OSINT (open-source intelligence) is any freely available information and can be a gold mine for pen testers. These tools include WHOIS, nslookup, FOCA, theharvester, Shodan, Maltego, Recon-ng, and Censys. See a demonstration of how to use WHOIS and nslookup.
- Another valuable and very interesting category…of tools that we need in our Pen Testing toolbox…is that of open-source intelligence.…Now open-source intelligence is a classification…of tools that means any place we can go…that's open-source free data that's available to us…to do research on what we've found with other tools.…So let's assume that we have an IP address…or we have a domain name.…Either one of those,…we want to find more information about them,…find out what it really represents.…
We can dig down with these tools…and find more information surrounding…the technical response that we got…from perhaps our scanning and enumeration tools.…For those tools we can start off with the Whois tool.…Whois is implemented in multiple ways.…You can have,…there is a Whois command at the command line under Linux,…or there's multiple Whois websites.…We'll take a look at those in just a second.…Whois provides domain details about the IP address…or the domain itself actually that you've requested.…
Nslookup is another query tool…
Author
Michael Solomon
Released
11/28/2018Skill Level Intermediate
Duration
Views
-
1. CompTIA PenTest+ (PT0-001): 5 Selecting Pen Testing Tools
-
Nmap scoping and output options21m 11s
-
Pen testing toolbox6m 55s
-
Using Kali Linux6m 23s
-
Scanners and credential tools10m 18s
-
Code cracking tools4m 31s
-
Open-source research tools6m 32s
-
Remote access tools6m 24s
-
Other pen testing tools4m 33s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Open-source research tools