SlideShare une entreprise Scribd logo

Rv defcon25 osint tactics on source code intelligence - simon roses

R
reconvillage

http://reconvillage.org/osint-tactics-on-source-code-and-developers/

Technologie
1  sur  35
Télécharger pour lire hors ligne
Recon Village DEF CON 25 29 July Las Vegas, USA
ME & VULNEX Simon Roses Femerling •  Founder & CEO, VULNEX www.vulnex.com •  @simonroses •  Former Microsoft, PwC, @Stake •  US DARPA award to research on software security •  Speaker: Black Hat, DEF CON, RSA, HITB, OWASP, SOURCE, AppSec, DeepSec, TECHNET •  Blog: http://www.simonroses.com/ •  Youtube: https://www.youtube.com/channel/UC8KUXxTSEdWfpFzAydjEzyQ •  CyberSecurity Startup •  @vulnexsl •  Professional Services & Training •  Products: BinSecSweeper (Unified File Security Analysis) VULNEX
TALK OBJECTIVES •  Basic Source Code analysis •  Applying OSINT tactics on source code
AGENDA 1.  Introduc,on 2.  OSINT Developers 3.  Conclusions
KEEP IN MIND
1. TARGET
1. WHY DEVELOPERS? •  Technical people but usually not security savvy –  Influencers –  Access to information & systems –  Common habits we can exploit: •  Science Fiction •  Anime •  Porn •  Beer
1. METHODOLOGY 1. Identify source code repo 1.  Organization 2.  Individuals 2. Search for OSINT patterns in code 3. Go to Social Networks
1. OSINT PATTERNS IN SOURCE CODE •  Classics: –  IPs –  Domain names –  URLs –  Emails –  Credit Cards –  Phones •  New: –  Twitter alias –  Comments
2. RIGHT
2. AMERICAN FUZZY LOP (AFL)
2. AIRCRACK-NG
2. KNOW YOUR TOOLS
2. GITHUB-RANK.COM
2. GITROB I •  Reconnaissance tool for GitHub organizations •  Search for sensitive information in repos: –  Credentials –  Private keys •  https://github.com/michenriksen/gitrob
2. GITROB II
2. GITROB III
2. GITHUB CRAWLERS •  https://github.com/ Microsoft/ghcrawler •  https://github.com/ dfm/github-repo- crawler/tree/master/ crawler •  https:// www.npmjs.com/ package/repo-crawler
2. SOURCE CODE PROFANITY •  Get feeling of developer angriness – Source Code vs. Twitter
2. LINUX BAD WORDS https://www.linuxcounter.net/statistics/kernel
2. LINUX GOOD WORDS https://www.linuxcounter.net/statistics/kernel
2. COMMENT: DATA CLEANING •  Comments contain plenty of dirty data: – Code – Bad Chars: //, #, *, $, -, --, =, “, ‘, [,] – Useless text •  Licenses
2. COMMENTS
2. TINTORERA •  Source Code Intelligence •  https://github.com/vulnex/Tintorera
2. TINTORERA
2. COLLECTING OSINT PATTERNS •  Regex is your friend •  Data – IPs – Links – Emails – Etc.
2. I WANT EMAILS
2. OSINT PATTERNS REGEX KUNGFU
2. MOVE TO YOUR OSINT TOOLKIT •  Time for usual OSINT tools – Maltego – Recon-ng – DataSploit – Custom scripting “Hello Python”
2. SOURCE CODE IS GOLD •  Information – OSINT – Sensitive – Comments/Sentiments – Vulnerabilities •  Code Repos not/less monitor
2. NEXT STEPS •  Improved tools/automatization •  Comment analysis/classification •  OSINT integration – DataSploit – Recon-ng
5. Q&A •  Thanks! •  Beer appreciated!!! •  @simonroses •  @vulnexsl •  www.vulnex.com •  www.simonroses.com

Recommandé

Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Sudhanshu Chauhan
 
DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 Shubham Mittal
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolShubham Mittal
 
DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet. DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet. Shubham Mittal
 
Web application penetration testing lab setup guide
Web application penetration testing lab setup guideWeb application penetration testing lab setup guide
Web application penetration testing lab setup guideSudhanshu Chauhan
 
Stop pulling the plug
Stop pulling the plugStop pulling the plug
Stop pulling the plugKamal Rathaur
 
