Książki

The skills and tools for collecting, verifying and correlating information from different types of systems is an essential skill when tracking down hackers. This book explores Open Source Intelligence Gathering (OSINT) inside out from multiple perspectives, including those of hackers and seasoned intelligence experts. OSINT refers to the techniques and tools required to harvest publicly available data concerning a person or an organization. With several years of experience of tracking hackers with OSINT, the author whips up a classical plot-line involving a hunt for a threat actor. While taking the audience through the thrilling investigative drama, the author immerses the audience with in-depth knowledge of state-of-the-art OSINT tools and techniques. Technical users will want a basic understanding of the Linux command line in order to follow the examples. But a person with no Linux or programming experience can still gain a lot from this book through the commentaries. This book's unique digital investigation proposition is a combination of story-telling, tutorials, and case studies. The book explores digital investigation from multiple angles: * Through the eyes of the author who has several years of experience in the subject. * Through the mind of the hacker who collects massive amounts of data from multiple online sources to identify targets as well as ways to hit the targets. * Through the eyes of industry leaders. This book is ideal for: Investigation professionals, forensic analysts, and CISO/CIO and other executives wanting to understand the mindset of a hacker and how seemingly harmless information can be used to target their organization. Security analysts, forensic investigators, and SOC teams looking for new approaches on digital investigations from the perspective of collecting and parsing publicly available information. CISOs and defense teams will find this book useful because it takes the perspective of infiltrating an organization from the mindset of a hacker. The commentary provided by outside experts will also provide them with ideas to further protect their organization's data.

Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques

Prologue xxv

Chapter 1 Getting Started 1

Chapter 2 Investigations and Threat Actors 19

Part I Network Exploration 43

Chapter 3 Manual Network Exploration 45

Chapter 4 Looking for Network Activity (Advanced NMAP Techniques) 67

Chapter 5 Automated Tools for Network Discovery 83

Part II Web Exploration 119

Chapter 6 Website Information Gathering 121

Chapter 7 Directory Hunting 143

Chapter 8 Search Engine Dorks 159

Chapter 9 WHOIS 175

Chapter 10 Certificate Transparency and Internet Archives 201

Chapter 11 Iris by DomainTools 221

Part III Digging for Gold 243

Chapter 12 Document Metadata 245

Chapter 13 Interesting Places to Look 267

Chapter 14 Publicly Accessible Data Storage 293

Part IV People Hunting 323

Chapter 15 Researching People, Images, and Locations 325

Chapter 16 Searching Social Media 349

Chapter 17 Profile Tracking and Password Reset Clues 377

Chapter 18 Passwords, Dumps, and Data Viper 407

Chapter 19 Interacting with Threat Actors 433

Chapter 20 Cutting through the Disinformation of a 10-Million-Dollar Hack 453

Epilogue 483

Index 487