My Account Log in

1 option

The OSINT Handbook : A Practical Guide to Gathering and Analyzing Online Information / Dale Meredith.

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Meredith, Dale, author.
Language:
English
Subjects (All):
Open source intelligence.
Computer security.
Physical Description:
1 online resource (198 pages)
Edition:
First edition.
Place of Publication:
Birmingham, England : Packt Publishing, [2024]
Biography/History:
Meredith Dale: Dale Meredith is an EC-Council-certified ethical hacker/instructor and a Microsoft-certified trainer. Dale has over 10 years of senior IT management experience and was a CTO for an ISP. Dale's skill as an IT trainer is in clarifying tough concepts and ensuring students understand the theory. Dale's teaching style is memorable and entertaining. His expertise has led to many opportunities, including teaching teams in Fortune 500 firms, universities globally, the Department of Homeland Security, and many US military branches. Along with authoring video courses, consulting, and classroom training, you can catch Dale on stage speaking at IT conferences around the world, helping teams keep their companies safe, relevant, and breach-aware.
Summary:
Explore top open-source Intelligence (OSINT) tools, build threat intelligence, and create a resilient cyber defense against evolving online threats Key Features Explore some of the best open-source intelligence tools such as Maltego, Shodan, and Aircrack-ng Develop an OSINT-driven threat intelligence program to mitigate cyber risks Leverage the power of information through OSINT with real-world case studies Purchase of the print or Kindle book includes a free PDF eBook Book Description The rapid expansion of IT and digital businesses has brought along a surge in online threats, amplifying cybersecurity risks and the need for effective solutions. Enter the OSINT framework, a pivotal ally, enabling organizations with a powerful toolset to proactively fortify security measures. The OSINT Handbook offers practical guidance and insights to enhance your OSINT capabilities. Starting with an introduction to the concept of OSINT, this book explores its applications and the legal and ethical considerations associated with OSINT research. You'll find essential techniques for gathering and analyzing information using search engines, social media platforms, and other web-based resources. As you advance, this book emphasizes anonymity and techniques for secure browsing, managing digital footprints, and creating online personas. You'll also gain hands-on experience with popular OSINT tools such as Recon-ng, Maltego, Shodan, and Aircrack-ng, and leverage OSINT to mitigate cyber risks with expert strategies that enhance threat intelligence efforts. Real-world case studies will illustrate the role of OSINT in anticipating, preventing, and responding to cyber threats. By the end of this book, you'll be equipped with the knowledge and tools to confidently navigate the digital landscape and unlock the power of information using OSINT. What you will learn Work with real-life examples of OSINT in action and discover best practices Automate OSINT collection and analysis Harness social media data for OSINT purposes Manage your digital footprint to reduce risk and maintain privacy Uncover and analyze hidden information within documents Implement an effective OSINT-driven threat intelligence program Leverage OSINT techniques to enhance organizational security Who this book is for This book is for ethical hackers and security professionals who want to expand their cybersecurity knowledge and stay one step ahead of online threats by gaining comprehensive insights into OSINT tools and techniques. Basic knowledge of cybersecurity concepts is required.
Contents:
Cover
Title Page
Copyright
Dedication
Foreword
Contributors
Table of Contents
Preface
Chapter 1: The Secrets Hiding in Plain Sight - Unveiling the Power of OSINT
Introduction to OSINT
Let's talk about information and intelligence
Passive and active OSINT
Why OSINT matters in the digital age
Why is OSINT so cool?
How the heck does OSINT work?
The OSINT framework
Let's break down an investigation into some real-world examples
Getting started with OSINT and some best practices
Tips and tricks for effective information gathering
Some resources we'll be using
Summary
Chapter 2: Invisible and Untouchable - The Importance of Anonymity in OSINT Analysis
Introduction to anonymity and privacy in OSINT
Ways anonymity can be breached in OSINT
Striking the balance - Privacy concerns in OSINT investigations
Protecting your digital footprint
Managing and limiting YOUR online presence
Why protecting personal data is more important than ever
Internet browsers - The frontline of data vulnerability
How to protect yourself
Creating and managing online personas - Sock puppets
Staying ahead of cyber threats in OSINT
Keeping up with privacy and security news
Learning from past breaches and incidents
Chapter 3: The OSINT Toolbox - Methods and Techniques for Gathering and Analyzing Information
Introduction to OSINT methods and techniques
The variety of techniques used in OSINT
Importance of selecting the right method for a specific task
Searching and browsing the surface web
Advanced search engine techniques
Google hacking
Utilizing specialized search engines and directories
Academic search engines
Code search engines
Patent search engines
Image search engines
Exploring social media for OSINT (SOCMINT).
Understanding hidden sources
Diving into the deep and dark web
Let's make sure we understand the internet
Harvesting more with theHarvester
Shodan
Automating OSINT collection and analysis
Chapter 4: Exploring the Unknown - How Discovery Tools Reveal Hidden Information
Introduction to discovery tools
Unlocking network secrets
Domain and IP address analysis
Understanding the DNA of WHOIS - Its definition and purpose
Applicability - Not just domains but IP blocks too
The online magnifying glasses - Popular WHOIS lookup platforms
Finding the connections
The darker side - When attackers use WHOIS
DNS and IP analysis - Connecting domains to infrastructure
Traceroute and network mapping - Navigating the vast cyber seas
Website reconnaissance - Mastering the unseen layers
Web page scraping and analysis
Document and metadata analysis
Identifying hidden information in documents and files
Analyzing document contents for valuable clues
OSINT data visualization
Tools and techniques for visualizing OSINT data
Best practices for using discovery tools
Chapter 5: From Recon-ng to Trace Labs - A Tour of the Best Open Source Intelligence Tools
Recon-ng - A powerful OSINT framework
Running modules and gathering information with Recon-ng
Maltego - Visualizing OSINT data and connections
Getting started with Maltego for OSINT investigations
Discovering the infrastructure
Shodan - The search engine for IoT
Getting started with Shodan
Using Shodan's API
Trace Labs - A powerful OS designed just for OSINT
Overview of the Aircrack-ng suite
Airmon-ng
Airodump-ng
Aireplay-ng
Aircrack-ng
Airbase-ng
Airgraph-ng
Finding hidden networks
Additional open source OSINT tools
SpiderFoot
Twint
Some final thoughts on tools.
Keeping up with the open source OSINT landscape
Blogs and websites
Conferences and workshops
Evaluating new tools
Engaging with the OSINT community
Chapter 6: The Eyes and Ears of Threat Intelligence - How OSINT Helps Mitigate Cyber Risks
Introduction to threat intelligence and OSINT
Cyber threats and OSINT
Phishing
Social engineering
Malware and ransomware
APTs
Combining OSINT with internal security
Cyber threat intelligence platforms and OSINT integration
Some big names in the game
Incorporating OSINT data into threat intelligence workflows
Sharing OSINT-derived intelligence with other platforms and teams
Building an OSINT-driven cyber threat intelligence program
What are intelligence requirements?
The role of OSINT
Case study: OSINT in a real-world cybersecurity incident
Chapter 7: Protecting Your Identity and Organization from Cyber Threats
Understanding the role of OSINT in protecting your identity and organization
The advantages of proactive OSINT research for cybersecurity
Personal digital hygiene and OSINT
Identifying and mitigating risks from your online presence
Enhancing your privacy and security
Assessing and strengthening organizational security with OSINT
Identifying potential vulnerabilities
Identifying and responding to cyber threats such as ransomware
Detecting phishing and social engineering attempts
It's Exotic Lily story time
The Cobalt Dickens group and their tricky spear-phishing attacks
Investigating cyber incidents and breaches
Uncovering the source, scope, and impact of cyber incidents
Building a resilient cyber defense with OSINT
Collaborating with the cybersecurity community
Adapting to the evolving threat landscape
Updating your OSINT-driven cybersecurity strategy as needed.
Don't forget the tools
Index
About PACKT
Other Books You May Enjoy.
Notes:
Description based upon print version of record.
Tools and techniques for visualizing OSINT data
Description based on publisher supplied metadata and other sources.
Description based on print version record.
ISBN:
1-83763-528-5
OCLC:
1427667069

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account