February 2020
Beginner
544 pages
12h 40m
English
Content preview from Hunting Cyber Criminals
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
CHAPTER 5Automated Tools for Network Discovery
We've looked at a number of manual command‐line tools you can use to gain intelligence on targets, but what if you're in a rush or just want to take a shotgun approach to finding as much as you can all at once?
This chapter will look at three automated tools you can use to gather information quickly, and the various features of each. The tools in this section are specifically called out as “automated” because they dig deeper into any results by automatically analyzing any results and entities obtained in your first step to find new information.
For example, if an email address is discovered, the tools will automatically query various APIs to find as many connection points to that email address as possible; whereas with command‐line tools, that is typically a manual process. These tools will automatically take your results from Step 1 and automate your next steps for you.
In the case of a discovered email address, the tool might look to see if it has been breached, or if there is any WHOIS data available from sources like SecurityTrails or Whoisology. In the case of a discovered IP address, the tools might automatically start looking up related domain names, or query threat intel feeds like VirusTotal to check if the IP is on any known blacklists.
The results between each tool are roughly 80% similar to each other. It's often that remaining 20% that can make the difference in an investigation and provide the most valuable (or unique) ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.