Week 4 - Information Gathering

Basics

As with everything, you're bound by FSU rules and common decency. Don't break them.

Basics

Honestly, this is WAY TOO EASY. This is the tiniest silver lining of the fact that we're living in an absolutely hellish privacy apocalypse.

The problem is usually TOO MUCH information, not too little — but that's better (for us in this class.)

Basics

Text is king. More on this later...

Basics

ALSO, everything changes. MOST of the resources I thought I knew well had changed in some way when I reviewed for todays class.

"Official" vs "Unofficial" is very blurry, especially on these people searching things.
...which leads me to:

META-ISSUES

FIRST, browse safely (as possible)
Use Firefox and all the privacy addons. I use:
- Privacy Badger
- uBlock Origin
-Firefox Multi Account Containers
- Tab Session Manager (once again, go ahead and pay for free software)

Private Browsing" is of extremely minimal use, (i.e. it pretty much only protects YOU against OTHER PEOPLE WHO USE YOUR PHYSICAL COMPUTER. It also does help with some trackers and adblocking i.e. you might be able to use it to get past paywalls)

META-ISSUES

BETTER YET, use a VM. (I mean, do both)
We have them! I'm putting them through their paces now...

Concepts and how to teach yourself

Who else?

duckduckgo
Bing
Yandex
Anything else?

Cybersec Specific

Okay, except for shodan, I presently have no clue which of these are legit and which arent...

Simple Text vs. (Un)Natural Language Search

Simple Text

"Boolean", e.g. ANDS and NOTS
Provable
Local
Predictable
Precise
(Simple but not easy)

("Margarita Taco" should only return Margarita RIGHT NEXT TO Taco, which would probably taste weird)

(Un)Natural Language

Expansive
Intuitive
Biased
Money-Driven
Imprecise
(Easy but not simple)

("Margarita Taco" might mess around and return Burrito)

Known Sources that aren't Google?

"Stack Overflow"
"Quora"
"Hacker News"
"site:reddit.com"
"author comment forum"

GOOGLE DORKING

What a weird name. It's just searching.
e.g. intitle, index etc.

Connecting the Dots

People
Organizations
vs.
IP Addresses
email addresses
Domains
x`

ITS ALL TEXT.

Thus, get familiar with Basic Linux Text Tools

View file

cat - print file to STDOUT
less - viewable, if multiple pages
echo - print string to STDOUT (usually used with variables)

Redirects and pipes

>  overwrite a file
>> append to a file
| "pipe" from the first into the second

Just a lil' bit

head - some of the beginning of a file
tail - some of the end

Real searching and ordering:

grep (or rg) - search for a regular expression, print matches (or files or both)
sort - sort alphabetically, numerically, or some other way
strings - try to find readable strings in a file

Easy Modification

cut - grab "field" or "fields" from a line (bytes or characters too, but thats boring)
tr - transliterate - change a character to another character (or delete)

The hardcore stuff

(I only pull these out when I need the big guns)
sed - "stream editor"
awk - more powerful than cut and tr, but harder

Do the whole file

I use this all the time: 

while read line; do
	# do something to $line, usually with cut
done < file_to_mess_with.txt

(power users probably have a more efficient way, but this is intuitive to me)
("line" here is a variable, you could use "wumpus")

Cybersec Tools

For every "amazing cybersec tool" you might see,
- break down the task
- see if there's a simpler option
- but don't get too caught up, sometimes you need to do what works, or what you have.

Before Thurs:

sudo apt install zim