Targeting

Video Activity

In this lab, Subject Matter Expert Dean Pompilio discusses targeting techniques. Targeting techniques allow you to gather information about a target in an active way (that may be noticed by the target) or in a passive way using public sources (that may not be noticed by the target). He explains that targeting efforts need to be personal and custom ...

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
3 hours 55 minutes
Difficulty
Advanced
CEU/CPE
5
Video Description

In this lab, Subject Matter Expert Dean Pompilio discusses targeting techniques. Targeting techniques allow you to gather information about a target in an active way (that may be noticed by the target) or in a passive way using public sources (that may not be noticed by the target). He explains that targeting efforts need to be personal and custom crafted so that your efforts are not given away by sounding scripted when you attempt to elicit information from your target. SME Pompilio also discusses using a quid pro quo approach in which you determine what will motivate the target to help you and then you create an incentive for the target to help you. The following targeting labs will be presented in the remaining Parts of this Module:

  • Spearfishing with the Social Engineering Toolkit – this is built into Kali
  • Cupp – which is the Common User Password Profiler
  • Cewl – which allows you to crawl a Web site and look for clues
  • Shodan – which is a search engine that lets you explore the Internet of things and the IP address space of your target
  • Scythe – which is a user name enumeration tool
  • Creepy – which lets you look at sites such as Twitter, Google Plus, and Flickr to find out what your target is using these web sites for and to get time stamps of your target's activities
Video Transcription
00:04
All right, welcome back. The next section that we're going to talk about is some more of our techniques.
00:09
In this case, we're considering how you do targeting
00:13
we're the techniques and methods that that are useful here.
00:17
The basic ideas were gathering information. This could be active gathering of information which might be noticed by the target or could be passive.
00:25
We're using public sources of information that's not detectable by your target.
00:31
So the idea, as I was starting to allude to in the earlier in the course, is that
00:37
you're trying to make this a personal, custom crafted attempt to get information from from from the target. You don't want to use a generic script for every attempt because it will not properly fit the situation in hand. And most likely, the target will notice
00:54
that you're you appear to be reading a list of questions that don't appear to be quite related to what they do or who they are or why they do there
01:02
their their job the way they do
01:04
and going back to the quid pro quo idea. You want to create some incentive,
01:11
you know. Please help me. I'll help you. I'll give you something for nothing. I'll give you a great recommendation to your boss.
01:19
I'll give you access to some information that you want.
01:22
You know there's limitless possibilities for how these kinds of conversations could be manipulated in order to
01:29
make things more useful for the attacker.
01:33
So they're trying to find How do I get this information? How do my custom crafted to make it personal? And what incentives can I throw out there or tease the person with trying to think about the carrot in the stick? Right? What's gonna motivate my target to go after the carrot that's on the stick? That's the question the engineer needs to ask.
01:51
All right, so I have a bunch of demos that are related to targeting
01:55
some really great tools here that you might be interested in. We start off with spear fishing.
01:59
The social engineering tool kit is very powerful. This is built into Cali as well.
02:04
I'll do an example of spear fishing where you craft a email
02:07
That's Ah, set up just for one recipient to try to get them to go to a website so you can get their credentials
02:15
set as it's otherwise known. social engineering tool kit
02:19
has many more capabilities, and we'll explore some of those in other videos. But for this one, we're just gonna you use a technique to get credentials.
02:25
We'll also look a tool called cup.
02:29
This is the common user password profiler.
02:32
Once you start to get some clues about your target, you can use a tool like cup. Answer a bunch of questions and an interactive mode and generate a dictionary file, which can then be used to for brute forcing or for password cracking activities.
02:49
Cool is also a tool that's useful in this context of information gathering.
02:53
Cool. Let's you crawl a website
02:57
looking through the content and the metadata, content for clues as to what a password might be, or just for clues in general.
03:04
So it's very useful. We'll see a demo of this.
03:07
Also show you the show. Dan Search engine.
03:09
This is an amazing tool that lets you explore the I P. Address space of your target. Looking for anything that's interesting.
03:19
I will do, Ah, some searches showing you some of the information you can get. A lot of the ones I'll do are actually showing you webcams for instance that live on the Internet right now,
03:30
the organization that you're targeting may have Webcams or other security devices
03:35
basically showed and lets you explore the Internet of things.
03:38
And it tries to give you access in such a way so you can interact with some. Some of those resource is. I think you'd be pretty impressed with what showed an Incan d'oh.
03:47
Then we'll go into sight.
03:50
This is a user name enumeration tool,
03:53
very useful again for trying to find credentials or methods for getting into a system.
04:00
And then we'll wrap up with creepy.
04:01
Creepy is interesting. It lets you look at Twitter,
04:05
um,
04:06
Google plus
04:10
flicker
04:11
and
04:12
instagram, I believe. And if you have it set up and configured correctly, and if your target is using those service is
04:18
you can find out. What are they using Twitter for? What? What kind of pictures were taken on instagram and flicker? Where are they doing it?
04:26
You get time stamped location data for what the targets activities actually are. It's pretty neat stuff. I think you'll be impressed
Up Next
Social Engineering and Manipulation

In this online, self-paced Social Engineering and Manipulation training class, you will learn how some of the most elegant social engineering attacks take place. Learn to perform these scenarios and what is done during each step of the attack.

Instructed By