Hacking Web Intelligence

Hacking Web Intelligence

Open Source Intelligence and Web Reconnaissance Concepts and Techniques

1st Edition - April 13, 2015

Write a review

  • Authors: Sudhanshu Chauhan, Nutan Panda
  • Paperback ISBN: 9780128018675
  • eBook ISBN: 9780128019122

Purchase options

Purchase options
Available
DRM-free (PDF, Mobi, EPub)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment—that is, reconnaissance—is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data. Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods. Hacking Web Intelligence is an in-depth technical reference covering the methods and techniques you need to unearth open source information from the Internet and utilize it for the purpose of targeted attack during a security assessment. This book will introduce you to many new and leading-edge reconnaissance, information gathering, and open source intelligence methods and techniques, including metadata extraction tools, advanced search engines, advanced browsers, power searching methods, online anonymity tools such as TOR and i2p, OSINT tools such as Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, Social Network Analysis (SNA), Darkweb/Deepweb, data visualization, and much more.

Key Features

  • Provides a holistic approach to OSINT and Web recon, showing you how to fit all the data together into actionable intelligence
  • Focuses on hands-on tools such as TOR, i2p, Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, FOCA, EXIF, Metagoofil, MAT, and many more
  • Covers key technical topics such as metadata searching, advanced browsers and power searching, online anonymity, Darkweb / Deepweb, Social Network Analysis (SNA), and how to manage, analyze, and visualize the data you gather
  • Includes hands-on technical examples and case studies, as well as a Python chapter that shows you how to create your own information-gathering tools and modify existing APIs

Readership

Information security professionals, practitioners, analysts, consultants, IT managers, Web developers, as well as hackers and penetration testers.

Table of Contents

    • Preface
    • About the Authors
    • Acknowledgments
    • Chapter 1. Foundation: Understanding the Basics
      • Introduction
      • Internet
      • World Wide Web
      • Defining the basic terms
      • Web browsing—behind the scene
      • Lab environment
    • Chapter 2. Open Source Intelligence and Advanced Social Media Search
      • Introduction
      • Open source intelligence
      • How we commonly access OSINT
      • Web 2.0
      • Social media intelligence
      • Social network
      • Advanced search techniques for some specific social media
      • Web 3.0
    • Chapter 3. Understanding Browsers and Beyond
      • Introduction
      • Browser operations
      • History of browsers
      • Browser architecture
      • Browser features
      • Raw browsers
      • Some of the well-known custom browsers
      • Addons
      • Bookmark
      • Threats posed by browsers
    • Chapter 4. Search the Web—Beyond Convention
      • Introduction
    • Chapter 5. Advanced Web Searching
      • Introduction
      • Google
      • Bing
      • Yahoo
      • Yandex
    • Chapter 6. OSINT Tools and Techniques
      • Introduction
      • Creepy
      • TheHarvester
      • Shodan
      • Search Diggity
      • Recon-ng
      • Yahoo Pipes
      • Maltego
    • Chapter 7. Metadata
      • Introduction
      • Metadata extraction tools
      • Impact
      • Metadata removal/DLP tools
    • Chapter 8. Online Anonymity
      • Anonymity
      • Online anonymity
      • Why do we need to be anonymous
      • Ways to be anonymous
    • Chapter 9. Deepweb: Exploring the Darkest Corners of the Internet
      • Introduction
      • Why to use it?
      • Why not to use it?
      • Darknet services
      • Disclaimer
    • Chapter 10. Data Management and Visualization
      • Introduction
      • Data management and analysis tools
    • Chapter 11. Online Security
      • Introduction
      • Malwares
      • Phishing
      • Online scams and frauds
      • Hacking attempts
      • Weak password
      • Shoulder surfing
      • Social engineering
      • Antivirus
      • Identify phishing/scams
      • Update operating system and other applications
      • Addons for security
      • Tools for security
      • Password policy
      • Precautions against social engineering
      • Data encryption
    • Chapter 12. Basics of Social Networks Analysis
      • Introduction
      • Gephi
      • Node attributes
      • Edge attributes
    • Chapter 13. Quick and Dirty Python
      • Introduction
    • Chapter 14. Case Studies and Examples
      • Introduction
      • Case studies
    • Chapter 15. Related Topics of Interest
      • Introduction
      • Cryptography
      • Data recovery/shredding
      • Internet Relay Chat
      • Bitcoin
    • Index

Product details

  • No. of pages: 300
  • Language: English
  • Copyright: © Syngress 2015
  • Published: April 13, 2015
  • Imprint: Syngress
  • Paperback ISBN: 9780128018675
  • eBook ISBN: 9780128019122

About the Authors

Sudhanshu Chauhan

Sudhanshu Chauhan is an information security professional and OSINT specialist. He has worked in the information security industry, previously as Senior security analyst at iViZ and currently as Director and Principal Consultant at Octogence Tech Solutions, a penetration testing consultancy. He previously worked at the National Informatics Center in New Delhi developing web applications to prevent threats. He has a B.Tech (CSE) from Amity School of Engineering and Diploma in Cyber Security. He has been listed in various Hall of Fame such as Adobe, eBay, Yandex, and Freelancer. Sudhanshu has also written various articles on a wide range of topics including Cyber Threats, Vulnerability Assessment, Honeypots, and Metadata.

Affiliations and Expertise

Security Analyst for iViZ Techno Solutions, India

Nutan Panda

An Information Security professional with expertise in the field of Application and Network Security. He has completed his B.Tech (IT) and has also earned various prestigious Certifications in his domain such as CEH, CCNA etc. Apart from performing security assessments he has also been involved in conducting / imparting information security training. He has been listed in various prestigious Hall of Fame such as Google, Microsoft, Yandex etc. and has also written various articles / technical papers.

Affiliations and Expertise

Security Analyst for for iViZ Techno Solutions, India

Ratings and Reviews

Write a review

Latest reviews

(Total rating for all reviews)

  • Dhivya Sat Jun 26 2021

    Hacking Web Intelligence

    I am a Research scholar and also i am searching some tools regarding my research. This book introduction and some of the key points very useful to me. Thank you