OSINT using Twitter & Python
OSINT using Twitter & PythonOSINT using Twitter & Python
OSINT using Twitter & Python37point2
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social EngineeringNutan Kumar Panda
 

Recommandé

Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Sudhanshu Chauhan
 
DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 Shubham Mittal
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolShubham Mittal
 
DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet. DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet. Shubham Mittal
 
Web application penetration testing lab setup guide
Web application penetration testing lab setup guideWeb application penetration testing lab setup guide
Web application penetration testing lab setup guideSudhanshu Chauhan
 
Stop pulling the plug
Stop pulling the plugStop pulling the plug
Stop pulling the plugKamal Rathaur
 
OSINT using Twitter & Python
OSINT using Twitter & PythonOSINT using Twitter & Python
OSINT using Twitter & Python37point2
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social EngineeringNutan Kumar Panda
 
OSINT x UCCU Workshop on Open Source Intelligence
OSINT x UCCU Workshop on Open Source IntelligenceOSINT x UCCU Workshop on Open Source Intelligence
OSINT x UCCU Workshop on Open Source IntelligencePhilippe Lin
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionChris Gates
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!Nutan Kumar Panda
 
Osint
OsintOsint
OsintKamal Rathaur
 
Osint ashish mistry
Osint ashish mistryOsint ashish mistry
Osint ashish mistryn|u - The Open Security Community
 
Getting started with using the Dark Web for OSINT investigations
Getting started with using the Dark Web for OSINT investigationsGetting started with using the Dark Web for OSINT investigations
Getting started with using the Dark Web for OSINT investigationsOlakanmi Oluwole
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringTom Eston
 
Hacker tool talk: maltego
Hacker tool talk: maltegoHacker tool talk: maltego
Hacker tool talk: maltegoChris Hammond-Thrasher
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Let’s hunt the target using OSINT
Let’s hunt the target using OSINTLet’s hunt the target using OSINT
Let’s hunt the target using OSINTChandrapal Badshah
 
Osint presentation nov 2019
Osint presentation nov 2019Osint presentation nov 2019
Osint presentation nov 2019Priyanka Aash
 
Open source intelligence
Open source intelligenceOpen source intelligence
Open source intelligencebalakumaran779
 
What you need to know about OSINT
What you need to know about OSINTWhat you need to know about OSINT
What you need to know about OSINTJerod Brennen
 
OSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceOSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceDeep Shankar Yadav
 
Maltego
MaltegoMaltego
Maltegopenetration Tester
 
osint - open source Intelligence
osint - open source Intelligenceosint - open source Intelligence
osint - open source IntelligenceOsama Ellahi
 
Osint primer
Osint primerOsint primer
Osint primern|u - The Open Security Community
 
OSINT
OSINTOSINT
OSINTApurv Singh Gautam
 
Information gathering
Information gatheringInformation gathering
Information gatheringMaulik Kotak
 
OSINT for Attack and Defense
OSINT for Attack and DefenseOSINT for Attack and Defense
OSINT for Attack and DefenseAndrew McNicol
 
ShiftGearsWithInformationSecurity.pdf
ShiftGearsWithInformationSecurity.pdfShiftGearsWithInformationSecurity.pdf
ShiftGearsWithInformationSecurity.pdfSteven Carlson
 
DevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon London 2017: when good containers go bad by Tim MackeyDevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon London 2017: when good containers go bad by Tim MackeyDevSecCon
 

Contenu connexe

Tendances

OSINT x UCCU Workshop on Open Source Intelligence
OSINT x UCCU Workshop on Open Source IntelligenceOSINT x UCCU Workshop on Open Source Intelligence
OSINT x UCCU Workshop on Open Source IntelligencePhilippe Lin
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionChris Gates
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!Nutan Kumar Panda
 
Getting started with using the Dark Web for OSINT investigations
Getting started with using the Dark Web for OSINT investigationsGetting started with using the Dark Web for OSINT investigations
Getting started with using the Dark Web for OSINT investigationsOlakanmi Oluwole
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringTom Eston
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Let’s hunt the target using OSINT
Let’s hunt the target using OSINTLet’s hunt the target using OSINT
Let’s hunt the target using OSINTChandrapal Badshah
 
Osint presentation nov 2019
Osint presentation nov 2019Osint presentation nov 2019
Osint presentation nov 2019Priyanka Aash
 
Open source intelligence
Open source intelligenceOpen source intelligence
Open source intelligencebalakumaran779
 
