1 00:00:00,060 --> 00:00:01,560 All right, welcome back, everyone. 2 00:00:01,590 --> 00:00:08,610 This is his mission, and this mission is about finding and discovering the e-mail addresses of the 3 00:00:08,790 --> 00:00:13,250 dogged network or to the dogged domains. 4 00:00:13,920 --> 00:00:18,300 So understand, this finding email address is very, very important. 5 00:00:18,300 --> 00:00:28,350 But because if you get the right email address or if you get the even valid email address of anyone 6 00:00:28,350 --> 00:00:37,470 in the target organizations, it would be easy to launch an efficient campaign in which has the highest, 7 00:00:37,470 --> 00:00:43,180 most success rate for compromising the target better than anything is right. 8 00:00:43,950 --> 00:00:50,100 So let's see how we can make use of Rickon energy for the same purpose. 9 00:00:50,320 --> 00:00:55,590 And you will be amazed to know that it's going to work just awesome. 10 00:00:55,890 --> 00:00:56,220 All right. 11 00:00:56,230 --> 00:00:57,210 So let's get started. 12 00:00:58,080 --> 00:01:09,300 OK, so will launch terror attack machine and we are looking it and again, will launch the attack on 13 00:01:09,300 --> 00:01:09,690 energy. 14 00:01:09,700 --> 00:01:18,720 And yes, in the U.S., you might have noticed the Marines were already installed because I have because 15 00:01:18,720 --> 00:01:20,670 I have reinstalled my Kelly. 16 00:01:21,090 --> 00:01:24,180 So you could see the Marines are not present. 17 00:01:24,890 --> 00:01:36,660 What are you could do is basically you can do a marketplace install and this would start the installation 18 00:01:36,660 --> 00:01:38,120 of all the packages. 19 00:01:38,430 --> 00:01:45,390 And this is what you would see very first time when you launch your recon engine. 20 00:01:45,600 --> 00:01:47,640 OK, and that's the time. 21 00:01:48,480 --> 00:01:52,550 That's the that's the time when you don't have any more news in the system. 22 00:01:52,980 --> 00:01:59,490 And this time in order to get all the more required modules, you have to make use of the marketplace 23 00:01:59,820 --> 00:02:01,050 installed on. 24 00:02:01,230 --> 00:02:04,110 And this would start installing all the packages. 25 00:02:04,860 --> 00:02:13,620 And once that is get ready, then you can actually go ahead and, you know, launch the campaign. 26 00:02:18,570 --> 00:02:18,800 Correct. 27 00:02:19,080 --> 00:02:20,650 So it might take some time. 28 00:02:20,850 --> 00:02:24,270 So till then, we can hold it for now. 29 00:02:24,270 --> 00:02:27,440 And Wilkening once said get get it done. 30 00:02:38,430 --> 00:02:40,440 All right, so it's all done. 31 00:02:40,620 --> 00:02:49,260 The packages are in stone and you see, well, now you go ahead and you know, you see all the modules 32 00:02:49,260 --> 00:02:52,760 you will definitely find on the monitors available. 33 00:02:53,010 --> 00:02:55,940 So let's see if they have modules and load. 34 00:02:56,430 --> 00:02:58,080 And if I do. 35 00:02:59,940 --> 00:03:01,700 And if I do, yeah. 36 00:03:02,280 --> 00:03:05,910 You can see all the monitors are already being present on the system. 37 00:03:05,940 --> 00:03:15,090 OK, so now let's first insert our target in order to launch the elastic module to gather all the email 38 00:03:15,090 --> 00:03:18,900 addresses of the target list first inside the door. 39 00:03:19,140 --> 00:03:22,550 So the insert and the domain. 40 00:03:23,700 --> 00:03:28,220 Now you defined the domain and what we can actually use. 41 00:03:28,740 --> 00:03:34,080 Can we use any recognized domain Bedazzler, Twitter, Yahoo dot com? 42 00:03:34,950 --> 00:03:38,400 I would say yes, because there's nothing wrong. 43 00:03:38,400 --> 00:03:43,020 I mean, we are not making use of any malicious threat vector or something. 44 00:03:43,030 --> 00:03:48,490 We are basically making use of open source tool, which is freely available on the browser as well. 45 00:03:48,510 --> 00:03:59,490 So let's say if we if you make use of Twitter, Twitter, dot com for gathering and give any notes gathering 46 00:04:00,060 --> 00:04:03,800 e-mail addresses, you're done. 47 00:04:04,080 --> 00:04:05,700 Now let's load the module. 