Threat Intelligence: Collect Data and Understanding Incomes
Threat Intelligence: Collect and Buy Data
Our next step is to collect data without analyzing it when it comes to cyber threat intelligence after we fulfilled the responsibilities to collect data.
Collect Data with Open Source Intelligence (OSINT)
OSINT stands for open source intelligence, which refers to any information that can legally be gathered from free, public sources about an individual or organization. In practice, that tends to mean information found on the internet, but technically any public information falls into the category of OSINT whether its books or reports in a public library, articles in a newspaper or statements in a press release.
OSINT also includes information that can be found in different types of media, too. Though we typically think of it as being text-based, information in images, videos, webinars, public speeches and conferences all fall under the term.
What is OSINT Used For?
By gathering publicly available sources of information about a particular target an attacker or friendly penetration tester can profile a potential victim to better understand its characteristics and to narrow down the search area for possible vulnerabilities. Without actively engaging the target, the attacker can use the intelligence produced to build a threat model and develop a plan of attack. Targeted cyber attacks, like military attacks, begin with reconnaissance, and the first stage of digital reconnaissance is passively acquiring intelligence without alerting the target.
Gathering OSINT on yourself or your business is also a great way to understand what information you are gifting potential attackers. Once you are aware of what kind of intel can be gathered about you from public sources, you can use this to help you or your security team develop better defensive strategies. What vulnerabilities does your public information expose? What can an attacker learn that they might leverage in a social engineering or phishing attack?
Some OSINT Tools, Techniques and Resources
One of the most obvious tools for use in intelligence gathering is, of course, web search engines like Google, Bing and so on. In fact, theres dozens of search engines, and some may return better results than others for a particular kind of query. The problem is, then, how can you query these many engines in an efficient way?
A great tool that solves this problem and makes web queries more effective is Shodan. Shodan, is also a search engine, but one designed specifically for IoT devices. It scours the invisible parts of the Internet most people wont ever see. Any connected device can show up in a search, including:
Servers
Printers
Webcams
Traffic lights
Security cameras
Control systems
Arama Motorları ile Veri Toplama
Search engines, theyre great. They are the road map to the Internet and after your router and ISP are the most important feature of web surfing. They help us find what we want on the Internet, where to go, which websites and the best thing is, you dont have to know exactly what you want or exactly where you want to go. A general sort of knowledge, a simple word or phrase, is all it takes. The Internet would certainly function without search engines as we know them today but it would be a lot different.
Along with the ability to find and direct you to the information and websites that you want search engines provide many other services. One of them being advertising and more specific a targeted kind of advertising that delivers content directly to the demographic most likely to be interested. Pretty amazing if you think about but also pretty scary when you consider how they do it. By keeping track of you, who you are, what kind of person you are, what you like, the websites youve visited in the past and just about every other piece of information that exists about you on the web.
Gathering Data with Advanced Google Search
site:
Limit your search to a single site.
p.s: If you put dot (.) in front of website, it'll show subdomains as well.
for example: site:.google.com
for example: site:google.com
intitle:
Intitle tells Google that you only want results where pages include the search term in their **** title tag. This operator helps you understand how many pages target a particular search phrase.
Örnek: intitle:apple
inurl:
Like with Intitle & Intext, Google will only return results where the search words are included in the URL. This will often drastically reduce search volume and can be handy for finding potential direct competitors.
Örnek: inurl:apple
intext:
Intext tells Google that you want results where the text appears in the body of the page. (If the text appears in the title, but not the body text, it wont be returned as a result. Since it virtually functions the same as a normal Google result, there arent many advanced uses.
Örnek: intext:apple
Source: https://www.turkhackteam.org/sosyal...rati-veri-toplama-ve-kazanclarini-anlama.html
Translator: R4V3N
Moderatör tarafında düzenlendi: