O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Hacking Web Intelligence

Book Description

Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment—that is, reconnaissance—is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data.

Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods.

Hacking Web Intelligence is an in-depth technical reference covering the methods and techniques you need to unearth open source information from the Internet and utilize it for the purpose of targeted attack during a security assessment. This book will introduce you to many new and leading-edge reconnaissance, information gathering, and open source intelligence methods and techniques, including metadata extraction tools, advanced search engines, advanced browsers, power searching methods, online anonymity tools such as TOR and i2p, OSINT tools such as Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, Social Network Analysis (SNA), Darkweb/Deepweb, data visualization, and much more.

  • Provides a holistic approach to OSINT and Web recon, showing you how to fit all the data together into actionable intelligence
  • Focuses on hands-on tools such as TOR, i2p, Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, FOCA, EXIF, Metagoofil, MAT, and many more
  • Covers key technical topics such as metadata searching, advanced browsers and power searching, online anonymity, Darkweb / Deepweb, Social Network Analysis (SNA), and how to manage, analyze, and visualize the data you gather
  • Includes hands-on technical examples and case studies, as well as a Python chapter that shows you how to create your own information-gathering tools and modify existing APIs

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Preface
  6. About the Authors
  7. Acknowledgments
  8. Chapter 1. Foundation: Understanding the Basics
    1. Introduction
    2. Internet
    3. World Wide Web
    4. Defining the basic terms
    5. Web browsing—behind the scene
    6. Lab environment
  9. Chapter 2. Open Source Intelligence and Advanced Social Media Search
    1. Introduction
    2. Open source intelligence
    3. How we commonly access OSINT
    4. Web 2.0
    5. Social media intelligence
    6. Social network
    7. Advanced search techniques for some specific social media
    8. Web 3.0
  10. Chapter 3. Understanding Browsers and Beyond
    1. Introduction
    2. Browser operations
    3. History of browsers
    4. Browser architecture
    5. Browser features
    6. Raw browsers
    7. Some of the well-known custom browsers
    8. Addons
    9. Bookmark
    10. Threats posed by browsers
  11. Chapter 4. Search the Web—Beyond Convention
    1. Introduction
  12. Chapter 5. Advanced Web Searching
    1. Introduction
    2. Google
    3. Bing
    4. Yahoo
    5. Yandex
  13. Chapter 6. OSINT Tools and Techniques
    1. Introduction
    2. Creepy
    3. TheHarvester
    4. Shodan
    5. Search Diggity
    6. Recon-ng
    7. Yahoo Pipes
    8. Maltego
  14. Chapter 7. Metadata
    1. Introduction
    2. Metadata extraction tools
    3. Impact
    4. Metadata removal/DLP tools
  15. Chapter 8. Online Anonymity
    1. Anonymity
    2. Online anonymity
    3. Why do we need to be anonymous
    4. Ways to be anonymous
  16. Chapter 9. Deepweb: Exploring the Darkest Corners of the Internet
    1. Introduction
    2. Why to use it?
    3. Why not to use it?
    4. Darknet services
    5. Disclaimer
  17. Chapter 10. Data Management and Visualization
    1. Introduction
    2. Data management and analysis tools
  18. Chapter 11. Online Security
    1. Introduction
    2. Malwares
    3. Phishing
    4. Online scams and frauds
    5. Hacking attempts
    6. Weak password
    7. Shoulder surfing
    8. Social engineering
    9. Antivirus
    10. Identify phishing/scams
    11. Update operating system and other applications
    12. Addons for security
    13. Tools for security
    14. Password policy
    15. Precautions against social engineering
    16. Data encryption
  19. Chapter 12. Basics of Social Networks Analysis
    1. Introduction
    2. Gephi
    3. Node attributes
    4. Edge attributes
  20. Chapter 13. Quick and Dirty Python
    1. Introduction
  21. Chapter 14. Case Studies and Examples
    1. Introduction
    2. Case studies
  22. Chapter 15. Related Topics of Interest
    1. Introduction
    2. Cryptography
    3. Data recovery/shredding
    4. Internet Relay Chat
    5. Bitcoin
  23. Index