2.10 Leveraging OSINT Part 2

00:03

Every day we hear about leaks and breaches, so it no longer a question off. If this going to happen now, it's question off. When is it going to happen?

00:15

Cos maybe victims off successful intrusion or successful credential stuffing attack, for example, attack off validation of certain dump off e mails and passwords against a certain websites.

00:32

This attack is based on password to use. For instance, you can easily verify if any male is compromised in one or more breaches using tools like Have I been phoned? Gust project. They hashed, but also some of the threat actors may publish.

00:50

They're dumps in what based been website or other based websites.

00:56

So monitoring your accounts through these platforms can help you stay alert. It's so that you can update your passwords before being abused.

01:06

Another example off a scent that I believe it's worth mentioning is called Google Dorks. Google offers hacks or most appropriately called dorks, that are very useful to look for specific types of data.

01:21

Well, Doris, basically our query that's used advanced search operators to find information that's not readily available on our website. As a use case explaining the Google doors I took the example off search term side call an example that come file type

01:40

pdf So here we are going to look for

01:42

PdF files containing a search term available. All the website called example that you can find fullest off Google dorks in the link mentioned on this slight to explain in more detail eins the Google Dorks. We're going to search

02:00

for a term passwords within a certain website.

02:04

We took the example off Trail, a website, which is a project management platform where users can create boards, toe, organize their projects and assign tasks to their team members. So to look for password on trial. Oh, we are using the search password

02:23

side. Kahlan Trela dot com,

02:25

for instance, Trail oh offers a boars that people usually make open so that they don't have to grant access each time there is a new member to join the board. So this is not a problem as long as there is nothing sensitive shared their. However, it turns out that a lot of people

02:46

for gether these boards are open and publicly available,

02:50

and sometimes they even share passwords, tokens, email addresses and other sensitive data. Following the example, we looked for the term password all the site, uh, travel dot com. And we really found people who are sharing

03:07

passwords or credentials on public trail oh, boards.

03:10

And of course, these passwords are hidden on the slides because this course is made for educational purpose and we want to raise awareness about the danger off publicly sharing sensitive data just with the assumption that no one is looking there.

03:27

This example can summarize how ascent can be leveraged, buy threat actors

03:31

and, at the same time, security professionals.

03:36

This is how threat actors can find sensitive information or confidential information publicly available through, ah, using Greek and simple techniques like Google Torques showed on son, says et cetera. And this is how companies can also leverage Ossan

03:55

in order to find and identify

03:58

their weaknesses and be aware off their attack surface.

04:02

Before summarizing this lesson, I have some recommendations to share with you. So first, just in case you remember sharing any credentials on a publicly available service, probably trowel Oh, gee era, even get top or something similar. I highly recommend you satin your credentials immediately.

04:23

The same thing I highly recommend visiting websites like Have I been Poland or the hash

04:28

just a very far if your credentials were part off. Previous breach. Also, if you are using websites or service, is like trail O M E mais scripts, crazy et cetera. I highly recommend a sets in the privacy off your documents or your boards

04:47

to private or only available for certain people

04:50

to avoid any sensitive data being leaked on the Internet.

04:56

Just don't assume that there is no one looking there. There are threat actors looking there with malicious intent. Also, I highly recommend changing the default configuration off you routers or any other device just to avoid them being

05:13

used by threat actors in massive campaigns.

05:16

There is also a new trending threat, which is abusing. Open

05:21

elasticsearch is databases like manga, manga jeebies, etcetera. So my recommendation here is to protect your publicly exposed assets. Don't leave them open with no passwords.

05:33

Now let's summarize everything that we've learned in this lesson. We started with a quick definition off ascent. Then we've seen the different advantages and disadvantages off us, and we've seen the purpose off using us and in our cyber threat intelligence and how awesome is being leveraged. Buy threat actors.

05:53

And also we discovered

05:56

some person tools and techniques, and I we've seen some examples off course. The list off examples that we've seen is not exhausted, and they're plethora off awesome tools. But we mentioned on Lee few of them as a start point, and we closed this lesson with a quick use case

06:15

and

06:15

I gave you some recommendations why you should use ascent and things that you should be aware off. This is all for this lesson. I hope you enjoy this video. It was the last lesson from the first module as a reminder. This module was fully dedicated

06:34

to data collection, which is the second step