Open Source Intelligence Training
- Most challenges rely on “Google Hacking” skills.
- What worm was responsible for…, What organization is responsible for…, When was…, What version does _____ use….
- Wikipedia is great for these questions!
- Remember to use Ctrl+F to find things easier
- Some challenge require going to specific vendor websites.
- What is sha256sum of Kali Linux 64 bit version 2016.2? https://www.kali.org/downloads/
- Other tools:
- dig
- nslookup
- whois
Other questions are targeted at specific types of OSINT.
- Certificates
- CSR decoder Online
- https://www.sslshopper.com/csr-decoder.html
- https://certlogik.com/decoder/
- CSR in Linux: #openssl req -noout -text -in nameofcsrfile
- Try it: OSNIT 6 – CSR
- CSR decoder Online
- Email rfc – https://tools.ietf.org/html/rfc5322
- Data in Images
- Use Google Reverse Image Search: Upload the image to this site: https://images.google.com/
- Windows:
- Save image to desktop, open in photos and click to view file info
- Save image to desktop, right click and view Properties of file (view details tab)
- Linux: use exif tool
- $exif nameofimagefile
- Chrome or Firefox: download exif viewer
- Web: Use an online tool to upload image and find data