48 00:04:05,750 --> 00:04:16,470 So in this case, they have to load remodelers so modules or Rickon and then the modules to let's say, 49 00:04:16,470 --> 00:04:17,520 let me give you the DAP. 50 00:04:17,940 --> 00:04:20,360 So which one are we going to actually use? 51 00:04:20,610 --> 00:04:27,660 So we'll have to make use of domain host and who else? 52 00:04:28,110 --> 00:04:30,360 And that's what we are going to do. 53 00:04:31,020 --> 00:04:34,380 We need to find the contacts which are related to the domain. 54 00:04:34,390 --> 00:04:44,130 So all the email addresses, the e-mail addresses are of the dominant server like the dot com John and 55 00:04:44,130 --> 00:04:46,890 the right to the dot com and all the stuff. 56 00:04:46,890 --> 00:04:47,130 Right. 57 00:04:47,140 --> 00:04:50,790 So so domain contact still in contact. 58 00:04:50,850 --> 00:04:51,760 OK, here we go. 59 00:04:52,330 --> 00:04:53,590 This is what we are looking for. 60 00:04:53,670 --> 00:04:54,750 So the domains. 61 00:04:57,790 --> 00:05:03,560 Contact and then who is right? 62 00:05:03,970 --> 00:05:06,760 So that's done now the model has been set up. 63 00:05:06,940 --> 00:05:10,350 Let's run the run this morning and let's see how it looks. 64 00:05:10,360 --> 00:05:10,570 Right. 65 00:05:11,170 --> 00:05:17,920 It might take some time to gather all the e-mail addresses required and it might take some pauses. 66 00:05:17,950 --> 00:05:18,970 Oh, yeah, it's done. 67 00:05:19,360 --> 00:05:26,230 Now, let's once it is done, in order to see earlier in order to check out the host, we have made 68 00:05:26,230 --> 00:05:28,960 use of so hote straight. 69 00:05:29,260 --> 00:05:34,450 But in this case, because we are looking for contacts with have to type two contacts. 70 00:05:36,490 --> 00:05:37,120 Lovely. 71 00:05:37,450 --> 00:05:38,230 You can see. 72 00:05:38,570 --> 00:05:40,720 Oh let me maximize the window. 73 00:05:41,770 --> 00:05:41,980 Yeah. 74 00:05:42,190 --> 00:05:46,540 So you could see all the contacts of the folks. 75 00:05:48,250 --> 00:05:55,850 These are names, their last name, email address and the location as well. 76 00:05:56,380 --> 00:05:56,770 Right. 77 00:05:56,790 --> 00:06:00,340 So it is that quick and that that one of them. 78 00:06:00,540 --> 00:06:06,670 OK, this is something which is being available on the open source platform. 79 00:06:06,670 --> 00:06:11,680 Maybe, maybe and faced by the you know, who is Look-Up it. 80 00:06:12,280 --> 00:06:22,120 So these might be and deal of the advent of Twitter because what basically happened is it make use of 81 00:06:22,120 --> 00:06:25,620 whois lookup database to get the information about it. 82 00:06:25,630 --> 00:06:25,960 Right. 83 00:06:26,950 --> 00:06:32,830 We can also make use of other other sources as well, Google and other stuff, in order to get those 84 00:06:32,830 --> 00:06:35,310 contacts to better. 85 00:06:35,350 --> 00:06:38,310 And I can assure you that money is low. 86 00:06:39,520 --> 00:06:43,910 And let me show you that. 87 00:06:44,530 --> 00:06:49,330 So if I do that, you could see the reason we are looking for domains to contact you. 88 00:06:49,570 --> 00:06:52,480 So you can see we have domain to contact. 89 00:06:52,510 --> 00:06:57,460 One option is Hunter Dot, Hunter IO, which we can also make use of it. 90 00:06:57,940 --> 00:07:01,090 We can also make use of WikiLeaks. 91 00:07:01,540 --> 00:07:07,430 That means it will also fetch the email address, which has been available on WikiLeaks. 92 00:07:07,470 --> 00:07:07,900 Right. 93 00:07:08,230 --> 00:07:15,100 So we can get to know if those has been linked to somewhere we can possibly get more information about 94 00:07:15,100 --> 00:07:15,200 it. 95 00:07:15,940 --> 00:07:23,050 Also, we can even get to know about if there is any -- list, which is if any of the any of the email 96 00:07:23,050 --> 00:07:30,760 addresses had been compromised or has been has been involved into any data breaches, maybe Facebook, 97 00:07:30,760 --> 00:07:37,610 LinkedIn or something where the passwords may also be or hashes of those passwords may also be available. 98 00:07:38,170 --> 00:07:41,440 This is just about making use of the open source platform. 99 00:07:41,720 --> 00:07:42,840 Nothing really special. 100 00:07:42,850 --> 00:07:45,900 It just that it makes your job pretty easier. 101 00:07:46,210 --> 00:07:50,030 But if you've gone into I hope you like the session we got you in the next one. 102 00:07:50,140 --> 00:07:50,620 Thank you.