View
1
Download
0
Category
Preview:
Citation preview
Welcome!Finding and Investigating Digital Footprints
with Open-Source Intelligence
Stephen Hill, Ph.D., CIIP, MLPIManaging Director
Snowdrop Consulting Ltd
Dr Stephen Hill
Finding & Investigating
Digital Footprints with
Open Source Intelligence
Open Source Intelligence (OSINT)
Intelligence from publicly available sources –open refers to ‘overt’
Open-Source Intelligence (OSINT) refers to:
“A broad array of information and sources that aregenerally available, including information obtained fromthe media (newspapers, radio, television, etc.),professional and academic records (papers, conferences,professional associations, etc.), and public data(government reports, demographics, hearings, speeches,etc.)”
The Web Explained
Surface Web
Google – Index Search
https://www.google.ae
Google – Regional Search
‘Bubbling & Tracking’
Search History
Location
Browser
Browsers version
Computer being used
Language being used
Time to type in a query
Time we spent on the search result page
Time between selecting different results for the same query
Operating system
Frequency clicking on adsense advertising on other websites
Operating systems version
Resolution of computer screen
Average amount of search requests per day
Average amount of search requests per topic (to finish search)
Distribution of search services used (web / images / videos)
Average position of search results clicked on
Time of the day
Current date
Topics of ads clicked on
Frequency of clicking advertising
Frequency of searches of domains on Google
http://www.rene-pickhardt.de/google-uses-57-signals-to-filter
Google – Time Filter
Google – Cache
Google – Similar
Google Image Search
Google Image Search
Google Image Search – Face Filter
Google Image Search
Google Reverse Image Search
Google Reverse Image Search
Google Reverse Image Search
https://startpage.com
StartPage
Carrot2
http://search.carrot2.org
DuckDuckGo Bangs
https://duckduckgo.com/bang
Semantic Search
Exalead - Advanced
http://www.exalead.com/search
Where to Find Search Engines?
www.searchenginecolossus.com
Advanced Search Techniques
Phrase searching: “fraud in New Zealand”
Boolean search: AND* fraud, NOT* scam
Google Alternative: “fraud”, -scam
Boolean search: fraud OR scam OR swindle
Parentheses: ( ) also known as nesting…
* Will not work with Google
Check the Spelling
Remember words can be spelt differently orthere might be a misspelt word or typo on thewebsite you are looking for, hence why somesearch engines fail to find the word/phrase
Consider spelling and typos
Tyres & Tires, colour & color
Stephen Hill, Steven Hill, Steve Hill
Serach Engine, Fraud Invesdigation...
Typo & Spelling Apps
http://fatfingers.com/default.aspx
http://www.goofbid.com
http://www.newsola.com
Real Time News
News Links
Classifieds - A Criminal Hotspot?
People Search
https://pipl.com
Paste Sites – What Could You Find?
Paste sites are websites allowing users to upload textfor public viewing.
Originally designed for software developers whoneeded a place to store large amounts of text.
Links would be created to the text, and the user couldshare the link with other programmers to review thecode.
Many hacking groups use this area of the Internet tostore compromised data.
Most popular site – ‘Pastebin’.
Searching Paste Sites
Searching Paste Sites
http://pastebin.com/dJ8BZS9T
Finding Archived Web Pages
https://archive.org/web
Internet Archive
Tools for Social Media Intelligence
Trophy Cabinet to Flaunt Crimes!
Facebook Search
LinkedIn Search
Twitter Search
Social Searcher
http://www.social-searcher.com
Social Searcher
http://www.social-searcher.com
Social Searcher
http://www.social-searcher.com
https://app.echosec.net
Geo-Location Search
Hiding Your Identity Online
Disguising Your ID
Every time you surf the Internet, your IP addressis publicly visible to everyone on target networkresources.
It is important, therefore, not to leave a digitalfootprint...
Sock (Finger) Puppets
4 steps to create a sock puppet:
Create fake ID – use name generator
Create fake profiles/user accounts on Facebook, etc.
Fake/disguised email, phone, and IP details
Consider payment method – pre-paid credit card…
http://www.fakenamegenerator.com
Disguising Your Online ID
Proxy and VPN services re-route your Internet traffic and change your IP
A Proxy is like a Web filter
Proxy will only secure traffic via the Internet browser usingthe proxy server settings
A VPN encrypts all of your traffic
VPNs replace your ISP and route all traffic through the VPNserver, including all programs and applications...
TOR
https://www.torproject.org
TOR
“Tor protects you by bouncing your communications arounda distributed network of relays run by volunteers all aroundthe world:
It prevents somebody watching your Internet connectionfrom learning what sites you visit, and it prevents the sitesyou visit from learning your physical location.
Tor works with many of your existing applications, includingweb browsers, instant messaging clients, remote login, andother applications based on the TCP protocol”.
Dark Net
The Hidden Wiki
Dark Net Search
Hidden Services
Dr Stephen Hill
Finding & Investigating
Digital Footprints with
Open Source Intelligence
Welcome!Finding and Investigating Digital Footprints
with Open-Source Intelligence
Stephen Hill, Ph.D., CIIP, MLPIManaging Director
Snowdrop Consulting Ltd
Recommended