OSINT (open-source intelligence) is any freely available information and can be a gold mine for pen testers. These tools include WHOIS, nslookup, FOCA, theharvester, Shodan, Maltego, Recon-ng, and Censys. See a demonstration of how to use WHOIS and nslookup.
- Another valuable and very interesting category…of tools that we need in our Pen Testing toolbox…is that of open-source intelligence.…Now open-source intelligence is a classification…of tools that means any place we can go…that's open-source free data that's available to us…to do research on what we've found with other tools.…So let's assume that we have an IP address…or we have a domain name.…Either one of those,…we want to find more information about them,…find out what it really represents.…
We can dig down with these tools…and find more information surrounding…the technical response that we got…from perhaps our scanning and enumeration tools.…For those tools we can start off with the Whois tool.…Whois is implemented in multiple ways.…You can have,…there is a Whois command at the command line under Linux,…or there's multiple Whois websites.…We'll take a look at those in just a second.…Whois provides domain details about the IP address…or the domain itself actually that you've requested.…
Nslookup is another query tool…
Released
11/28/2018This Total Seminars course covers the exam certification topics. For information on additional study resources—including practice tests, lab simulations, books, and discounted exam vouchers—visit totalsem.com/linkedin. LinkedIn Learning members receive special pricing.
This course was created by Total Seminars. We are pleased to offer this training in our library.
We are a CompTIA Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
Share this video
Embed this video
Video: Open-source research tools