What you need to know about OSINT
What you need to know about OSINTWhat you need to know about OSINT
What you need to know about OSINTJerod Brennen
 
OSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceOSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceDeep Shankar Yadav
 
osint - open source Intelligence
osint - open source Intelligenceosint - open source Intelligence
osint - open source IntelligenceOsama Ellahi
 
Information gathering
Information gatheringInformation gathering
Information gatheringMaulik Kotak
 
OSINT for Attack and Defense
OSINT for Attack and DefenseOSINT for Attack and Defense
OSINT for Attack and DefenseAndrew McNicol
 

Tendances (20)

OSINT x UCCU Workshop on Open Source Intelligence
OSINT x UCCU Workshop on Open Source IntelligenceOSINT x UCCU Workshop on Open Source Intelligence
OSINT x UCCU Workshop on Open Source Intelligence
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon Edition
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!
 
Osint
OsintOsint
Osint
 
Osint ashish mistry
Osint ashish mistryOsint ashish mistry
Osint ashish mistry
 
Getting started with using the Dark Web for OSINT investigations
Getting started with using the Dark Web for OSINT investigationsGetting started with using the Dark Web for OSINT investigations
Getting started with using the Dark Web for OSINT investigations
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence Gathering
 
Hacker tool talk: maltego
Hacker tool talk: maltegoHacker tool talk: maltego
Hacker tool talk: maltego
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
 
Let’s hunt the target using OSINT
Let’s hunt the target using OSINTLet’s hunt the target using OSINT
Let’s hunt the target using OSINT
 
Osint presentation nov 2019
Osint presentation nov 2019Osint presentation nov 2019
Osint presentation nov 2019
 
Open source intelligence
Open source intelligenceOpen source intelligence
Open source intelligence
 
What you need to know about OSINT
What you need to know about OSINTWhat you need to know about OSINT
What you need to know about OSINT
 
OSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceOSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligence
 
Maltego
MaltegoMaltego
Maltego
 
osint - open source Intelligence
osint - open source Intelligenceosint - open source Intelligence
osint - open source Intelligence
 
Osint primer
Osint primerOsint primer
Osint primer
 
OSINT
OSINTOSINT
OSINT
 
Information gathering
Information gatheringInformation gathering
Information gathering
 
OSINT for Attack and Defense
OSINT for Attack and DefenseOSINT for Attack and Defense
OSINT for Attack and Defense
 

Similaire à Rv defcon25 osint tactics on source code intelligence - simon roses

ShiftGearsWithInformationSecurity.pdf
ShiftGearsWithInformationSecurity.pdfShiftGearsWithInformationSecurity.pdf
ShiftGearsWithInformationSecurity.pdfSteven Carlson
 
DevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon London 2017: when good containers go bad by Tim MackeyDevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon London 2017: when good containers go bad by Tim MackeyDevSecCon
 
Top 10 Threats to Cloud Security
Top 10 Threats to Cloud SecurityTop 10 Threats to Cloud Security
Top 10 Threats to Cloud SecuritySBWebinars
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011Xavier Mertens
 
Vulnex app secusa2013
Vulnex app secusa2013Vulnex app secusa2013
Vulnex app secusa2013drewz lin
 
Fun with Application Security
Fun with Application SecurityFun with Application Security
Fun with Application SecurityBruce Abernethy
 
A question of trust - understanding Open Source risks
A question of trust - understanding Open Source risksA question of trust - understanding Open Source risks
A question of trust - understanding Open Source risksTim Mackey
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...bugcrowd
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocentdanish3
 
Owasp joy of proactive security
Owasp joy of proactive securityOwasp joy of proactive security
Owasp joy of proactive securityScott Behrens
 
The Joy of Proactive Security
The Joy of Proactive SecurityThe Joy of Proactive Security
The Joy of Proactive SecurityAndy Hoernecke
 
The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009Security Ninja
 
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani GolandCODE BLUE
 
DevSecOps - The big picture
DevSecOps - The big pictureDevSecOps - The big picture
DevSecOps - The big pictureDevSecOpsSg
 
10(?) holiday gifts for the SOC who has everything
10(?) holiday gifts for the SOC who has everything10(?) holiday gifts for the SOC who has everything
10(?) holiday gifts for the SOC who has everythingRyan Kovar
 
Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Tyler Shields
 

Similaire à Rv defcon25 osint tactics on source code intelligence - simon roses (20)

ShiftGearsWithInformationSecurity.pdf
ShiftGearsWithInformationSecurity.pdfShiftGearsWithInformationSecurity.pdf
ShiftGearsWithInformationSecurity.pdf
 
DevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon London 2017: when good containers go bad by Tim MackeyDevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon London 2017: when good containers go bad by Tim Mackey
 
Top 10 Threats to Cloud Security
Top 10 Threats to Cloud SecurityTop 10 Threats to Cloud Security
Top 10 Threats to Cloud Security
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011
 
Vulnex app secusa2013
Vulnex app secusa2013Vulnex app secusa2013
Vulnex app secusa2013
 
Fun with Application Security
Fun with Application SecurityFun with Application Security
Fun with Application Security
 
A question of trust - understanding Open Source risks
A question of trust - understanding Open Source risksA question of trust - understanding Open Source risks
A question of trust - understanding Open Source risks
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocent
 
Owasp joy of proactive security
Owasp joy of proactive securityOwasp joy of proactive security
Owasp joy of proactive security
 
The Joy of Proactive Security
The Joy of Proactive SecurityThe Joy of Proactive Security
The Joy of Proactive Security
 
The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009
 
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
 
DevSecOps - The big picture
DevSecOps - The big pictureDevSecOps - The big picture
DevSecOps - The big picture
 
DevSecOps - The big picture
DevSecOps - The big pictureDevSecOps - The big picture
DevSecOps - The big picture
 
Defining DevSecOps
Defining DevSecOpsDefining DevSecOps
Defining DevSecOps
 
10(?) holiday gifts for the SOC who has everything
10(?) holiday gifts for the SOC who has everything10(?) holiday gifts for the SOC who has everything
10(?) holiday gifts for the SOC who has everything
 
Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011Blackhat USA Mobile Security Panel 2011
Blackhat USA Mobile Security Panel 2011
 
Building your Open Source Security stack
Building your Open Source Security stackBuilding your Open Source Security stack
Building your Open Source Security stack
 

Plus de reconvillage

Empowering red and blue teams with osint c0c0n 2017
Empowering red and blue teams with osint c0c0n 2017Empowering red and blue teams with osint c0c0n 2017
Empowering red and blue teams with osint c0c0n 2017reconvillage
 
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkin
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkinRv defcon25 keeping an eye on mobile applications - mikhail sosonkin
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkinreconvillage
 
Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...
Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...
Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...reconvillage
 
Rv defcon25 how to obtain 100 facebook accounts per day through internet se...
Rv defcon25 how to obtain 100 facebook accounts per day through internet se...Rv defcon25 how to obtain 100 facebook accounts per day through internet se...
Rv defcon25 how to obtain 100 facebook accounts per day through internet se...reconvillage
 
Rv defcon25 ferpa only your grades are safe - leah
Rv defcon25 ferpa only your grades are safe - leahRv defcon25 ferpa only your grades are safe - leah
Rv defcon25 ferpa only your grades are safe - leahreconvillage
 
Rv defcon25 burner phone challenge - dakota nelson
Rv defcon25 burner phone challenge - dakota nelsonRv defcon25 burner phone challenge - dakota nelson
Rv defcon25 burner phone challenge - dakota nelsonreconvillage
 
Rv defcon25 attack surface discovery with intrigue - jonathan cran
Rv defcon25 attack surface discovery with intrigue - jonathan cranRv defcon25 attack surface discovery with intrigue - jonathan cran
Rv defcon25 attack surface discovery with intrigue - jonathan cranreconvillage
 

Plus de reconvillage (7)

Empowering red and blue teams with osint c0c0n 2017
Empowering red and blue teams with osint c0c0n 2017Empowering red and blue teams with osint c0c0n 2017
Empowering red and blue teams with osint c0c0n 2017
 
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkin
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkinRv defcon25 keeping an eye on mobile applications - mikhail sosonkin
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkin
 
Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...
Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...
Rv defcon25 into the birds nest - a comprehensive look at twitter as a rese...
 
Rv defcon25 how to obtain 100 facebook accounts per day through internet se...
Rv defcon25 how to obtain 100 facebook accounts per day through internet se...Rv defcon25 how to obtain 100 facebook accounts per day through internet se...
Rv defcon25 how to obtain 100 facebook accounts per day through internet se...
 
