Open Source Intelligence refers to any information that can legally be gathered from free, public sources about an individual or organization.
What is OSINT?
OSINT is gathering and analysing publicly available data for intelligence purposes, which includes information collected from the internet, mass media, specialist journals and research, photos, and geospatial information. The information can be accessed via the open internet (indexed by search engines), closed forums (not indexed by search engines) and even the deep and dark web. People tend to leave much information on the internet that is publicly available and later on results in impersonation, identity theft etc.
TYPES :
ACTIVE - Direct interaction with Target
PASSIVE - No direct Interaction with Target
SEMI PASSIVE - Indirect Jack!
ACTIVE ATTACKS
- Denial of Service (DoS)
- Man in the Middle
- ARP Poisoning
- Spoofing
- Session Replay/Hijacking
- Buffer Overflow
- SQL Injection
- Threat Maps
PASSIVE ATTACKS
- Reconnaissance
- Remotely getting data of victim
- Subdomains of websites are most likely to be vulnerable.
- spyse.com - subdomain finder
- virustotal.com - on URL, domain, file etc - detects the malware in it
- dnsdumpster.com - find & lookup dns records
- Footprinting
- Eaves Droppping
- System/Port Scan
- Open Source Intelligence (OSINT)
- War Driving
- Traffic Analysis