Hunting cyber criminals : a hacker's guide to online intelligence gathering tools and techniques (Book, 2020) []
skip to content
Hunting cyber criminals : a hacker's guide to online intelligence gathering tools and techniques Preview this item
ClosePreview this item

Hunting cyber criminals : a hacker's guide to online intelligence gathering tools and techniques

Author: Vinny Troia
Publisher: Indianapolis, Indiana : John Wiley & Sons, Inc., [2020] ©2020
Edition/Format:   Print book : EnglishView all editions and formats
"When your organization falls victim to cybercrime, you need to be ready to fight back. The burden of investigating digital security breaches often falls to organizations themselves, so developing a robust toolkit that enables you to track down criminals is essential. Hunting Cyber Criminals is filled with proven techniques to research the source of illicit network traffic, extract intelligence from publicly  Read more...

(not yet rated) 0 with reviews - Be the first.

More like this

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...


Genre/Form: Handbooks and manuals
Handbooks, manuals, etc
Document Type: Book
All Authors / Contributors: Vinny Troia
ISBN: 9781119540922 1119540925
OCLC Number: 1129201804
Notes: Includes index.
Description: xxxi, 503 pages : illustrations ; 24 cm
Contents: Prologue xxvChapter 1 Getting Started 1Why This Book is Different 2What You Will and Won't Find in This Book 2Getting to Know Your Fellow Experts 3A Note on Cryptocurrencies 4What You Need to Know 4Paid Tools and Historical Data 5What about Maltego? 5Prerequisites 5Know How to Use and Configure Linux 5Get Your API Keys in Order 6Important Resources 6OSINT Framework 6IntelTechniques 7Termbin 8Hunchly 9Wordlists and Generators 9SecLists 9Cewl 10Crunch 10Proxies 10Storm Proxies (Auto-Rotating) 10Cryptocurrencies 101 11How Do Cryptocurrencies Work? 12Blockchain Explorers 13Following the Money 15Identifying Exchanges and Traders 17Summary 18Chapter 2 Investigations and Threat Actors 19The Path of an Investigator 19Go Big or Go Home 20The Breach That Never Happened 21What Would You Do? 22Moral Gray Areas 24Different Investigative Paths 25Investigating Cyber Criminals 26The Beginning of the Hunt (for TDO) 27The Dark Overlord 27List of Victims 28A Brief Overview 29Communication Style 30Group Structure and Members 30Cyper 31Arnie 32Cr00k (Ping) 35NSA (Peace of Mind) 36The Dark Overlord 38Summary 41Part I Network Exploration 43Chapter 3 Manual Network Exploration 45Chapter Targets: and 46Asset Discovery 46ARIN Search 47Search Engine Dorks 48DNSDumpster 49Hacker Target 52Shodan 53Censys (Subdomain Finder) 56Censys Subdomain Finder 56Fierce 57Sublist3r 58Enumall 59Results 60Phishing Domains and Typosquatting 61Summary 64Chapter 4 Looking for Network Activity (Advanced NMAP Techniques) 67Getting Started 67Preparing a List of Active Hosts 68Full Port Scans Using Different Scan Types 68TCP Window Scan 70Working against Firewalls and IDS 70Using Reason Response 71Identifying Live Servers 71Firewall Evasion 73Distributed Scanning with Proxies and TOR 73Fragmented Packets/MTU 74Service Detection Trick 74Low and Slow 76Bad Checksums, Decoy, and Random Data 76Firewalking 79Comparing Results 79Styling NMAP Reports 81Summary 82Chapter 5 Automated Tools for Network Discovery 83SpiderFoot 84SpiderFoot HX (Premium) 95Entities Tab 96Analyzing 99Analyzing the Results 104Exporting Your Results 105Recon-NG 107Searching for Modules 111Using Modules 111Looking for Ports with Shodan 115Summary 116Part II Web Exploration 119Chapter 6 Website Information Gathering 121BuiltWith 121Finding Common Sites Using Google Analytics Tracker 123IP History and Related Sites 124Webapp