Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques
- 6h 20m
- Vinny Troia
- John Wiley & Sons (US)
- 2020
The skills and tools for collecting, verifying and correlating information from different types of systems is an essential skill when tracking down hackers. This book explores Open Source Intelligence Gathering (OSINT) inside out from multiple perspectives, including those of hackers and seasoned intelligence experts. OSINT refers to the techniques and tools required to harvest publicly available data concerning a person or an organization. With several years of experience of tracking hackers with OSINT, the author whips up a classical plot-line involving a hunt for a threat actor. While taking the audience through the thrilling investigative drama, the author immerses the audience with in-depth knowledge of state-of-the-art OSINT tools and techniques. Technical users will want a basic understanding of the Linux command line in order to follow the examples. But a person with no Linux or programming experience can still gain a lot from this book through the commentaries.
This book’s unique digital investigation proposition is a combination of story-telling, tutorials, and case studies. The book explores digital investigation from multiple angles:
- Through the eyes of the author who has several years of experience in the subject.
- Through the mind of the hacker who collects massive amounts of data from multiple online sources to identify targets as well as ways to hit the targets.
- Through the eyes of industry leaders.
This book is ideal for:
Investigation professionals, forensic analysts, and CISO/CIO and other executives wanting to understand the mindset of a hacker and how seemingly harmless information can be used to target their organization.
Security analysts, forensic investigators, and SOC teams looking for new approaches on digital investigations from the perspective of collecting and parsing publicly available information.
CISOs and defense teams will find this book useful because it takes the perspective of infiltrating an organization from the mindset of a hacker. The commentary provided by outside experts will also provide them with ideas to further protect their organization’s data.
About the Author
VINNY TROIA is a cybersecurity evangelist and hacker with Night Lion Security. He is an acknowledged expert in digital forensics investigations, security strategies, and security breach remediation. Vinny possesses deep knowledge of industry-standard security and compliance controls, is frequently seen providing security expertise on major TV and radio networks, and recently introduced Data Viper, his own threat intelligence and cyber-criminal hunting platform.
In this Book
-
Prologue
-
Getting Started
-
Investigations and Threat Actors
-
Manual Network Exploration
-
Looking for Network Activity (Advanced NMAP Techniques)
-
Automated Tools for Network Discovery
-
Website Information Gathering
-
Directory Hunting
-
Search Engine Dorks
-
Whois
-
Certificate Transparency and Internet Archives
-
Iris by DomainTools
-
Document Metadata
-
Interesting Places to Look
-
Publicly Accessible Data Storage
-
Researching People, Images, and Locations
-
Searching Social Media
-
Profile Tracking and Password Reset Clues
-
Passwords, Dumps, and Data Viper
-
Interacting with Threat Actors
-
Cutting Through the Disinformation of a 10‐Million‐Dollar Hack
-
Epilogue