OSINT Open Source Intelligence
Students are asked to perform reconnaissance on a website using open source tools. During the assignment you are asked to detail the following:
What investigation method are you using and why?
What type of information do you hope to obtain using each of the methods?
In case you cannot find the information you are looking for, please try to
describe briefly why this information could be important to you…
Please provide a description of tools and search methods you have been using
e.g. search queries, configuration options, etc. – the amount of information provided should be sufficient for others to reproduce your results.
When conducting your analysis using Open Source Intelligence (OSINT), please try to establish the following:
information about IP address ranges related to the organization
DNS enumeration
List of internal email addresses
software used by the organization
Previous breaches
Any vulnerabilities which may be present in the IT infrastructure
Assess if the organization was subject to the data breach of any other cybercrime.
IP Address range (check if active with ping)
Email Server (match to pastebin.com)
Operating System Type (use finger)
Hosting Provider
Staff member’s Phone Numbers, personal details, email addresses
Removed web pages use Google cache
Scenario
You have just joined a Dublin-based cyber-security company and you are about to assist one of the engineers with the preparation of a security audit for a client who requires an OSINT report on their company. You have been asked to establish what digital footprint, important to security audit, can be obtained using an open-source intelligence technique.
Choose one from the following two target company websites below:
www.supermacs.ie or www.apache.ie
Hint: As a starting point you could.
Use the following tools in Windows:
Ping
Tracert
Nslookup , (switches) mx, ptr, ns, A, txt
Dnslookup
Use the following tools in Kali Linux:
NMAP
DIG
Nikto
Whois
netcraR
—————————————————————————
In your findings you should detail how you acquired your informaion, what tools you used and why, and detail what information you deem as important.
Your work should use appropriate academic referencing/crediting of supporting research materials and resources.