By: Nihad Hassan
February 10, 2022
Research Skills For Cybersecurity Professionals
By: Nihad Hassan
February 10, 2022
As digital transformation continues its rapid move to occupy all aspects of life and business, the volume of digital data generated from daily activities in the digital sphere is increasing at an unprecedented rate. According to bigdataldn, the volume of big data created daily reached 2.5 quintillion bytes in 2020. Furthermore, this number is expected to intensify to reach 175 zettabytes of data in 2025 worldwide, according to a study conducted by International Data Corporation (IDC) and sponsored by hard drive manufacturer Seagate.
Nowadays, most data is created digitally and never finds its way into papers. Two reasons are behind this massive increase in digital content:
- The growing number of Internet of Things (IoT) devices – according to Statista, the number is projected to reach 30.9 billion units by 2025.
- The increased dependence on cloud solutions to store and process business data.
Finding your way inside this jungle of data requires sophisticated searching skills, especially for cybersecurity professionals, who need to utilize internet resources for various purposes. This article will introduce multiple tips for searching online resources effectively.
Defining Internet Research Skills
Web searching skills refer to leveraging web resources efficiently to find relevant information in cyberspace. To become an expert internet researcher, you need to have the following skills.
Use advanced search engines queries to hunt for specific information (such as searching for a particular type of file that contains exact keywords).
Use various web services, such as people search engines and social media online search services, to find relevant information about any entity (individuals and organizations).
Search the deep web using different portals and search tools.
Search the darknets, such as the TOR network, to hunt for Cyber Threat Intelligence resources, such as breached accounts information, and monitor darknet discussions forums to gather threat information.
Evaluate digital resources to determine their accuracy and legitimacy.
Understand the legal implication of collecting some types of information, such as personal information harvested from social media sites (e.g., Facebook and Twitter), or taking advantage of previously breached user's accounts information commonly found on pastebin and data breach websites.
When discussing internet searching in the cybersecurity context, we usually refer to using Open Source Intelligence (OISNT) techniques to find online information.
Advanced Internet Research Techniques
Begin With The Keyword
The first thing you need to decide is the keywords or questions you will search for before starting. For example, when searching for something related to "hackers discussion forums," you should come up with two or three keywords to begin with.
Your terms should be precise; avoid widening your words, so your search engine will return accurate results around your topic or subject.
There are different online services for aiding searchers in finding the right keywords:
To narrow down your search results, you need to use specific search queries, as we will see next.
Use Search Engines Efficiently
Common advanced search operators can be used across Google and Bing to return specific results. First, we will talk about Google's advanced operators because it is widely used.
Use quotation marks ("”) to look for an exact sentence, keyword, or phrase. Example: "Hackers discussion forum"
Use Boolean Operators (OR, AND, NOT). The "OR" operator will return results related to both terms or one of them. Example: job OR vacancy. The "NOT" operator will eliminate everything related to the second one. Example: ransom -ransomware (in this example, we are searching for the word "ransom" but not related to "ransomware" cyber-attacks topic)
The "intitle:" operator will search within web pages titles. Example: intitle:" Facebook data breach" This will return all pages that have the term "Facebook data breach" in their titles (notice we used quotation marks to produce an exact match of the searched phrase).
The "inurl" will look for a specific term or phrase within the page's URL. Example: inurl:ransomware will return all web pages with "ransomware" in their URL.
The "allintext:" operator will search within web pages body text for all searched terms. Example: allintext: wifi hacking tools this search will return all pages that contain any of the searched three terms.
The "filetype" operator will only dig through search for specific file types, such as PDF, DOC, XLS, PPT, and TXT. Example: firstname.lastname@example.org filetype:xsl this search will return all files of type MS Excel that contains the text email@example.com
Use Specialized Web Portals Or Services When Searching For A Specific Subject Or Topic
Although regular search engines, such as Google, Bing, and Yandex, are good to start your search, they may not prove helpful to search resources buried in the deep web. Instead, specialized search portals should be used to find information in the deep web databases.
1. Grey literature (academic resources) 1.1 Academia 1.2 Google Scholar 1.3 ScienceDirect
2. Data Leak Websites– These websites contain information about previous data breaches. For example, you can search for a particular person's name, email, phone number to see if it was exposed in an earlier security breach. 2.1 have i been pwned? 2.2 leak-lookup 2.3 weleakinfo
A comprehensive list of data breaches websites can be found at: https://osint.link/#leak
3. Due diligence information 3.1 Annual Reports: Contains thousands of annual records from 9,180 companies worldwide. 3.2 Reportlinker 3.3 U.S. Securities and exchange commission 3.4 Open corporates: The largest open database of companies in the world 3.5 Manta: Business directory for U.S businesses
4. Internet Of Things (IoT) devices search engines 4.1 Shodan 4.2 Censys 4.3 AirportWebcams.net – live airport webcams from around the world
5. Viral records 5.1 Deathindexes - online searchable death indexes and records 5.2 Familysearch - united states social security death index
Image And Reverse Image Search
Sometimes we may have an image, for example, taken from a social media profile, and we want to know the source or the other web locations where this image appears. Reverse search images can help with this task.
- Google image search
- Bing visual search
- Reverseimagesearch – search multiple search engines at once
File search engines
If you do not like using the "filetype" search operator in Google, there are specialized online services for searching specific file types:
Searching The Darknet
The most popular dark web network is the TOR network. Unlike ordinary internet that can be searched using regular search engines, the same does not apply when searching the TOR network. Some specialized search engines try to index some content of the TOR darknet. The following list the most popular ones:
- Onion Search Engine
- The Uncensored Hidden Wiki
Remember, you need to use the TOR Browser to access websites hosted on the TOR network. You can download it from: https://www.torproject.org/download
Tools To Help You Organize Your Internet Searching
The web is vast; it contains billions of web pages that grow each moment. Therefore, organizing your web search is critical to avoid missing your search finding. The following tools help organize internet searching results.
Evernote: A helpful tool for taking notes and organizing web search results in addition to other features, such as managing projects and setting schedules.
Xmind: Create a mind map to aid in planning and organizing your web search.
Start.me: A personalized start page. It can be used as a portable web bookmarking tool.
Google Alerts: Free online content detection and notification service.
Tweetdeck: Managing and searching within Twitter accounts using a unified dashboard.
1clipboard: A clipboard management application works on both Windows and Mac. It allows synchronizing your clipboard with different devices.
Zotero: A free tool for collecting, organizing, citing, and sharing research.
KeePassX: Keep all your login credentials in one safe location.
OSINT web browser addons 9.1 Internet history: The official Chrome extension of the Wayback Machine 9.2 EXIF Viewer Pro: View EXIF images metadata information 9.3 IP Address and Domain Information: Extract technical information about every IP Address, Domain Name, and Provider 9.4 Vulners Web Scanner: Scan websites for vulnerabilities based on the vulners.com vulnerability database.
The internet provides us with a vast volume of information readily available at our fingertips. However, finding our way in this massive network of data requires having adequate search skills to:
- Finding the needed information
- And then organizing our findings to use them in a helpful context.
This article introduced readers to different web searching skills that can aid them during their job, especially for cybersecurity job roles.