Chủ Nhật, 30 tháng 8, 2020

CEH Practical: Gathering Target Information: Reconnaissance And Competitive Intelligence

CEH Exam Objectives:

Describe Reconnaissance. 

Describe aggressive/competitive intelligence.


Reconnaissance

 Reconnaissance is the process of gathering informative data about a particular target of a malicious hack by exploring the targeted system. Basically two types of Reconnaissance exist i.e. Active and Passive. Active reconnaissance typically related to port scanning and observing the vulnerabilities about the targeted system (i.e., which ports are left vulnerable and/or if there are ways around the firewall and routers). Passive reconnaissance typically you will not be directly connected to a computer system. This process is used to gather essential information without ever interacting with the target systems.

Understand Aggressive Intelligence 

Competitive intelligence means information gathering about competitors' products, marketing, and technologies. Most competitive intelligence is non intrusive to the company being investigated and is benign in nature. It's used for product comparison or as a sales and marketing tactic to better understand how competitors are positioning their products or services.

Online tools to gather competitive intelligence

Exercise 1.1

Using KeywordSpy 

To use the KeywordSpy online tool to gather competitive intelligence information:  
  • Go to the www.keywordspy.com website and enter the website address of the target in the search field 

  • Review the report and determine valuable keywords, links, or other information.

 

Exercise 1.2

Using spyfu

  • Go to your browser and type www.spyfu.com and enter the website address of the target in the search field.

Exercise 1.3

Using the EDGAR Database to Gather Information

1. Determine the company's stock symbol using Google.

2. Open a web browser to www.sec.gov.

3. On the right side of the page, click the link EDGAR Filers. 

4. Click the Search For Filings menu and enter the company name or stock  symbol to search the filings for information. You can learn, for example, where the company is registered and who reported the filing.

5. Use the Yahoo! yellow pages ( http://yp.yahoo.com ) to see if an address or phone number is listed for any of the employee names you have located.

Related word


Người đăng: vào lúc Không có nhận xét nào:

📷 Huyennguyen Maithanh recently posted a new photo

 
Nguyen Huu, here's Huyennguyen Maithanh's new photo that she recently posted.
   
 
   Facebook
 
   
   
 
   
📷 Huyennguyen Maithanh added a new photo.
August 29 at 8:13 PM
 
View Photo
 
   Huyennguyen Maithanh and 6 others reacted to this.
 
   
   
 
This message was sent to nguyenhuutai_yct.caohongtham@blogger.com. If you don't want to receive these emails from Facebook in the future, please unsubscribe.
Facebook, Inc., Attention: Community Support, 1 Facebook Way, Menlo Park, CA 94025
   
   
To help keep your account secure, please don't forward this email. Learn More
   
 
Người đăng: vào lúc Không có nhận xét nào:

Thứ Bảy, 29 tháng 8, 2020

Osintgram - A OSINT Tool On Instagram


Osintgram is a OSINT tool on Instagram.

Osintgram offers an interactive shell to perform analysis on Instagram account of any users by its nickname. You can get:
- addrs           Get all registered addressed by target photos
- captions        Get user's photos captions
- comments        Get total comments of target's posts
- followers       Get target followers
- followings      Get users followed by target
- hashtags        Get hashtags used by target
- info            Get target info
- likes           Get total likes of target's posts
- mediatype       Get user's posts type (photo or video)
- photodes        Get description of target's photos
- photos          Download user's photos in output folder
- propic          Download user's profile picture
- stories         Download user's stories  
- tagged          Get list of users tagged by target
- target          Set new target
- wcommented      Get a list of user who commented target's photos
You can find detailed commands usage here.
Latest version | CHANGELOG

Installation
  1. Fork/Clone/Download this repo
    git clone https://github.com/Datalux/Osintgram.git
  2. Navigate to the directory
    cd Osintgram
  3. Run pip3 install -r requirements.txt
  4. Create a subdirectory config
    mkdir config
  5. Create in config folder the file: username.conf and write your Instagram account username
  6. Create in config folder the file: pw.conf and write your Instagram account password
  7. Run the main.py script
    python3 main.py <target username>

Updating
Run git pull in Osintgram directory

Contributing
You can propose a feature request opening an issue or a pull request.

External library
Instagram API: https://github.com/ping/instagram_private_api




via KitPloit
This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com
More articles

Người đăng: vào lúc Không có nhận xét nào:

Diggy - Extract Enpoints From APK Files


Diggy can extract endpoints/URLs from apk files. It saves the result into a txt file for further processing.


Dependencies
  • apktool

Usage
./diggy.sh /path/to/apk/file.apk
You can also install it for easier access by running install.sh
After that, you will be able to run Diggy as follows:
diggy /path/to/apk/file.apk


Related word


Người đăng: vào lúc Không có nhận xét nào:
Đăng ký: Bài đăng (Atom)