What is the The Harvester
tool used for?
command-line information-gathering tool that utilizes OSINT sources to gather information about the target domain and retrieves information such as hostnames, IP addresses, employees (and their positions), email addresses, and much more
How to use theharvester to do a simple reconnaissance on the domain google.com, using Google as the data source?
theharvester -d google.com -l 100 -b google
How to use theharvester to do a simple reconnaissance on the domain google.com, using LinkedIn as the data source?
theharvester -d google.com -l 100 -b linkedin
What is Maltego
?
data mining and information gathering tool, capable of obtaining real-time data on different types of entities (companies, people, websites, etc.), and representing them graphically through nodes, showing all the connections that the program was able to obtain over the Internet, about the subject under investigation
What is the name of the website that is a hub for hundreds of OSINT sources and tools, and is easily sorted so you can find the tool that you need quickly?
https://osintframework.com
What is the the https://tineye.com/
web app used for?
conduct reverse image searches
Why is tineye
useful?
with the alert service, we can be notified every time one of our images is identified on the internet - useful for monitoring the use of logos, especially trademarked ones
What is the Google’s alternative of ‘tineye’?
https://images.google.com
- search by image