OSINT Open Source Intelligence

 

Students are asked to perform reconnaissance on a website using open source tools. During the assignment you are asked to detail the following:

 What investigation method are you using and why?

 What type of information do you hope to obtain using each of the methods?

 In case you cannot find the information you are looking for, please try to

describe briefly why this information could be important to you…

 Please provide a description of tools and search methods you have been using

e.g. search queries, configuration options, etc. – the amount of information provided should be sufficient for others to reproduce your results.

 

When conducting your analysis using Open Source Intelligence (OSINT), please try to establish the following:

 information about IP address ranges related to the organization

 DNS enumeration

 List of internal email addresses

 software used by the organization

 Previous breaches

 Any vulnerabilities which may be present in the IT infrastructure

 Assess if the organization was subject to the data breach of any other cybercrime.

 IP Address range (check if active with ping)

 Email Server (match to pastebin.com)

 Operating System Type (use finger)

 Hosting Provider

 Staff member’s Phone Numbers, personal details, email addresses

 Removed web pages use Google cache

 

Scenario

You have just joined a Dublin-based cyber-security company and you are about to assist one of the engineers with the preparation of a security audit for a client who requires an OSINT report on their company. You have been asked to establish what digital footprint, important to security audit, can be obtained using an open-source intelligence technique.

Choose one from the following two target company websites below:

www.supermacs.ie or www.apache.ie

 

Hint: As a starting point you could.

Use the following tools in Windows:

Ping

Tracert
Nslookup , (switches) mx, ptr, ns, A, txt

Dnslookup

Use the following tools in Kali Linux:

NMAP

DIG
Nikto

Whois

netcraR

—————————————————————————

In your findings you should detail how you acquired your informaion, what tools you used and why, and detail what information you deem as important.

Your work should use appropriate academic referencing/crediting of supporting research materials and resources.

 

This question has been answered.

Get Answer