Category: osint

Mining for OSINT gold: RIR data via API

This is a guest post by David Mashburn (@d_mashburn, https://www.sans.org/instructors/david-mashburn), Certified SANS Instructor and cyber ninja! OSINT isn't just about doing pre-attack recon. It is often leveraged by defenders as part of the incident response and investigation process. One of the most common applications of OSINT for a defender is to perform lookups on available... Continue Reading →

Shodan and DOUBLEPULSAR / WannaCry

What is WannaCry? In March 2017, Microsoft issued the MS17-010 bulletin (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx) patching (and warning) of a broad set of vulnerabilities in many of its operating systems from Windows XP to Windows 10 and 2016. This vulnerability could be exploited via the DOUBLEPULSAR attack released by ShadowBrokers and supposedly attributed to the NSA. For more... Continue Reading →

WhatsMyName Project

What Is It? I've created the WhatsMyName project on Github (https://github.com/WebBreacher/WhatsMyName) to help with #OSINT searches by using target user names. Here's how it works: We understand that people use the same username across multiple web sites. For example, I am "WebBreacher" on both the Github and BitBucket web sites. Some web sites make it... Continue Reading →

My 3 Favorite OSINT Videos

There are three quick and impactful videos that I like pointing people towards when they ask about how their personal data can be used against them. All are free on YouTube. Enjoy! Data to Go https://www.youtube.com/watch?v=_YRs28yBYuI   https://www.youtube.com/watch?v=_YRs28yBYuI Amazing mind reader reveals his 'gift' https://www.youtube.com/watch?v=F7pYHN9iC9I https://www.youtube.com/watch?v=F7pYHN9iC9I   See how easily freaks can take over your... Continue Reading →

A WordPress.com Website.

Up ↑

%d bloggers like this: