这期周情报技术发布的侦察分论坛视频内容,有朋友在公众号提到了这个需要,找了下发现已经有总结好的,核对了下很完整就整理发在这里。
包含的议题有:资产管理的未来,被动DNS,个人安全,osint朝鲜,利用osint 打击人口走私和贩卖,在twitter上狩猎喷子,短链接,社会工程学,追踪基础设施,漏洞挖掘方法论,社交威胁评分,构建基于云的自动化侦察,发现APT攻击,使用不同的TLD的域名抢注等。
完整议题视频链接:
https://www.youtube.com/playlist?list=PLVwzzufdy9iu3UbT1UNSq_mhEgl6Dj4Ue
议题中的工具和资源列表整理
资产管理的未来
(Future of Asset Management - Ben Sadeghipour)
查找Domains/subdomains:
-
Acquisitions https://acquiredby.co/apple-acquisitions/
-
ViewDNS https://viewdns.info
-
证书透明度服务:
-
Shodan https://shodan.io
-
Censys https://censys.io/
-
Crt.sh https://Crt.sh
-
Certspotter https://sslmate.com/certspotter/
-
Google Transparency Report https://transparencyreport.google.com/https/certificates
-
Facebook Certificate Transparency Monitoring https://developers.facebook.com/tools/ct/
提到的工具:
-
Amass https://github.com/OWASP/Amass
-
Subfinder https://github.com/projectdiscovery/subfinder
-
Sublist3r https://github.com/aboul3la/Sublist3r
-
Findomain https://github.com/Findomain/Findomain
-
Sudomy https://github.com/screetsec/Sudomy
被动DNS
(Passive DNS - Andy Dennis)
被动DNS提供商:
-
RiskIQ https://community.riskiq.com/home
-
Cisco Umbrella https://umbrella.cisco.com/
-
SecurityTrails https://securitytrails.com/
-
CIRCL Passive DNS https://www.circl.lu/services/passive-dns/
-
SpamHaus Passive DNS https://www.spamhaus.com/product/passive-dns/
提到的工具
-
Word Generator https://wordsmith.org/anagram
个人安全
(So you Want OpSec, eh? - Ritu Gill)
设备/浏览器信息
-
https://coveryourtracks.eff.org
-
AmIUnique https://www.amiunique.org
-
whoer https://whoer.net
-
WhatU https://whatu.info
浏览器插件
-
HTTPS everywhere
https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/
-
Privacy badger
https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/
-
user agent switcher
https://addons.mozilla.org/en-US/firefox/addon/user-agent-string-switcher/
有用的网站
-
https://haveibeenpwned.com
-
https://tosdr.org
-
https://privacytools.io
-
https://justgetmydata.com
-
https://justdeleteme.xyz
-
https://accountkiller.com
-
https://www.securemessagingapps.com/
数据删除
-
https://inteltechniques.com/data/workbook.pdf
-
https://webbreacher.com/2017/04/24/removing-yourself-from-the-internet/
-
https://www.learnallthethings.net/blog/2018/1/23/opting-out-like-a-boss-the-osint-way
-
https://tisiphone.net/2017/01/25/thwart-my-osint-efforts-while-binging-tv/
osint
(OSINT and the Hermit Kingdom - Nick Roy)
互联网中的朝鲜
-
https://bgpview.io/asn/131279
-
https://github.com/nknetobserver/nknetobserver.github.io
-
红星操作系统
-
https://github.com/takeshixx/redstar-tools
-
https://c3subtitles.de/talk/501/
-
朝鲜对外贸易
http://www.korean-books.com.kp/en/search/?page=periodic-trade
-
NK websites
-
dprkportal.kp
-
portal.net.kp
-
webmail.star.net.kp
-
sns.star.net.kp
提到的工具
-
Bellingcat tools: http://bit.ly/bcattools
-
Torrent Tracking https://iknowwhatyoudownload.com
-
Strava HeatMap https://www.strava.com/heatmap
命令行工具
-
dig a example.com +short > IPs
-
whois -h whois.cymru.com x.x.x.x > ASN, company name
短链接
(Hidden Gems via URL Shorteners - Utku Sen)
提到的工具
-
https://github.com/lc/gau
-
https://github.com/OJ/gobuster
-
https://github.com/utkusen/urlhunter
-
https://shorteners.grayhatwarfare.com/
-
https://wiki.archiveteam.org/index.php?title=URLTeam
-
https://tracker.archiveteam.org:1338/
命令行工具
-
Unshort URL: curl https://xx.xx/xxx --head
搜索技巧
-
docs.google.com/a/CompanyName
-
docs.google.com/a/CompanyName.com
-
drive.google.com/a/CompanyName
-
drive.google.com/a/CompanyName.com
-
Includes “trello.com” AND “Company Name”
-
Include “company.com” AND “admin” OR “private”
-
Include “company.com” AND “resetToken”
-
Include “company.com” AND “PHPSESSIONID”
-
Include “google.com/maps/place” AND “39.9,32.3”
利用 OSINT 打击人口走私和贩卖
Using OSINT to Combat Human Trafficking & Smuggling - Rae Baker
-
https://www.marinetraffic.com
在 Twitter上狩猎和粉碎喷子
(Hunting & Smashing Trolls on Twitter - Mauro Eldritch & Santiago Montaño)
宣传社交媒体网络
-
https://counter.social
-
https://www.facepopular.net/
追踪喷子
-
分析趋势
-
https://getdaytrends.com/
-
https://www.trendinalia.com
-
阻止喷子
-
MegaBlock https://megablock.xyz/
-
Twitter Block Chain https://chrome.google.com/webstore/detail/twitter-block-chain/dkkfampndkdnjffkleokegfnibnnjfah
-
Block together https://twitter.com/blocktogether
-
Venator 工具: https://github.com/mauroeldritch/venator
社会工程学
(People Hunting, a Pentester’s Perspective - Mishaal Khan)
提到的工具
-
Ripgrep Tool https://github.com/BurntSushi/ripgrep
-
People search
-
https://www.allbiz.com/
-
https://www.advancedbackgroundchecks.com/
-
https://www.fastpeoplesearch.com/
-
https://thatsthem.com/
-
https://peopledatalabs.com
-
Search NPI Records https://npiregistry.cms.hhs.gov/
-
Vehicle Search https://www.vehiclehistory.com/
-
Search Bluetooth devices https://wigle.net/
-
Voter Search
https://www.sec.state.ma.us/VoterRegistrationSearch/MyVoterRegStatus.aspx
-
Burp suit tool https://portswigger.net/burp
-
Breach lookup
-
https://haveibeenpwned.com/
-
https://breachdirectory.tk/
-
Hashcat tool https://github.com/hashcat/hashcat/
-
Carrier lookup https://scammerblaster.com/carrier-lookup/
-
Doctor search https://www.vitals.com/
-
Classmates https://classmates.com
-
Instagram tool https://github.com/megadose/toutatis
-
Holehe - Registered Account Checking tool
https://github.com/megadose/holehe
-
https://socialbearing.com/
追踪基础设施
(Tracking Infrastructure with Mihari - Manabu Niseki)
介绍
-
https://ninoseki.github.io/presentations/Adversary%20Infrastructure%20Tracking%20with%20Mihari.pdf
提到的工具
-
MMhdan
-
https://github.com/ninoseki/mmhdan
-
https://mmhdan.herokuapp.com/
-
Mihari https://github.com/ninoseki/mihari
-
主动追踪
-
Nmap https://nmap.org/
-
Masscan https://github.com/robertdavidgraham/masscan
-
Zmap https://github.com/zmap/zmap
-
httpx https://github.com/projectdiscovery/httpx
-
JARM https://github.com/salesforce/jarm
-
被动追踪
-
全网扫描
-
Shodan https://shodan.io
-
Censys https://censys.io/
-
BinaryEdge https://www.binaryedge.io/
-
Onyphe https://www.onyphe.io/
-
Spyse https://spyse.com/
-
ZoomEye https://www.zoomeye.org/
-
被动DNS服务
-
VirusTotal https://www.virustotal.com/
-
PassiveTotal (RiskIQ) https://community.riskiq.com/home
-
SecurityTrails https://securitytrails.com/
-
DomainTools https://domaintools.com
-
CT日志
-
Crt.sh https://Crt.sh
-
Censys https://censys.io
漏洞挖掘方法论
(Bug Hunter’s Methodology - Tushar Verma)
-
ReconFTW https://github.com/six2dez/reconftw
-
Bheem https://github.com/harsh-bothra/Bheem
-
Osmedeus https://github.com/j3ssie/Osmedeus
社交威胁评分
(Creating a Social Threat Score - Masterchen)
-
https://github.com/MasterChenb0x/SocialThreatScore
-
https://us-cert.cisa.gov/CISA-National-Cyber-Incident-Scoring-System
-
https://merics.org/en/report/chinas-social-credit-system-2021-fragmentation-towards-integration
-
https://www.myfico.com/credit-education/whats-in-my-credit-report
构建基于云的自动化侦查
(Build Cloud-Based Recon Automation - Ryan Elkins)
-
Brevityrecon https://github.com/brevityinmotion/brevityrecon
-
Blog https://www.brevityinmotion.com/automated-cloud-based-recon/
-
Arkadiyt https://github.com/arkadiyt
发现apt样本
(Uncovering APT Attacks - Ladislav Baco)
恶意软件样本
-
https://vx-underground.org/
-
https://bazaar.abuse.ch/
恶意软件源
-
Hybrid Analysis https://www.hybrid-analysis.com/
-
Any.Run https://any.run/
-
Tria.ge https://tria.ge/
-
VirusTotal https://www.virustotal.com/
英特尔威胁情报平台和工具
-
Yeti https://yeti-platform.github.io/
-
Tweettico http://tweettioc.com/
-
Twint https://github.com/twintproject/twint
高级搜索
-
Shodan https://shodan.io
-
Censys https://Censys.io
-
Webarchive https://archive.org/web/
-
Search by hash on Shodan http.favicon.hash
使用不同的TLD的域名抢注
(Domainsquatting with Different TLD’s - Anthony Kava)
-
https://impostor.domains/
osint
(OSINT for Sex Workers - Kala Kinyon)
提到的工具
-
Thatsthem https://Thatsthem.com
-
GeoCreepy https://geocreepy.com
-
SunCalc https://SunCalc.net
-
OsintFramework https://osintframework.com/
-
Wiki of Social Media Monitoring Solutions http://wiki.kenburbary.com/
本文始发于微信公众号(军机故阁):DEFCON29议题中的工具和资源
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论