Rv defcon25 ferpa only your grades are safe - leah
Rv defcon25 ferpa only your grades are safe - leahRv defcon25 ferpa only your grades are safe - leah
Rv defcon25 ferpa only your grades are safe - leah
 
Rv defcon25 burner phone challenge - dakota nelson
Rv defcon25 burner phone challenge - dakota nelsonRv defcon25 burner phone challenge - dakota nelson
Rv defcon25 burner phone challenge - dakota nelson
 
Rv defcon25 attack surface discovery with intrigue - jonathan cran
Rv defcon25 attack surface discovery with intrigue - jonathan cranRv defcon25 attack surface discovery with intrigue - jonathan cran
Rv defcon25 attack surface discovery with intrigue - jonathan cran
 

Dernier

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Dernier (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Rv defcon25 osint tactics on source code intelligence - simon roses

  • 1. Recon Village DEF CON 25 29 July Las Vegas, USA
  • 2. ME & VULNEX Simon Roses Femerling •  Founder & CEO, VULNEX www.vulnex.com •  @simonroses •  Former Microsoft, PwC, @Stake •  US DARPA award to research on software security •  Speaker: Black Hat, DEF CON, RSA, HITB, OWASP, SOURCE, AppSec, DeepSec, TECHNET •  Blog: http://www.simonroses.com/ •  Youtube: https://www.youtube.com/channel/UC8KUXxTSEdWfpFzAydjEzyQ •  CyberSecurity Startup •  @vulnexsl •  Professional Services & Training •  Products: BinSecSweeper (Unified File Security Analysis) VULNEX
  • 3. TALK OBJECTIVES •  Basic Source Code analysis •  Applying OSINT tactics on source code
  • 6.
  • 8. 1. WHY DEVELOPERS? •  Technical people but usually not security savvy –  Influencers –  Access to information & systems –  Common habits we can exploit: •  Science Fiction •  Anime •  Porn •  Beer
  • 9. 1. METHODOLOGY 1. Identify source code repo 1.  Organization 2.  Individuals 2. Search for OSINT patterns in code 3. Go to Social Networks
  • 10. 1. OSINT PATTERNS IN SOURCE CODE •  Classics: –  IPs –  Domain names –  URLs –  Emails –  Credit Cards –  Phones •  New: –  Twitter alias –  Comments
  • 11.
  • 13. 2. AMERICAN FUZZY LOP (AFL)
  • 15. 2. KNOW YOUR TOOLS
  • 17. 2. GITROB I •  Reconnaissance tool for GitHub organizations •  Search for sensitive information in repos: –  Credentials –  Private keys •  https://github.com/michenriksen/gitrob
  • 20. 2. GITHUB CRAWLERS •  https://github.com/ Microsoft/ghcrawler •  https://github.com/ dfm/github-repo- crawler/tree/master/ crawler •  https:// www.npmjs.com/ package/repo-crawler
  • 21. 2. SOURCE CODE PROFANITY •  Get feeling of developer angriness – Source Code vs. Twitter
  • 22. 2. LINUX BAD WORDS https://www.linuxcounter.net/statistics/kernel
  • 23. 2. LINUX GOOD WORDS https://www.linuxcounter.net/statistics/kernel
  • 24. 2. COMMENT: DATA CLEANING •  Comments contain plenty of dirty data: – Code – Bad Chars: //, #, *, $, -, --, =, “, ‘, [,] – Useless text •  Licenses
  • 26. 2. TINTORERA •  Source Code Intelligence •  https://github.com/vulnex/Tintorera
  • 28. 2. COLLECTING OSINT PATTERNS •  Regex is your friend •  Data – IPs – Links – Emails – Etc.
  • 29. 2. I WANT EMAILS
  • 30. 2. OSINT PATTERNS REGEX KUNGFU
  • 31. 2. MOVE TO YOUR OSINT TOOLKIT •  Time for usual OSINT tools – Maltego – Recon-ng – DataSploit – Custom scripting “Hello Python”
  • 32.
  • 33. 2. SOURCE CODE IS GOLD •  Information – OSINT – Sensitive – Comments/Sentiments – Vulnerabilities •  Code Repos not/less monitor
  • 34. 2. NEXT STEPS •  Improved tools/automatization •  Comment analysis/classification •  OSINT integration – DataSploit – Recon-ng
  • 35. 5. Q&A •  Thanks! •  Beer appreciated!!! •  @simonroses •  @vulnexsl •  www.vulnex.com •  www.simonroses.com