Information Gatherer (WIG) 124CMSMap 129Running a Single Site Scan 130Scanning Multiple Sites in Batch Mode 130Detecting Vulnerabilities 131WPScan 132Dealing with WAFs/WordPress Not Detected 136Summary 141Chapter 7 Directory Hunting 143Dirhunt 143Wfuzz 146Photon 149Crawling a Website 152Summary 157Chapter 8 Search Engine Dorks 159Essential Search Dorks 160The Minus Sign 160Using Quotes 160The site: Operator 161The intitle: Operator 161The allintitle: Operator 162The fi letype: Operator 162The inurl: Operator 163The cache: Operator 165The allinurl: Operator 165The fi lename: Operator 165The intext: Operator 165The Power of the Dork 166Don't Forget about Bing and Yahoo! 169Automated Dorking Tools 169Inurlbr 169Using Inurlbr 171Summary 173Chapter 9 WHOIS 175WHOIS 175Uses for WHOIS Data 176Historical WHOIS 177Searching for Similar Domains 177Searching for Multiple Keywords 179Advanced Searches 181Looking for Threat Actors 182Whoisology 183Advanced Domain Searching 187Worth the Money? Absolutely 188DomainTools 188Domain Search 188Bulk WHOIS 189Reverse IP Lookup 189WHOIS Records on Steroids 190WHOIS History 192The Power of Screenshots 193Digging into WHOIS History 193Looking for Changes in Ownership 194Reverse WHOIS 196Cross-Checking All Information 197Summary 199Chapter 10 Certificate Transparency and Internet Archives 201Certificate Transparency 201What Does Any of This Have to Do with Digital Investigations? 202Scouting with CTFR 204CT in Action: Side-stepping Cloudflare 204Testing More Targets 208CloudFlair (Script) and Censys 209How Does It Work? 210Wayback Machine and Search Engine Archives 211Search Engine Caches 214Wayback Machine Scraper 214Enum Wayback 215Scraping Wayback with Photon Site Search URLs 217Wayback Site Digest: A List of Every Site URL Cached by Wayback 219Summary 220Chapter 11 Iris by DomainTools 221The Basics of Iris 221Guided Pivots 223Configuring Your Settings 223Historical Search Setting 224Pivootttt!!! 225Pivoting on SSL Certificate Hashes 227Keeping Notes 228WHOIS History 230Screenshot History 232Hosting History 232Bringing It All Together 234A Major Find 240Summary 241Part III Digging for Gold 243Chapter 12 Document Metadata 245Exiftool 246Metagoofil 248Recon-NG Metadata Modules 250Metacrawler 250Interesting_Files Module 252Pushpin Geolocation Modules 257FOCA 261Starting a Project 262Extracting Metadata 263Summary 266Chapter 13 Interesting Places to Look 267TheHarvester 268Running a Scan 269Paste Sites 273Forums 274Investigating Forum History (and TDO) 275Following Breadcrumbs 276Tracing Cyper's Identity 278Code Repositories 281Searching for Code 282False Negatives 283Gitrob 284Git Commit Logs 287Wiki Sites 288Wikipedia 289Summary 292Chapter 14 Publicly Accessible Data Storage 293The Exactis Leak and Shodan 294Data Attribution 295Shodan's Command-Line Options 296Querying Historical Data 296CloudStorageFinder 298Amazon S3 299Digital Ocean Spaces 300NoSQL Databases 301MongoDB 302Robot 3T 302Mongo Command-Line Tools 305Elasticsearch 308Querying Elasticsearch 308Dumping Elasticsearch Data 311NoScrape 311MongoDB 313Elasticsearch 314Scan 314Search 315Dump 317MatchDump 317Cassandra 318Amazon S3 320Using Your Own S3 Credentials 320Summary 321Part IV People Hunting 323Chapter 15 Researching People, Images, and Locations 325PIPL 326Searching for People 327Public Records and Background Checks 331Threat Actors Have Dads, Too 332Criminal Record Searches 332Image Searching 333Google Images 334Searching for Gold 335Following the Trail 335TinEye 336EagleEye 340Searching for Images and Geolocation 343Getting Started 343IP Address Tracking 346Summary 347Chapter 16 Searching Social Media 350Another Test Subject 355Twitter 357SocialLinks: For Maltego Users 358Skiptracer 361Running a Search 361Searching for an Email Address 361Searching for a Phone Number 364Searching Usernames 366One More Username Search 368Userrecon 370Reddit Investigator 372A Critical "Peace" of the TDO Investigation 374Summary 375Chapter 17 Profile Tracking and Password Reset Clues 377Where to Start (with TDO)? 