Intelligence Sources

  • Cyber Security Intelligence: How secure are we?

  • Cyber Threat Intelligence: How threatening is the world outside?

  • Intelligence Sources:

    • Narrative sources

    • Threat feeds

  • Historical/Trend Analysis

  • Reconnaissance

    • What could a potential attacker find out about us?

    • Where would they look?

      • Open Source (OSINT)

        • The WWW

        • Dedicated tools

        • Feeds (free)

      • Closed source

    • Whois and DNS

      • whois

      • nslookup

      • dig

      • host

      • zone transfer

    • OSINT Dedicated Tools

    • FOCA - Document Metadata

    • The Harvester tool in Kali Linux

    • Shodan - Search engine for internet things

    • Maltego - OSINT for relationships

    • recon-ng - python tool

    • Census - Device search engine like shodan

    • Website rippers - clone websites to local machine

    • Google

      • "exact match"

      • -exclude

      • this AND that (or is implied)

      • filetype:

      • allintitle:

      • allinurl:

      • Google hacking database

    • Confidence levels

      • Timeliness

      • Relevancy

      • Accuracy

      • Fake news?

      • Admiralty System - method for evaluating reliability

PreviousThreat Intelligence CycleNextSecurity Intelligence Sharing

Last updated