WEBVTT

00:01.910 --> 00:10.490
Understanding passive information gathering, passive information gathering is when you lose an indirect

00:10.490 --> 00:13.490
approach to obtain information about your target.

00:13.910 --> 00:21.800
This method obtains information that's publicly available from many sources to eliminating direct contact

00:21.800 --> 00:28.010
with the potential target based on information gathering is usually fruitful, and a lot of organizations

00:28.190 --> 00:35.750
usually publish information and details about their organization as a marketing strategy for their existing

00:35.750 --> 00:37.310
and potential customers.

00:37.670 --> 00:44.720
Sometimes, when organization advertise and reconcile when a job, uh, recruiting website, the recruiter

00:44.810 --> 00:50.960
now post technical requirements for the potential candidate for penetration testers.

00:50.960 --> 00:57.860
Point of view The technical details can indicate the types of platforms and applications that are running

00:57.860 --> 01:01.100
within the organization's network infrastructure.

01:01.580 --> 01:06.740
We have covered the concepts of past information gathering in previous lectures.

01:07.820 --> 01:17.030
Um, so now let's take a deep dive into learning about open source intelligent in the in this lecture.

01:18.200 --> 01:23.810
Understanding open source intelligent OSINT, as mentioned previously on the first stage of penetration

01:23.810 --> 01:30.830
test, is to gather as much information as possible on a given chariot or organization gathering information

01:30.830 --> 01:33.810
prior to exploiting and gaining access to a network.

01:33.830 --> 01:35.510
Ori System will have penetration.

01:35.510 --> 01:41.660
Tester narrowed the scope of the attack and the design specific types of attacks and payloads that are

01:41.660 --> 01:44.300
suitable for the attack surface of the target.

01:45.680 --> 01:51.200
We will begin our information gathering phase by utilizing the largest computer network in existence.

01:51.230 --> 01:52.400
This is the internet.

01:55.700 --> 02:02.600
And the internet has many platforms ranging from forums and messaging boards to social media platforms.

02:03.120 --> 02:09.320
A lot of companies create an online presence to help make their products and services potential clients.

02:09.560 --> 02:18.230
In doing so, the creation of a company's website Facebook, Instagram, Twitter, LinkedIn and so on

02:18.230 --> 02:26.360
ensures that their potential customers get to know who they are and what services and products are offered.

02:26.900 --> 02:33.110
The marketing department is usually responsible for ensuring that any organization's online presence

02:33.350 --> 02:45.950
is, uh, is, uh, felt and their origin and their digital portfolio is always is always up to date.

02:46.610 --> 02:56.300
A caching we have open source intelligence tools here, as you can see here, information gathering,

02:56.660 --> 03:01.880
DNS synth analysis, Maltego we have here and other tools here.

03:01.880 --> 03:04.790
We will all use all of these tools in this course.

03:06.060 --> 03:12.920
So organizations usually publish information about themselves on various internet platforms, such as

03:12.920 --> 03:20.910
the blogs and the requirement recruitment websites as the internet is so readily available and accessible.

03:21.060 --> 03:26.580
It's quite easy for someone to gather information on how to get the organization simpler by using search

03:26.580 --> 03:30.930
engines and determining their underlying infrastructure.

03:31.890 --> 03:36.020
This technique is known as open source intelligent OSINT.

03:37.500 --> 03:44.970
This is where a penetration tester or ethical hacker uses the various tools and techniques that harness

03:44.970 --> 03:50.220
information that's publicly available on the internet to create a portfolio of the target.

03:52.690 --> 03:58.960
Open source intelligence is a type of passive information gathering where their penetration tester does

03:58.960 --> 04:05.650
not make direct contact or a connection with the actual target, but rather asks legitimate and reliable

04:05.650 --> 04:07.330
sources about the target.

04:08.350 --> 04:16.450
Over the years, I have noticed a lot of job hunting web sites where recruiters post vacancies for internet

04:16.450 --> 04:18.640
technologist positions within a company.

04:18.940 --> 04:24.370
But the recruiter specifies that an ideal candidate should have experience with the specific technologies,

04:24.610 --> 04:28.120
so this can be a good thing for the company and the applicant.

04:28.420 --> 04:31.690
However, it can lead, it can be as well.

04:32.490 --> 04:39.190
So there are some pros and cons of companies posting their technologies or requirement websites.

04:39.310 --> 04:46.000
The purpose of this, the potential candidate will know what type of environment to expect if they are

04:46.000 --> 04:48.760
hired and the process will.

04:48.910 --> 04:54.820
The potential candidate can determine beforehand whether they have the skill set required for the job

04:55.240 --> 04:56.890
and then as a concept as well.

04:56.890 --> 05:03.800
Here, the company is passionately exposing their technologies to public so ethical can when there's

05:03.850 --> 05:09.640
infrastructure and better selling exploits and tools to perform cyber attack.

05:13.520 --> 05:20.090
So let's uh, we have open source intelligence tools here in this next year to be able to demonstrate

05:20.090 --> 05:25.550
some of the most popular Open-Source intelligence tools that are available for Linux.

05:25.850 --> 05:31.670
You should all that help us create a profile about a target using various sources of information that

05:31.670 --> 05:37.510
can be found on the internet over the knee and then five subsections.

05:37.520 --> 05:45.020
We will cover awesome tools like Maltego here uh, Maltego Recon Engine.

05:45.470 --> 05:50.750
Uh, the harvester here we have, uh, the harvester.

05:50.750 --> 05:54.800
As you can see here we have here, the harvester, the Shodan.

05:54.800 --> 05:55.490
Here we will.

05:55.490 --> 05:56.690
Shorten is the left side.

05:57.170 --> 06:01.370
Um, so we can use it as well or see a framework.

06:01.370 --> 06:04.610
We will, uh, use it.

06:04.790 --> 06:08.130
So let's start with Maltego.

06:09.280 --> 06:14.450
Multiorgan was created by, uh, here let's open a browser, so we will need it.

06:16.060 --> 06:17.670
Surely we can't close it as well.

06:19.900 --> 06:21.520
Here, don't say.

06:23.310 --> 06:24.530
Uh, Maltego.

06:26.990 --> 06:34.280
Uh, Proterra, whatever uh, matter of, uh, that come.

06:35.850 --> 06:42.180
So multiple was created by Patrick Van Adcom as a graphical interface, interactive data mining application

06:42.330 --> 06:49.560
with the ability to query and gather information from various sources on the internet and present data

06:49.560 --> 06:51.180
in easy to read graphics.

06:51.630 --> 06:58.040
The graphs demonstrate the relationship between each entity and the Typekit, so to get started, you

06:58.050 --> 07:03.420
need the user account to access these functions and features of Maltego.

07:03.690 --> 07:11.850
So, um, go to this website here, Maltego here, and uh, click on, uh, plants here, actually.

07:13.630 --> 07:14.590
On plants here.

07:15.010 --> 07:21.580
Oh, it's eight a.m. and as you can see, we have Maltego community here and click on that.

07:25.700 --> 07:29.000
Here we can register and download it free.

07:29.480 --> 07:37.400
So this is for free for non-commercial use is available across platforms and Amazon ships with colored

07:37.400 --> 07:39.800
inks out of the box, as you can see here.

07:40.010 --> 07:42.110
We have them all together here.

07:43.490 --> 07:44.480
Multi-Angle.

07:44.570 --> 07:47.120
We have here Maltego, so I've not done with it.

07:48.470 --> 07:48.830
So.

07:52.830 --> 07:57.000
Actually, we need open user accounts for logging in.

07:57.240 --> 07:59.400
Let's all let's load the mouse over here.

08:03.380 --> 08:05.490
And we need to, uh.

08:05.630 --> 08:13.760
Yes, uh, actually, we don't need to install multi, uh, rigged system Maltego for using here, I

08:13.760 --> 08:14.120
think.

08:14.900 --> 08:22.910
But in previous months, actually it was like, yes, we have to log in here after reading the license

08:22.910 --> 08:23.540
agreement.

08:24.140 --> 08:24.830
Click next.

08:25.100 --> 08:29.870
And here, as you can see here, uh, we have to give passwords and email addresses.

08:30.020 --> 08:33.230
So I will, uh, use fake email here.

08:33.950 --> 08:36.350
Uh, that go here.

08:36.890 --> 08:41.390
And, uh, let's email fake.

08:46.280 --> 08:46.670
OK.

08:46.700 --> 08:55.340
Open this man with a crate and register and donate here, so let's, uh, first name is, for example,

08:56.030 --> 09:01.910
hokey pokey, and it's get corporate as a.

09:03.700 --> 09:06.010
And here are passwords.

09:08.980 --> 09:10.780
As for this year?

09:13.310 --> 09:14.690
And I'm not a robot.

09:16.210 --> 09:17.740
Motorcycles, yes.

09:18.860 --> 09:20.150
And click on to register.

09:22.460 --> 09:25.460
Actually, it's safe passport, so emails sent to this.

09:27.750 --> 09:28.980
P.M. Here, this is the.

09:30.050 --> 09:34.400
Fake email, temporary use, so it will.

09:35.660 --> 09:37.040
Come here, let's uh.

09:38.340 --> 09:39.450
Let's start with Page.

09:46.900 --> 09:47.320
OK.

10:16.350 --> 10:21.270
Yes, it's 3:00 a.m. We enter tomorrow to go here.

10:22.640 --> 10:25.060
Actually, it's trying this here.

10:25.880 --> 10:28.820
She be six harsh words.

10:29.980 --> 10:31.210
It was six hush.

10:32.790 --> 10:33.630
Each year.

10:34.730 --> 10:40.130
Well, it's sort of in your account has not been activated.

10:42.170 --> 10:42.920
Click here.

10:47.420 --> 10:52.400
So the email provides mean letters to a principal number here.

10:52.700 --> 10:54.050
So email didn't came.

10:56.200 --> 11:04.650
Here, so we will use we will open up baby news actually another a.m. fake here, email fake.

11:05.410 --> 11:06.130
Uh, here.

11:07.660 --> 11:08.680
Temporary email.

11:11.610 --> 11:13.020
You can't use it.

11:15.160 --> 11:16.840
So let me copy.

11:18.490 --> 11:19.630
It didn't came right.

11:19.810 --> 11:20.170
Yes.

11:20.240 --> 11:23.470
It didn't came here, so let's open a new account.

11:25.590 --> 11:29.360
Here's our email address here.

11:32.040 --> 11:32.350
Years.

11:35.340 --> 11:36.330
We'll keep watching.

11:38.850 --> 11:42.600
Yes, and I am not a robot here.

11:45.050 --> 11:47.750
And click on to register Sabes as well.

11:49.590 --> 11:50.460
Mail sent.

11:53.100 --> 11:54.570
Your inbox is empty.

12:24.120 --> 12:27.050
Which is a problem here, I will start with you.