377Building a Profile Matrix 378Starting a Search with Forums 379Ban Lists 381Social Engineering 381SE'ing Threat Actors: The "Argon" Story 383Everyone Gets SE'd-a Lesson Learned 387The End of TDO and the KickAss Forum 388Using Password Reset Clues 390Starting Your Verification Sheet 391Gmail 391Facebook 393PayPal 394Twitter 397Microsoft 399Instagram 400Using jQuery Website Responses 400ICQ 403Summary 405Chapter 18 Passwords, Dumps, and Data Viper 407Using Passwords 408Completing F3ttywap's Profile Matrix 409An Important Wrong Turn 412Acquiring Your Data 413Data Quality and Collections 1-5 413Always Manually Verify the Data 415Where to Find Quality Data 420Data Viper 420Forums: The Missing Link 421Identifying the Real "Cr00k" 422Tracking Cr00k's Forum Movements 423Timeline Analysis 423The Eureka Moment 427Vanity over OPSEC, Every Time 429Why This Connection is Significant 429Starting Small: Data Viper 1.0 430Summary 431Chapter 19 Interacting with Threat Actors 433Drawing Them Out of the Shadows 433Who is WhitePacket? 434The Bev Robb Connection 435Stradinatras 436Obfuscation and TDO 437Who is Bill? 439So Who Exactly is Bill? 440YoungBugsThug 440How Did I Know It Was Chris? 441A Connection to Mirai Botnet? 442Why Was This Discovery So Earth-Shattering? 444Question Everything! 445Establishing a Flow of Information 446Leveraging Hacker Drama 447Was Any of That Real? 448Looking for Other Clues 449Bringing It Back to TDO 450Resolving One Final Question 451Withdrawing Bitcoin 451Summary 452Chapter 20 Cutting through the Disinformation of a 10-Million-Dollar Hack 453GnosticPlayers 454Sites Hacked by GnosticPlayers 456Gnostic's Hacking Techniques 457GnosticPlayers' Posts 459GnosticPlayers2 Emerges 461A Mysterious Third Member 462NSFW/Photon 463The Gloves Come Off 464Making Contact 465Gabriel/Bildstein aka Kuroi'sh 465Contacting His Friends 467Weeding through Disinformation 468Verifying with Wayback 468Bringing It All Together 469Data Viper 469Trust but Verify 472Domain Tools' Iris 474Verifying with a Second Data Source 475The End of the Line 476What Really Happened? 476Outofreach 476Kuroi'sh Magically Appears 477What I Learned from Watching Lost 477Who Hacked GateHub? 478Unraveling the Lie 479Was Gabriel Involved? My Theory 479Gabriel is Nclay: An Alternate Theory 479All roads lead back to NSFW 480Summary 481Epilogue 483Index 487
Responsibility: Vinny Troia, PhD.


"When your organization falls victim to cybercrime, you need to be ready to fight back. The burden of investigating digital security breaches often falls to organizations themselves, so developing a robust toolkit that enables you to track down criminals is essential. Hunting Cyber Criminals is filled with proven techniques to research the source of illicit network traffic, extract intelligence from publicly available web sources, and hunt the individuals who would do harm to your organization. With easy-to-follow examples Hunting Cyber Criminals provides vital guidance on investigating cybersecurity incidents. It shows how, even starting from just a single IP address, you can embark on an investigative journey to uncover the information you need to shore up your defenses, involve law enforcement, and shut down hackers for good."--Back cover.


User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...


Be the first.
Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.