HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 38 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow General Certificationarrow Information Gathering
EH-Net
May 19, 2013, 08:36:46 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Information Gathering  (Read 5003 times)
0 Members and 1 Guest are viewing this topic.
Determ
Newbie
*
Offline Offline

Posts: 23


View Profile
« on: October 01, 2010, 06:51:34 AM »
Hello.

I haven't noticed any course or book about only information gathering (infrastructure & personal data). Also there is some non-official classes of penetration expertises (like exploits development, social engineering, malware analysis, forensics, wireless, etc.). Why is not Information Gathering a class for itself?
Logged
ajohnson
Recruiters
Hero Member
*
Offline Offline

Posts: 1057


aka dynamik


View Profile WWW
« Reply #1 on: October 01, 2010, 08:52:50 AM »
Do a search for open source information gathering. There's a ton of resources already available. Chris Gates has a good presentation that's an overview of a lot of the tools that are out there. Google Hacking by Johnny Long is an excellent written resource. Most ethical hacking/penetration testing books contain recon chapters that adequately cover common tools and techniques.
Logged
WIP: GCFA | www.infosiege.net | @infosiege

The day you stop learning is the day you start becoming obsolete.
dante
Jr. Member
**
Offline Offline

Posts: 58



View Profile
« Reply #2 on: October 01, 2010, 08:57:11 AM »
Information Gathering is a vital part of penetration testing and is covered in detail in good security books(Hacking exposed ?) and in good security courses(OSCP?).. I admit that I dont know a book dedicated to information gathering.. But if you are looking for advances in this area you should probably start with Chris Gates presentation on open source intelligence gathering at brucon...

Update
@dynamik damn you are fast ...
« Last Edit: October 01, 2010, 09:06:40 AM by dante » Logged
ziggy_567
Sr. Member
****
Offline Offline

Posts: 361


View Profile
« Reply #3 on: October 01, 2010, 09:44:00 AM »
Check out SANS 550 - Information Reconnaissance: Competitive Intelligence and Online Privacy. It is a one day class that talks about nothing but recon.

There's even a review on EH-Net:

http://www.ethicalhacker.net/content/view/284/2/
Logged
--
Ziggy


eCPPT - GSEC - GCIH - GCUX - RHCE - SCSecA - Security+ - Network+
Determ
Newbie
*
Offline Offline

Posts: 23


View Profile
« Reply #4 on: October 04, 2010, 05:49:19 AM »
Googling with "Open Source IG" has given me lots of results. It kept me busy for weekend.  Cool

Before posting I was wondering how to go "beyond" information gathering, since I'm doing OSCP and already saw Chris Gates presentation.

So thanks for replies, they have given me more to work on.
Logged
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #5 on: October 04, 2010, 09:09:48 AM »
There's a good chapter about Information Gathering in The Penetration Testers Open Source Toolkit vol. 2 (book).

Tactical Exploitation by Valsmith and HD Moore has a good part too:
http://blog.attackresearch.com/publications/hdmoore_valsmith_tactical_paper.pdf

And of course: Information Gathering with MaXe - Part 1 (video):
http://www.youtube.com/watch?v=1nd6vAz4SOw

That's just a few resources to get you started  Wink



Best regards,
MaXe
Logged
I'm an InterN0T'er
COm_BOY
Full Member
***
Offline Offline

Posts: 129


LivinG DeaD


View Profile
« Reply #6 on: October 12, 2010, 11:56:05 AM »
do try Maltego v3 Community Edition ...... its awsome
Logged
It has become appallingly obvious that our technology has exceeded our humanity.
Determ
Newbie
*
Offline Offline

Posts: 23


View Profile
« Reply #7 on: October 17, 2010, 06:54:35 AM »
I have tried Maltego V3, great tool.

One questions: Is it possible to get a good book which will teach python from basic, but has to be focused more on python scripting for data, text and web mining?
Logged
COm_BOY
Full Member
***
Offline Offline

Posts: 129


LivinG DeaD


View Profile
« Reply #8 on: October 17, 2010, 03:26:57 PM »
Quote from: Determ on October 17, 2010, 06:54:35 AM
I have tried Maltego V3, great tool.

One questions: Is it possible to get a good book which will teach python from basic, but has to be focused more on python scripting for data, text and web mining?


Cant say much on that , check out amazon.com and check the comments of readers . Along with that do check out LinuxCBT Python Programing edition ( Video Training ) . I dont think its that expensive .
Logged
It has become appallingly obvious that our technology has exceeded our humanity.
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.06 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.