Scribd
Upload
75 views

OSINT Tool Overview

Tool OSINT Overview

Uploaded by

shyaamu786
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
75 views

OSINT Tool Overview

Tool OSINT Overview

Uploaded by

shyaamu786
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

OSINT

EXPLORING ADVANCED TOOLS FOR ENGAGING


OSINT CHALLENGES.
WHAT IS OSINT
OSINT stands for “Open Source Intelligence”, is the
collection and analysis of data gathered from open sources,
including social media, websites, images, organization,
person, network and from many more, which is present on
open source.
Key Component of OSINT

Data sources:
1.Website
2.Social media
3.Public Document
4.Metadata
Protest

What is the current road ID of the road where the 23-year-


old ecologist was killed?
Flag Format:Diver24{road ID}
Assets

Michelan gelo and his boss are going on vacation. Michelan


gelo Instagram ID is provided, and we need to search for
information about his boss.
Instagram id: Michelangelo_corning
Security question can be solved by reconnaissance.
SHODAN
Shodan is a search engine that allows users to find specific types of
computers connected to the internet. It can be used to gather
information about devices, including IP addresses, open ports, running
services, and more.

Using Shodan for OSINT

Search for Devices: You can search for devices by type (e.g.,
webcams, routers, servers) or by specific vulnerabilities.

Explore Filters: Shodan provides various filters to narrow down


results, such as country, organization, or port number.

API Access: Shodan offers an API that allows for automated queries
and can be integrated into tools for more complex investigations.
Racon-NG
Racon NG is an open-source OSINT tool designed for gathering
information about domains, IP addresses, and network infrastructure. It
simplifies the process of reconnaissance by automating data collection
from various sources.

Using Racon- NG for OSINT

Find IP addresses for specific domains.


Retrieve WHOIS information to learn about domain ownership.
Look up DNS records to understand a domain’s configuration.
Discover subdomains associated with a target.
TheHarvester
TheHarvester is an open-source intelligence (OSINT) tool used for
gathering information about email addresses, subdomains, hosts, and
employee names from public sources.

Using TheHarvester for OSINT

Email Address Extraction: Collect email addresses associated with a


specific domain from various public sources.
Subdomain Discovery: Identify subdomains related to a target
domain, helping to map its infrastructure.
Search Engine Queries: Use multiple search engines (e.g., Google,
Bing) to gather relevant information about the target.
Social Media Mining: Extract information from social media platforms
to enhance the understanding of a target.
Maltego
Maltego is an advanced open-source intelligence (OSINT) and graphical
link analysis tool used for gathering and analyzing information about
entities, such as people, organizations, and websites.

Using Maltego for OSINT

Relationship Mapping: Visualize and analyze connections between


people, organizations, and digital assets.
Domain and IP Analysis: Investigate and map relationships between
domains, subdomains, and IP addresses.
Social Media Analysis: Explore social media profiles to identify
connections and interactions.
Email and Phone Number Discovery: Extract and analyze email
addresses and phone numbers associated with entities.
Google Dork
Google Dorks allow you to do advanced search queries discover
publicly available data and find sensitive information accordingly.

Using Google dork for OSINT

Sensitive Data Discovery: Locate exposed documents and files.


Targeted Searches: Use specific queries to find information on
particular websites.
Security Assessments: Identify vulnerable pages and potential
security risks.
Email Extraction: Gather email addresses associated with a domain.
Quick Information Retrieval: Efficiently uncover hidden data on the
internet.
CTF Challenge
Scenario: Cybersecurity analyst Alex was hired to investigate a tech
consulting firm whose founder is known as the Father of Indian Civil
Aviation. Let's help Alex reveal the flag.

Hint: for pdf fifa world cup in Qatar year

CTF{[ProfileAboutUSURL]_[AnnualReportTitle]_[pdf creator_creation
date]_[Name_Media_Entertainment_Leader]}

CTF{ https://www.tcs.com/who-we-are/about-us _ annual-report-2022-


2023.pdf
_ Adode acrobat pro 10.0.0 _2023-06-06_ Rahul saha }
Resources
Complete OSINT fundamentals: https://imshewale.medium.com/complete-
osint-fundamentals-fd7848663588
Top 15 Best CTF FOR OSINT practices:
https://imshewale.medium.com/top-15-best-ctf-for-osint-practice-
89b3f274565a
Finding a Location from an Image Youtube Channel:
https://youtu.be/CWMF8Bx_Lyk?si=fa3OYzrP3GYAOEOd
Recon-ng: A full-featured web reconnaissance framework. GitHub
Repository - Recon-ng.
OSINT Framework: A comprehensive guide to various OSINT tools
categorized by their purpose.
Website: OSINT Framework
SANS Institute OSINT Resources: A collection of resources and tools for
Open Source Intelligence gathering.
Article: SANS OSINT Resources
Google dork query for searching more osint ctf question: site:github.com
"osint ctf" or "osint challenge" or "ctf questions" inurl:ctf
Time to be the challenge maker!

Thank you!

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy