1
00:00:00,060 --> 00:00:01,030
Welcome back, everyone.

2
00:00:01,380 --> 00:00:07,530
This is the lecture on finding the email address again, so what's so special in this session?

3
00:00:07,920 --> 00:00:13,770
In this lecture, we'll be talking about a new tool, a very powerful tool called Rickon Hyphen.

4
00:00:13,770 --> 00:00:16,650
Engy, this is the tool in.

5
00:00:17,280 --> 00:00:17,660
All right.

6
00:00:18,000 --> 00:00:22,530
And in this tool, basically the free tool.

7
00:00:22,540 --> 00:00:28,380
So you don't really have to depend on any commercial tool to gather more and more email addresses.

8
00:00:28,770 --> 00:00:33,000
You don't have to pay any single dollars, any single penny for this.

9
00:00:33,000 --> 00:00:33,300
Right.

10
00:00:33,960 --> 00:00:34,680
Enough talking.

11
00:00:34,710 --> 00:00:35,940
Let's get started with this.

12
00:00:36,390 --> 00:00:36,750
All right.

13
00:00:36,750 --> 00:00:43,380
So let me go to the clearly and I'm in the galley at this moment with my crew taxes.

14
00:00:43,830 --> 00:00:49,530
And the first thing that you need to do is just just go to this application.

15
00:00:49,530 --> 00:00:56,590
And for doing that, just type the name of the application, Rickon Hyphen Engie.

16
00:00:57,090 --> 00:00:57,430
All right.

17
00:00:57,930 --> 00:01:03,670
So the moment you do that, it might take some time and then get started.

18
00:01:04,620 --> 00:01:05,210
Lovely.

19
00:01:05,250 --> 00:01:08,200
You see, Rickon Energy is ready here.

20
00:01:08,820 --> 00:01:11,220
This is a tool for information gathering.

21
00:01:11,230 --> 00:01:13,940
Remember, we are currently in the precleared actress.

22
00:01:14,400 --> 00:01:19,080
Now, usually, if it's your first time, you might find more.

23
00:01:19,080 --> 00:01:20,810
None of the modules are loaded.

24
00:01:20,970 --> 00:01:23,910
What are modules for every features in the stool?

25
00:01:24,270 --> 00:01:31,770
There are separate modules for the Bing search for any appose for Lingnan for Facebook.

26
00:01:31,770 --> 00:01:35,460
Every gathering information from different media.

27
00:01:35,490 --> 00:01:38,470
There's a different modules created for different APIs as well.

28
00:01:39,630 --> 00:01:46,410
So you may find some difficulty initially as zero module selected and all the stuff.

29
00:01:46,710 --> 00:01:57,120
If you are in the same piece you can make use of a command market place, market place, install all

30
00:01:57,450 --> 00:01:59,760
and thus give you an.

31
00:01:59,820 --> 00:02:05,940
This will also give you an idea about what all modules as basically install.

32
00:02:06,390 --> 00:02:06,730
All right.

33
00:02:06,750 --> 00:02:14,670
So if you see closely it installed modules that are part of discovery, that are part of reconnaissance

34
00:02:15,000 --> 00:02:23,130
and, you know, install the the plug ins, the modules related to finding any interesting fuzz, this

35
00:02:23,130 --> 00:02:29,160
could be configuration files for the target in case of a website or something.

36
00:02:29,460 --> 00:02:36,480
It can find the email addresses or any sensitive file from your target, LinkedIn account, Facebook

37
00:02:36,480 --> 00:02:39,510
account, Instagram or any social media.

38
00:02:39,660 --> 00:02:47,760
It can even find the sensitive information or your desired information from search engine like Ben VA.

39
00:02:47,770 --> 00:02:52,740
Some apps, it can even find the sensitive informations.

40
00:02:53,360 --> 00:03:03,810
I like subversions get CCTV camera information which is publicly exposed with this API.

41
00:03:03,900 --> 00:03:06,900
I'll talk about it in the in the later classes.

42
00:03:07,260 --> 00:03:12,180
But this all integration has been done through this powerful hurricane.

43
00:03:12,180 --> 00:03:19,860
And due to trust me, if you learn the signal tool, you actually learn almost everything about information

44
00:03:19,860 --> 00:03:20,240
gathering.

45
00:03:20,550 --> 00:03:25,980
And with this tool, you don't really have to depend on any commercial groups or so we are done.

46
00:03:26,760 --> 00:03:34,980
So once that is done, you can actually organize your activity, you can organize your all your activity

47
00:03:34,980 --> 00:03:36,570
by creating workspaces.

48
00:03:37,290 --> 00:03:39,720
So currently we are into the default.

49
00:03:39,810 --> 00:03:48,660
If, let's say you have to create your own workspace workspaces, you can type workspace space and then

50
00:03:48,660 --> 00:03:52,650
you define, create and define my space.

51
00:03:52,650 --> 00:03:53,130
Let's see.

52
00:03:53,580 --> 00:03:57,540
OK, so the moment you do that, you are in my space.

53
00:03:57,540 --> 00:03:58,170
You see this.

54
00:03:58,800 --> 00:04:02,550
So I'm currently in my workspace workspace.

55
00:04:02,550 --> 00:04:06,180
That's where you organize all your activity and it could be saved as well.

56
00:04:06,600 --> 00:04:15,270
Now, in order to gather my idea, my my intention is to get the email business email addresses for

57
00:04:15,270 --> 00:04:16,980
the target organization.

58
00:04:17,310 --> 00:04:24,360
Let's say I want to get the email business email for maybe Twitter or maybe Tesla.

59
00:04:24,570 --> 00:04:28,610
OK, so for this you have to first add the domain, right?

60
00:04:28,920 --> 00:04:34,110
So if you remember Hunter or some other sites, you have to specify the domain name.

61
00:04:34,830 --> 00:04:41,160
So exactly the same when you first type in DB insert domains.

62
00:04:42,630 --> 00:04:50,910
Once you hit enter, it will ask you to specify the domain name that I specify puter dot com and then

63
00:04:50,910 --> 00:04:54,300
it will ask you to give some description or any details itself.

64
00:04:54,630 --> 00:04:58,140
And once you do that, then it will give you any.

65
00:05:00,510 --> 00:05:12,240
Need the email address or you can also from Twitter, OK, once you hit enter, one rule has been selected.

66
00:05:12,360 --> 00:05:16,870
That means the storming is a part of it on how you can verify showed means.

67
00:05:17,870 --> 00:05:22,460
OK, so this way you get the idea about what are the stuff you have into it.

68
00:05:22,470 --> 00:05:22,680
Right.

69
00:05:23,010 --> 00:05:27,770
And you can even make use of Sugarmann and you can get to know these are the possible stuff.

70
00:05:28,050 --> 00:05:32,730
You can make use of shell companies your contact credentials once you added to it.

71
00:05:32,730 --> 00:05:32,960
Right.

72
00:05:33,300 --> 00:05:37,970
So that this you get more clarity on what exactly you are doing it.

73
00:05:38,430 --> 00:05:38,750
All right.

74
00:05:38,760 --> 00:05:46,640
So let's say I first of all, I need to know about email addresses, the contacts basically.

75
00:05:46,650 --> 00:05:53,040
So for this, what I'll do is basically I'll add a more use for gathering the email addresses.

76
00:05:53,310 --> 00:05:59,510
And for this, I need to add a module which is really needed to to collect those email addresses.

77
00:05:59,530 --> 00:05:59,740
Right.

78
00:05:59,760 --> 00:06:07,500
So I'll make use of modules, load recon, then you can do domains.

79
00:06:07,980 --> 00:06:15,870
You can you can make use of that command to autocomplete contacts and who is right.

80
00:06:16,110 --> 00:06:17,670
So I want you to hit enter.

81
00:06:18,010 --> 00:06:22,680
It has been selected and finally you can executed by Red Command.

82
00:06:23,310 --> 00:06:29,520
Once you hit enter, it will start fetching all this information and you will be amazed to look at it.

83
00:06:29,820 --> 00:06:38,470
It is actually looking at all the who is information to get the email addresses of employees via Twitter.

84
00:06:38,970 --> 00:06:49,080
So this is making use of who is database, who is basically maintains the website information or a website

85
00:06:49,080 --> 00:06:54,080
information of their registrar, which is posted by the registrar.

86
00:06:54,420 --> 00:07:02,730
So every each one of the each one of the, you know, companies will be amazed to know that you get

87
00:07:02,730 --> 00:07:07,680
to see all the business email address of of employees.

88
00:07:08,190 --> 00:07:11,370
But Twitter now, is it some kind of a map?

89
00:07:11,390 --> 00:07:21,500
Is it some kind of different stuff that or, you know, unknown stuff or some sort of magic?

90
00:07:22,260 --> 00:07:28,470
It's not really it just that this tool makes makes the hunting easier.

91
00:07:28,470 --> 00:07:34,020
It just added this tool makes your information gathering job easier.

92
00:07:34,470 --> 00:07:43,650
How exactly that is database called Who is OK, who is maintained by many other organization or I would

93
00:07:43,650 --> 00:07:45,560
say domain providers.

94
00:07:45,780 --> 00:07:48,510
So let me show you what what I'm actually talking about.

95
00:07:48,510 --> 00:07:55,140
If I let it go to you know, I just type who is domain, OK?

96
00:07:55,590 --> 00:07:59,660
And there are many, many information for this site.

97
00:07:59,670 --> 00:08:04,980
Let's say if I make use of GoDaddy, everyone provides that I can as well.

98
00:08:05,250 --> 00:08:14,960
And let's say if I make use of GoDaddy for a while and I again make use of some domain over here, OK?

99
00:08:14,970 --> 00:08:19,140
And if I do search, this will give me information about this domain.

100
00:08:19,470 --> 00:08:26,730
There are Destra information, the registrar who registered the domain on behalf of the users and you

101
00:08:26,730 --> 00:08:34,710
get the information about their registrar registrar organization, you get the name server information,

102
00:08:34,710 --> 00:08:38,250
the domain name Isbel and many other stuff as well.

103
00:08:38,250 --> 00:08:45,930
And they would start immolators to now, just like GoDaddy has got there, who is database, which maintains

104
00:08:45,930 --> 00:08:48,840
the domain information exactly the same way.

105
00:08:48,840 --> 00:08:52,840
There are many, many organizations who maintains the who is database.

106
00:08:53,280 --> 00:08:59,610
Now, this tool is basically reaching out to all those who the information and database where they can

107
00:08:59,610 --> 00:09:08,010
find the email address attached to it, where where there is a customer or customer domain admin or

108
00:09:08,010 --> 00:09:08,430
domain.

109
00:09:08,480 --> 00:09:15,390
It mentioned their company email addresses as well by by for information communication purposes.

110
00:09:15,930 --> 00:09:17,030
For many of the purposes.

111
00:09:17,040 --> 00:09:20,400
It's basically gathering the information which is publicly available.

112
00:09:20,670 --> 00:09:24,990
But this tool making your job easier that you.

113
00:09:25,060 --> 00:09:25,410
Right.

114
00:09:26,340 --> 00:09:28,860
So finally, let's come back to our tool again.

115
00:09:28,860 --> 00:09:32,160
We have got the information about that.

116
00:09:32,340 --> 00:09:34,850
It has processed all the activity.

117
00:09:34,860 --> 00:09:37,100
Now let's let's organize it.

118
00:09:37,110 --> 00:09:43,730
If you want to know what all email address that these activity has completed, you can make use of your

119
00:09:43,740 --> 00:09:46,740
contacts and hit enter.

120
00:09:47,080 --> 00:09:47,610
Lovely.

121
00:09:48,000 --> 00:09:48,450
You see.

122
00:09:48,450 --> 00:09:49,190
Seen the table.

123
00:09:49,380 --> 00:09:50,280
Lovely table.

124
00:09:50,460 --> 00:09:57,450
You get to know their first name, last name, email address and location as per the Who is database.

125
00:09:57,840 --> 00:09:59,520
And this is giving the.

126
00:09:59,590 --> 00:10:05,350
The help of doctors who is going back to this is based on who is going to be, can you similarly make

127
00:10:05,350 --> 00:10:08,070
use of another plugins as well?

128
00:10:08,380 --> 00:10:12,540
Maybe like then bang and many of the search engine modules as well.

129
00:10:12,760 --> 00:10:22,380
And that also be that also be making use of the public publicly available information.

130
00:10:22,390 --> 00:10:22,690
Right.

131
00:10:23,110 --> 00:10:30,070
So this is that is the reason why this is this tool is so powerful, because just with few clicks,

132
00:10:30,370 --> 00:10:37,690
just by knowing this index, you can gather a lot of information without going to multiple sites and

133
00:10:37,690 --> 00:10:45,010
it saves really good, you know, hours of your time while you do the information gathering.

134
00:10:45,160 --> 00:10:45,490
All right.

135
00:10:46,310 --> 00:10:48,340
I hope this was useful for you.

136
00:10:48,690 --> 00:10:49,900
We'll get you in the next one.

137
00:10:49,960 --> 00:10:50,470
Thank you.