*By Anderson Almeida
Introduction
Data production grows every year and has become the most important asset these days, and we need to talk about the power of OSINT, the definition of this technology, how the data obtained is used and how it can help professionals in information security.
There is a lot of information on the internet, which is both an advantage and a disadvantage.
The advantages are that the Internet is free and accessible to everyone, it has all information readily available for anyone to access. The downsides are that available information can be misused by someone with bad intentions. Collecting and correlating information using these tools is known as open source intelligence. Information can be in various forms such as audio, video, image, text, file, etc.
What is it?
OSINT is a practice of obtaining information legally, free of charge and available on the internet about someone or any company, we emphasize the internet as it is the most used means of communication nowadays, in practice, all public information such as: books, reports, newspapers, also fall into this category.
How are they used?
Such data can be used by malicious personnel to attack an individual or an organization; on social networks such as LinkedIn, a large part of the vacancies offered provide information in the description of the technologies and systems used, and this information is currently explored, as well as the names and contact details of employees who become valuable in the hands of those who practice social engineering.
On the other hand, OSINT also helps security professionals to develop a defense strategy or identify suspicious activity on systems or network, through Indicators of Compromise (IoC), reports issued and published by bodies such as CISA, and tools such as widely used total virus to analyze files, hash, URL, domains or IPs.
In short, the data can be used for good or for bad, and a large part of this content we leave unprotected or disclose without any responsibility, often due to carelessness or lack of policy.
Some OSINT Tools:
Below are some examples of frequently used OSINT tools.
maltego – It is used by security professionals and forensic investigators to collect and analyze open source intelligence. It can easily gather information from various sources and use various transformations to generate graphical results. Transformations are built in and can also be customized based on requirements.
Shodan – Google is the search engine for everyone, but shodan is the search engine for hackers. Instead of presenting the result like other search engines, it will show the result that will make the most sense to a security professional.
The Harvester – A harvester is an excellent tool for obtaining email and domain related information.
have i been pwned? – It is a website that allows Internet users to check whether their personal data has been compromised by data breach
— Anderson Almeida is a Security Operation Center Analyst at [SAFEWAY]
About Safeway:
THE SAFEWAY is a company of Information security, recognized by its customers for offering high added value solutions, through Information Security projects that fully meet the needs of the business. In these years of experience, we have proudly accumulated several successful projects that have given us credibility and prominence among our clients, which largely constitute the 100 largest companies in Brazil.
Today through more than 23 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best technology solutions, processes and people.
Let's make the world a safer place to live and do business!