InfoHound: Improving OSINT open source CyberArsenal for good

During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later help him to identify possible vulnerabilities or misconfigurations to exploit. Using passive analysis methods (which do not interact directly with the target) through OSINT,...

Descripción completa

Detalles Bibliográficos
Autor: Marrugat Plaza, Xavier
Tipo de recurso: tesis de maestría
Fecha de publicación:2023
País:España
Institución:Universitat Oberta de Catalunya (UOC)
Repositorio:O2, repositorio institucional de la UOC
OAI Identifier:oai:openaccess.uoc.edu:10609/148316
Acceso en línea:http://hdl.handle.net/10609/148316
Access Level:acceso abierto
Palabra clave:OSINT
InfoHound
cyber
Google Hacking
Tool development
recon
hacking
domain
Computer security -- TFM
Seguretat informàtica -- TFM
Descripción
Sumario:During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later help him to identify possible vulnerabilities or misconfigurations to exploit. Using passive analysis methods (which do not interact directly with the target) through OSINT, a large amount of data can be extracted, such as: organisation addresses, IPs, systems open ports, sensitive files or directories exposed to the internet and subdomains, among others. Are we aware of this data? Do we know what impact they can have in an organization? What information is publicly available about us? Currently, there are specific Open Source OSINT tools for each of the data that we want to monitor. This involves setting up and running these programs separately and then grouping the results together. Although there are tools that combine different functionalities to extract more data, such as ReconFTW (an Open Source tool that finds IPs, ports, subdomains and more from the target) and LookingGlass (a private solution that monitors a large amount of internet sources to detect possible threats to an organisation), no Open Source tool has been found that groups a great variety of these techniques together. Therefore, the aim of this project is to implement an Open Source tool that collects all the information that can be extracted from publicly accessible sources from an Internet web domain. In addition, considering the information obtained, it will create a profile of the company and its employees helping analysts in their cybersecurity assessments.