.

Information / Intelligence Gathering

<<

pizza1337

Full Member
Full Member

Posts: 156

Joined: Mon Mar 08, 2010 5:29 pm

Post Tue Mar 16, 2010 1:02 pm

Information / Intelligence Gathering

Information / Intelligence Gathering.

This post is going to be about information gathering. Its one of the important things. You want to know what you are going up against.

Information about location, building, and etc...
Google Maps and Google streets.(1)
Local government office might have building blueprints.

Network(IP, AP, Servers, Software, OS's, and etc...) Information
WiGLE//great resource, has map of wireless AP's(2)
Network-Tools.com//ping, traceroute, and other stuff.(3)
Geobytes IP Locatior//shows location, and other things about the location(4)
DNSStuff//just what it sounds line(5)
Geektools//hotspot list(not good as WiGLE), Traceroute, Whois(6)
Robtex//Lots of tools on there(7)
Traceroute.org//you can traceroute from different places.(8)
NetCraft//Finds information about the server(9)
SamSpade//whois(10)
dnssy.com//dns stuff..(11)
centralops.net//lots of tool on there.(12)
serversniff.de//lots of tools on here too(13)
web-sniffer.net//gets information about webserver(header, etc..)(14)
yougetsignal.com//great things here too.(15)
Maltego//can be used too.(16)
Shodan//good stuff.(26)
Shodan Queries//(28)
FOCA//it searches webz for files(pdfs,docs, etc..) tells you usernames, software names, and other things.(34) Backtrack also has tools included similar to this.

Tools
Nmap, Hping..just download backtrack open menu, go to backtrack > Network Mapping > All. ;) (17)


// You can also use tor with nmap http://pauldotcom.com/2009/08/scanning- ... twork.html

Individual(Names, Emails, Social Networks, Phone Numbers, and etc...) Information
White Pages(18) / Yellow Book(19)//
Google(20)
Pipl.com(21)
123People.com(22)
Maltego(16)
tracksomebody.com(23)
Snoopstation.com//free background checks(35)

Information about a company
Google Maps.//It sometimes gives you phone numbers, websites, names, with map.(1)
Job websites.//they want to hire people so they will put some information there, it might be useful when social engineering.
Google.//use your Google-fu(google hacks).(24-25)
Maltego//
Snoopstation.com//free background checks(35)
TheHarvestor//its in backtrack, it gets lots of emails by searching google and other places.
abika//network stuff, and phone and email stuff.


Going to another level
Drive-by//Get kismet or netstumbler running and drive by their building see whats in the air.
Email//Email them, when you get reply check the headers for internal IP.
Parked car in front of the building, and using their wireless//now you can gather information about internal network.
Fake ID(32)//very useful.
Social Engineering(33)//also very useful and good to know.

Organizing
Onenote(27)//Microsoft product, not free.
Evernote(29)//Similar to Onenote, but free and works on everything but Linux
Leo(30-31)//Small program for making outlines.

Links
1, maps.google.com
2, wigle.net
3, Network-Tools.com
4, http://www.geobytes.com/iplocator.htm
5, www.dnsstuff.com
6, www.geektools.com
7, www.robtex.com
8, Traceroute.org
9, www.netcraft.com
10, www.samspade.org
11, dnssy.com
12, centralops.net
13, serversniff.de
14, web-sniffer.net
15, yougetsignal.com
16, www.paterva.com/web4/index.php/maltego
17, backtrack-linux.org
18, www.whitepages.com
19, www.yellowpages.com
20, www.google.com
21, pipl.com
22, 123people.com
23, tracksomebody.com
24, http://www.hackersforcharity.org/ghdb/
25, http://pentestit.com/google-dorks/
26, http://www.shodanhq.com/
27, http://office.microsoft.com/en-us/produ ... 91033.aspx
28, http://pentestit.com/shodan-queries/
29, www.evernote.com
30, http://sourceforge.net/projects/leo/
31, http://www.offensive-security.com/video ... roller.swf
32, http://www.fakenamegenerator.com/
33, http://www.social-engineer.org/
34, http://www.informatica64.com/DownloadFOCA/
35, Snoopstation.com

If i have mistakes correct me, I am human.
Please add more.

EDIT: https://addons.mozilla.org/en-US/firefo ... 3308&nbsp; good addon.
Last edited by pizza1337 on Tue Mar 16, 2010 1:27 pm, edited 1 time in total.
Knowledge Resource is Power.
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Tue Mar 16, 2010 1:18 pm

Re: Information / Intelligence Gathering

Pizza - This is a good list, there a few I didn't know about in there.

I have a full mindmap of my OSINT process, would you guys like see?
<<

pizza1337

Full Member
Full Member

Posts: 156

Joined: Mon Mar 08, 2010 5:29 pm

Post Tue Mar 16, 2010 1:22 pm

Re: Information / Intelligence Gathering

Jhaddix wrote:Pizza - This is a good list, there a few I didn't know about in there.

I have a full mindmap of my OSINT process, would you guys like see?


Yep
Knowledge Resource is Power.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Mar 16, 2010 1:28 pm

Re: Information / Intelligence Gathering

Nice list, pizza1337.

Jhaddix wrote:Pizza - This is a good list, there a few I didn't know about in there.

I have a full mindmap of my OSINT process, would you guys like see?


Sure, much appreciated. :)
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Tue Mar 16, 2010 2:00 pm

Re: Information / Intelligence Gathering

When i get home ill put it up and we can all trade notes =)
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Wed Mar 17, 2010 5:07 am

Re: Information / Intelligence Gathering

good list pizza!

i see some things i recognize from the http://www.vulnerabilityassessment.co.uk/ framework.

another one is the http://www.isecom.org/osstmm/ Open Source Security Testing Methodology Manual.

i'd love to exchange notes, but all i have are some notes from the CEH training, but nothing in there worth of sharing ;)
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

pizza1337

Full Member
Full Member

Posts: 156

Joined: Mon Mar 08, 2010 5:29 pm

Post Wed Mar 17, 2010 8:29 am

Re: Information / Intelligence Gathering

j0rDy wrote:good list pizza!

i see some things i recognize from the http://www.vulnerabilityassessment.co.uk/ framework.

another one is the http://www.isecom.org/osstmm/ Open Source Security Testing Methodology Manual.

i'd love to exchange notes, but all i have are some notes from the CEH training, but nothing in there worth of sharing ;)


Share it anyway, i have no training, ill learn something from it.

btw, very nice link, i never knew about them.
Knowledge Resource is Power.
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Thu Mar 18, 2010 3:23 am

Re: Information / Intelligence Gathering

i'd have to digitalize them first. there all on paper. some things i remember that are on there are the most common ip ports, ip ports of common rootkits (deep throat, masters paradise, netbuster etc.) and some wireshark command options. ill see if i can make a nice selection and post them here...
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

hackertarget

Newbie
Newbie

Posts: 2

Joined: Mon Feb 07, 2011 7:55 pm

Post Mon Feb 07, 2011 7:59 pm

Re: Information / Intelligence Gathering

We have a new intelligence gathering project up and running.

http://www.dnsdumpster.com - dumpster dive a domain and get a bunch of information.

Hope someone finds it useful. The aim is to provide a quick and easy technical overview of a domain and related systems. Uses various methods to collect the information.
HackerTarget.com
Online Security Tools

Return to Tools

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software