Hunting Cyber Criminals

Book description

The skills and tools for collecting, verifying and correlating information from different types of systems is an essential skill when tracking down hackers. This book explores Open Source Intelligence Gathering (OSINT) inside out from multiple perspectives, including those of hackers and seasoned intelligence experts. OSINT refers to the techniques and tools required to harvest publicly available data concerning a person or an organization. With several years of experience of tracking hackers with OSINT, the author whips up a classical plot-line involving a hunt for a threat actor. While taking the audience through the thrilling investigative drama, the author immerses the audience with in-depth knowledge of state-of-the-art OSINT tools and techniques. Technical users will want a basic understanding of the Linux command line in order to follow the examples. But a person with no Linux or programming experience can still gain a lot from this book through the commentaries.

This book’s unique digital investigation proposition is a combination of story-telling, tutorials, and case studies. The book explores digital investigation from multiple angles:

  • Through the eyes of the author who has several years of experience in the subject.
  • Through the mind of the hacker who collects massive amounts of data from multiple online sources to identify targets as well as ways to hit the targets.
  • Through the eyes of industry leaders.

This book is ideal for:

Investigation professionals, forensic analysts, and CISO/CIO and other executives wanting to understand the mindset of a hacker and how seemingly harmless information can be used to target their organization.

Security analysts, forensic investigators, and SOC teams looking for new approaches on digital investigations from the perspective of collecting and parsing publicly available information.

CISOs and defense teams will find this book useful because it takes the perspective of infiltrating an organization from the mindset of a hacker. The commentary provided by outside experts will also provide them with ideas to further protect their organization’s data.

Table of contents

  1. Cover
  2. Prologue
    1. My Story
  3. CHAPTER 1: Getting Started
    1. Why This Book Is Different
    2. What You Need to Know
    3. Important Resources
    4. Cryptocurrencies 101
    5. Summary
  4. CHAPTER 2: Investigations and Threat Actors
    1. The Path of an Investigator
    2. The Dark Overlord
    3. Summary
  5. Part I: Network Exploration
    1. CHAPTER 3: Manual Network Exploration
      1. Asset Discovery
      2. Phishing Domains and Typosquatting
      3. Summary
    2. CHAPTER 4: Looking for Network Activity (Advanced NMAP Techniques)
      1. Getting Started
      2. Working against Firewalls and IDS
      3. Summary
    3. CHAPTER 5: Automated Tools for Network Discovery
      1. SpiderFoot
      2. SpiderFoot HX (Premium)
      3. Intrigue.io
      4. Recon‐NG
      5. Summary
  6. Part II: Web Exploration
    1. CHAPTER 6: Website Information Gathering
      1. BuiltWith
      2. Webapp Information Gatherer (WIG)
      3. CMSMap
      4. WPScan
      5. Summary
    2. CHAPTER 7: Directory Hunting
      1. Dirhunt
      2. Wfuzz
      3. Photon
      4. Intrigue.io
      5. Summary
    3. CHAPTER 8: Search Engine Dorks
      1. Essential Search Dorks
      2. Automated Dorking Tools
      3. Summary
    4. CHAPTER 9: WHOIS
      1. WHOIS
      2. Whoisology
      3. DomainTools
      4. Summary
    5. CHAPTER 10: Certificate Transparency and Internet Archives
      1. Certificate Transparency
      2. Wayback Machine and Search Engine Archives
      3. Summary
    6. CHAPTER 11: Iris by DomainTools
      1. The Basics of Iris
      2. Guided Pivots
      3. Bringing It All Together
      4. Summary
  7. Part III: Digging for Gold
    1. CHAPTER 12: Document Metadata
      1. Exiftool
      2. Metagoofil
      3. Recon‐NG Metadata Modules
      4. Intrigue.io
      5. FOCA
      6. Summary
    2. CHAPTER 13: Interesting Places to Look
      1. TheHarvester
      2. Paste Sites
      3. Forums
      4. Code Repositories
      5. Wiki Sites
      6. Summary
    3. CHAPTER 14: Publicly Accessible Data Storage
      1. The Exactis Leak and Shodan
      2. CloudStorageFinder
      3. NoSQL Databases
      4. NoScrape
      5. Summary
  8. Part IV: People Hunting
    1. CHAPTER 15: Researching People, Images, and Locations
      1. PIPL
      2. Public Records and Background Checks
      3. Image Searching
      4. Cree.py and Geolocation
      5. IP Address Tracking
      6. Summary
    2. CHAPTER 16: Searching Social Media
      1. OSINT.rest
      2. Skiptracer
      3. Userrecon
      4. Reddit Investigator
      5. Summary
    3. CHAPTER 17: Profile Tracking and Password Reset Clues
      1. Where to Start (with TDO)?
      2. Building a Profile Matrix
      3. Social Engineering
      4. Using Password Reset Clues
      5. Summary
    4. CHAPTER 18: Passwords, Dumps, and Data Viper
      1. Using Passwords
      2. Acquiring Your Data
      3. Data Viper
      4. Summary
    5. CHAPTER 19: Interacting with Threat Actors
      1. Drawing Them Out of the Shadows
      2. Who Is WhitePacket?
      3. YoungBugsThug
      4. Establishing a Flow of Information
      5. Summary
    6. CHAPTER 20: Cutting through the Disinformation of a 10‐Million‐Dollar Hack
      1. GnosticPlayers
      2. GnosticPlayers' Posts
      3. Making Contact
      4. Bringing It All Together
      5. What Really Happened?
      6. Summary
  9. Epilogue
    1. In Closing, Thank You!
  10. Index
  11. End User License Agreement

Product information

  • Title: Hunting Cyber Criminals
  • Author(s): Vinny Troia
  • Release date: February 2020
  • Publisher(s): Wiley
  • ISBN: 9781119540922