Tip: Like first, watch later, make it a habit.
Article directory
1. What are the points of OSINT?
1. What is non-technical OSINT, and what is technical OSINT?
2. Sequence of social engineering
OSINT, collect information----> design camouflage----> plan attack----> launch attack----> report
3. Simulate OSINT (see picture)
foreword
In our social engineering, a lot of intelligence belongs to OSINT (Open Source Intelligence). Learning to collect open source intelligence can help us do more with less.
1. What are the points of OSINT?
It can be roughly divided into two types, one is non-technical OSINT and the other is technical OSINT.
1. What is non-technical OSINT, and what is technical OSINT?
1. Non-technical OSINT: It refers to social engineers interacting directly with the target, for example, when the target logs in to the website, he can peek at his password, account number and other privacy without being discovered. (referred to as observation skills)
2. Technical OSINT: Refers to social engineers collecting open-source intelligence about targets on the Internet through computers, and launching attacks against them (common tools include zoomeye, fofa, and Skyeye)
2. Examples of OSINT problems
| organization type | question to ask |
| company | How the company uses the Internet |
| company | How the company uses social media |
| company | how the company pays |
| company | how the company gets paid |
| company | The company has a single or multiple offices |
| company | How many suppliers does the company have |
| company | What suppliers does the company have |
| personal | what hobbies does this person have |
| personal | What social media accounts does this person have |
| personal | what is this person's occupation |
| personal | Information about the person's family members |
| personal | Does this person have a related website |
| personal | How educated is this person |
| personal | where does this person usually go |
2. Sequence of social engineering
OSINT, collect information----> design camouflage----> plan attack----> launch attack----> report
3. Simulate OSINT (see picture)
Here we look up someone's information:
By querying q binding, the target's phone number and address are obtained
Then, the approximate name of the user × Jin x was obtained through Z Baobo, and compared with the original address, it was determined that this person was the target person. Afterwards we can confirm the exact name with a big phone call. If you dig deeper later, you can get more relevant information.
Summarize
In this chapter, we talked about OSINT (information collection) in social engineering. Through the explanation in this chapter, we took you to understand the first step of social engineering.