Hunting Cyber Criminals - A Hacker s Guide to Online Intelligence Gathering Tools Techniques

Mehr lesen

Informationen zum Autor ABOUT THE AUTHOR VINNY TROIA is a cybersecurity evangelist and hacker with Night Lion Security. He is an acknowledged expert in digital forensics investigations, security strategies, and security breach remediation. Vinny possesses deep knowledge of industry-standard security and compliance controls, is frequently seen providing security expertise on major TV and radio networks, and recently introduced Data Viper, his own threat intelligence and cyber-criminal hunting platform. Klappentext THE ART AND SCIENCE OF TRACKING CYBERCRIME TO ITS SOURCE When your organization falls victim to cybercrime, you need to be ready to fight back. The burden of investigating digital security breaches often falls to organizations themselves, so developing a robust toolkit that enables you to track down criminals is essential. Hunting Cyber Criminals is filled with proven techniques to research the source of illicit network traffic, extract intelligence from publicly available web sources, and hunt the individuals who would do harm to your organization. With easy-to-follow examples Hunting Cyber Criminals provides vital guidance on investigating cybersecurity incidents. It shows how, even starting from just a single IP address, you can embark on an investigative journey to uncover the information you need to shore up your defenses, involve law enforcement, and shut down hackers for good. Learn from Vinny Troia's unique methodology and the practical techniques used to investigate and identify members of the cyber terrorist group known as The Dark Overlord. Beyond the author's own expertise, you'll benefit from guest comments by fellow industry experts: Alex Heid, Bob Diachenko, Cat Murdoch, Chris Hadnagy, Chris Roberts, John Strand, Jonathan Cran, Leslie Carhart, Nick Furneux, Rob Fuller, Troy Hunt, and William Martin. For cybersecurity and business professionals involved in developing cyber incident response strategies, this compendium of the latest tools, techniques, and resources will prove indispensable. Cybercrime is a reality, not just a possibility, in today's business environments. Readiness to respond starts here. Learn about the latest cybercrime investigation tools Uncover clues to identify and track hackers anywhere Use network discovery to follow unwanted network traffic Search web databases to gather intelligence and leads Use social media to identify probable perpetrators Master complex web scenarios and advanced search techniques Employ expert tips and tricks in your own investigations ABOUT NIGHT LION SECURITY Night Lion Security provides network, website, and IT security consulting, services. The company specializes in advanced penetration testing and IT risk management. Zusammenfassung The skills and tools for collecting! verifying and correlating information from different types of systems is an essential skill when tracking down hackers. This book explores Open Source Intelligence Gathering (OSINT) inside out from multiple perspectives! including those of hackers and seasoned intelligence experts. OSINT refers to the techniques and tools required to harvest publicly available data concerning a person or an organization. With several years of experience of tracking hackers with OSINT! the author whips up a classical plot-line involving a hunt for a threat actor. While taking the audience through the thrilling investigative drama! the author immerses the audience with in-depth knowledge of state-of-the-art OSINT tools and techniques. Technical users will want a basic understanding of the Linux command line in order to follow the examples. But a person with no Linux or programming experience can still gain a lot from this book through the commentaries.This book's unique digital investigation proposition is a combination of story-telling! tutorials! and case studies. The book explores digital investigation ...

Inhaltsverzeichnis

Prologue xxv
 
Chapter 1 Getting Started 1
 
Chapter 2 Investigations and Threat Actors 19
 
Part I Network Exploration 43
 
Chapter 3 Manual Network Exploration 45
 
Chapter 4 Looking for Network Activity (Advanced NMAP Techniques) 67
 
Chapter 5 Automated Tools for Network Discovery 83
 
Part II Web Exploration 119
 
Chapter 6 Website Information Gathering 121
 
Chapter 7 Directory Hunting 143
 
Chapter 8 Search Engine Dorks 159
 
Chapter 9 WHOIS 175
 
Chapter 10 Certificate Transparency and Internet Archives 201
 
Chapter 11 Iris by DomainTools 221
 
Part III Digging for Gold 243
 
Chapter 12 Document Metadata 245
 
Chapter 13 Interesting Places to Look 267
 
Chapter 14 Publicly Accessible Data Storage 293
 
Part IV People Hunting 323
 
Chapter 15 Researching People, Images, and Locations 325
 
Chapter 16 Searching Social Media 349
 
Chapter 17 Profile Tracking and Password Reset Clues 377
 
Chapter 18 Passwords, Dumps, and Data Viper 407
 
Chapter 19 Interacting with Threat Actors 433
 
Chapter 20 Cutting through the Disinformation of a 10-Million-Dollar Hack 453
 
Epilogue 483
 
Index 487