Reconnaissance &

OSINT
By Viral Parmar
 Who Am I

@viralparmarhack
Viral Parmar
ComExpo Cyber Security Foundation
Cyber Security Researcher
Mozilla Reps, Mozilla Foundation
Given 700+ session all over the world
Solved 500+case of cyber crime and aware more then
10 lakh people about privacy and security
Motto: Know hAckiNG, but no HaCKing.
CIA Triage
Cyber Security Challenges
• Natural threats
• Physical security threats
• Human threats
• Networks threats
• Host threat
• Application threat
• Information Warfare
• Insider threat
Cyber Threat Landscape
• End Points : Personal Computer, Workstation, Mobile Phone, Remote System
• Server : Cloud server, IAM, database
• IOT devices : smart electronic devices, drone, car
• Smart Grid : Smart city , ICS
• Social Media Accounts
• AI system
• E-Governance
• Network
• Application : Website, mobile app, pc software, E-comm, API
• BFSI
• Human Factor
Attack Vector
• Operating system attack
• Misconfiguration attack
• Application level attack
• Network insecurities
• Poor Encryption
• Software Vulnerabilities
• Weak Password
Threat Vectors
• Malware
• Ransomware
• Social Engineering
• Identity Theft
• DDOS
• APT
• Zero Days
• OSInt
• Sniffing & Scanning
• Lack of Awareness
• Cloud
• Web App
• Wireless and Bluetooth
• Authentication and Authorization
Sniffing & Scanning
Scanning : Attacks that send a variety of requests to computer systems,
often in a brute-force manner, with the goal of finding weak points and
vulnerabilities as well as information gathering.
Example : NMAP tool

Sniffing : Silently observing and recording network and in-server traffic

and processes without the knowledge of network operators.
Example : Wireshark tool
Privilege Escalation
DoS & DDoS
What is Malware
Software that is specifically designed to disrupt, damage, or gain
unauthorized access to a computer system

Malicious Software
APT
• Advanced persistent threats (APTs) : Highly targeted networks or host
attack in which a stealthy intruder remains intentionally undetected
for long periods of time in order to steal and exfiltrate data.

• Example: Deep Panda — an APT attack against the US Government’s Office of

Personnel Management, probably originating from China. A prominent attack in
2015 which compromised over 4 million US personnel records, which may have
included details about secret service staff.

Many smartphone application from foreign countries, which have been banned by
the Government recently.
Zero Days
• Zero-day vulnerability : A weakness or bug in computer software or
systems that is unknown to the vendor, allowing for potential
exploitation (called a zero-day attack) before the vendor has a chance
to patch/fix the problem.
Example :
• In 2016, for example, there was a zero-day attack (CVE-2016-4117) that exploited a
previously undiscovered flaw in Adobe Flash Player.
• In 2017, a zero-day vulnerability (CVE-2017-0199) was discovered in which a Microsoft
Office document in rich text format was shown to be able to trigger the execution of a
visual basic script containing PowerShell commands upon being opened.
Cloud Security
https://www.youtube.com/watch?v=WfYxrLaqlN8
Bluetooth Hacking
IOT Security
End Point Security
Mobile Device Hacking
Smart Car Hack
Drone Hacking
Common Application Vulnerabilities
• Injections
• Broken Authentication
• Broken Access Control
• Security Misconfiguration
• Social Engineering
• Sensitive Data Exposure
National Cyber Infrastructure
ICS
Encryption
Authentication vs. Authorization
Identity & Access Management
• Banks and FIs often use tools like one-time payment, biometrics, passwords
and other modes of authentication to provide security and verify identity
• Various services are accessed via mobile device authentication and
authorization
• Drawback of these methods is that they can often be replicated and become
an entry for hackers to siphon off large amounts of money.
Password Cracking
MITM
DNS Hijacking
Other
• Login attack : Multiple, usually automated, attempts at guessing
credentials for authentication systems, either in a brute-force manner
or with stolen/purchased credentials.
• Account takeover (ATO) : Gaining access to an account that is not your
own, usually for the purposes of downstream selling, identity theft,
monetary theft, and so on. Typically the goal of a login attack, but also
can be small scale and highly targeted (e.g., spyware, social
engineering).
Network Security
Hacking Methodology
Cyber Kill Chain
Reconnaissance
Information vs Intelligence
Information
 Raw, unfiltered data
 Unevaluated when given
 Gathered from every origin
 It may be correct, incorrect, misleading,
inadequate, appropriate, or
inappropriate
 Not actionable
Intelligence
 Prepared, sorted data
 Assessed and translated by a skilled
expert
 Gathered from trustworthy origins and
verified for correctness
 True, convenient, perfect (as possible),
checked for relativity
 Mostly Actionable
OSINT
OSInt Process
Search Engine
Website
DNS
Social Media & Instant Messaging
Facebook WhatsApp
Twitter Telegram
Instagram Signal
Linkedin ChatSecure
Flicker Wicker
Pinterest Discord
Foursquare Facetime
Goodreads Slack
Meetup Flock
Reddit Google meet
VK Line
Tumblr Kik
Twitch MS Team
Vimeo FB Messgener
Youtube Skype
TikTok Snapchat
Github threema
Hashtag, Tags and Location
Dating & Networking Apps
Job Portal
Health & Fitness Record
Blogs and Forums
People Search
Email, Username , Password
Internet Records

File Search
Archive
Shodan
Aviation & Marine time
Radio & TV
Webcams
Meta Data
Sharing & Publishing
Geospatial & Satellite Imagery
Academic
Government Record
Dark Web
Search Engine
Tracking Shodan flight radar carrot2
Alerts
People Search
Social Media
Job sites
MCA
IPindia
Social Mapping Twitter tags mention map
all my tweets tweeps map geochirp trendsmap
https://twitter.com/i/directory/profiles/
https://twitter.com/search-advanced
https://tweetdeck.twitter.com/ geocode:, SearchTerm
https://searchisback.com/
Maltego
Intel Techniques
OSINT Framework
NetCraft
HTTrack
Web Data Extractor
Archive.org
Centralops.net
Exploit DB
GHDB
Threats and Countermeasure
Any
Questions
 Contact Me
[email protected]

Facebook.com/viralparmarhacker
Twitter.com/viralparmarhack

Instagram.com/viralparmarhacker
Linkedin.com/in/viral-parmar

www.viralparmarhacker.com
Stay Connected
+91 8980808222, +91 8866827872 Stay Safe
#LogOutNow