Cyber Intelligence using Python
Shubham Mittal (~shubham) |
Python can be used tp automate exploits, security checks, web analysis, forensic investigation and a lot more. No doubt, it is a profound language for a Hacker.
We start any of our hack attack with finding information from publicly available sources which can range from website's whois to a complex Facebook graph search. In a generic terminology, this is known as Open Source Intelligence (OSINT). OSINT has its use cases, not only in hacking, but also in Business Intelligence, Corporate Espionage, Forensic Investigations and more. By finding such information, an attacker can streamline his attack in order to make it more precise, effective and less noisy.
As there lies a huge number of sources and variations of such useful information, this relatively becomes quite a hectic task to collect and co-relate this data. Hence there is a great need to automate this painful task ,we, (many of the hackers), have chosen Python.
During the presentation, we will discuss and demonstrate about how we automated the process of OSINT and used the same in our security assessments. Below are some of the techniques which we will be talking about in our presentation:
1. Useful social APIs (Facebook, Google CSE, Twitter APIs), Shodan, etc.
2. Internet Wide scans for promoting Threat Intelligence.
3. Integrating Python with readily available Frameworks like Maltego, Metasploit, etc.
4. Custom Python tools, eg. user2sid and sid2user, Auth_check, testing utilities for checking vulnerabilities like XSS, CSRF, SSRF.
5. Using python to do bug bounty by automating tasks.
After the presentation, we will release these codes in open source channels.
- Basic understanding of Python.
- Undertaking of OSINT is recommended.
Shubham is an active Information Security Researcher with areas of interests lying in Penetration testing and Open source intelligence. In his free time he explores cool blogs and tries his luck with bug bounties. He loves networking with like minded people and loves to do open source InfoSec knowledge sharing.
- Also listed on many Security Hall of fames: Google, Yahoo, Facebook, Microsoft, Adobe, Paypal, CPanel, Ebay, Apple, Nokia, Blackberry, Barracuda, AT&T, etc.