Introduction
Basics
- It's trying to find about the maximum amount of information about an organisation passively viz, our presence is not exposed to our target.
- Provides visibility and increases the attack surface
- From defenders' POV, Give insights into how the adversary is going to target us
- Organisations have a lot of data published online (both planned and unplanned). OSINT is the collective representation of this data in an offensive/ defensive manner.

>Data Visualisation And Animation
Flourish | Data Visualization & Storytelling
Animaker, Make Animated Videos on Cloud for free
Knight Lab
Datawrapper: Create charts, maps, and tables
Home
Charts | Google Developers
Powtoon | Create Awesome Videos Yourself
Create Infographics, Presentations & Reports | Piktochart
Tableau Public
Chart Studio
Create Stunning Social Media Graphics for Free
Online Chart Builder - ChartBlocks
Document Metadata Analysis
>Basics
- Metadata means data about the data.
- We can gain a lot of information by analysing the metadata if it's not been removed, giving us a lot of information for carrying out our engagement
- It varies from format to format, but most metadata-rich formats are:
- pdf
- doc, dot and docx
- xls, xlt, xlsx
- ppt, pot and pptx
- jpg and jpeg
- html and html (hidden information)
>Resources
- Fingerprinting Organisation With Collected Archives (FOCA) uses all the Google hacking techniques discussed above to try to identify files and stuff, downloading them, and extracting their metadata to get further information.
dafthack/PowerMeta
ElevenPaths/FOCA
gocaio/goca
- We can use Exiftool to read, write and change metadata (supports recursion and automation)
ExifTool by Phil Harvey
laramies/metagoofil
- We can use the
strings
command to display printable text from a file. It only looks for ASCII by default, but we can change that with -e
switch (l for little endian, and b for big endian), and it looks for four consecutive characters, we can change that through -n
whois Information
>Introduction
- Before registering a domain, we must give certain information to the registrar for identity verification and also so that they can request Digital Certificates on our behalf from the CAs, and also registrars and other such authorities can contact us if need be.