The purpose of writing this is to educate individuals whom are interested in Open source intelligence/Human intelligence which they would be able to use the knowledge i am sharing for good. And also educate folks on Sock-puppeting so that one can identify a sock puppet and not fall prey.
The art of Sock-Puppting refers to a technique used where an identity is made for the sole purpose of either gathering intelligence online, or counter intelligence online.
There are four types of sock-puppets: block evasion, ballot stuffing, straw-man sock-puppet and meat puppet.
Sock-puppets prey on the human tendency to favor people…
When i am trying out CTF challenges i.e.: Hack The Box, once i have completed my reconnaissance i,e: nmap, dirb. This is a process i would usually run in the background. This would useful if you’re doing CTF challanges or you’re developing a web app and this would give you an understanding why the IT department implements a password policy which needs to have the special characters and your soul which also needs to be changed every other day.
What is Brute force?
A brute force attack is a cryptographic attack that relies on guessing possible combinations until the correct…
What is Shodan
Shodan (Sentient Hyper-Optimized Data Access Network) is a very powerful search engine that allows users to search IoT devices by performing service banner grabbing
What is Banner Grabbing?
Banner grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network. However, an intruder can use banner grabbing in order to find network hosts that are running versions of applications and operating systems with known exploits
Why is Shodan Powerful?
Why would you need this varies.
But i usually use this when i am following Geo-political events.
What is ADS-B
ADS-B Stands for Automatic Dependent Surveillance–Broadcast (ADS–B) is a surveillance technology in which an aircraft determines its position via satellite navigation or other sensors and periodically broadcasts it, enabling it to be tracked. The information can be received by air traffic control ground stations as a replacement for secondary surveillance radar, as no interrogation signal is needed from the ground. It can also be received by other aircraft to provide situational awareness and allow self-separation.
Do fighter Jets/Sensitive Aircraft have…
Reconninance is one of the key steps you are required to take.
Nmap is an excellent networking scanning tool to gather information about your target.
nmap come pre-installed on Kali and Parrot, if however, it does not come pre-installed, run the following command:
‘’apt-get install nmap’
Before scanning a host
As a good habit, i always add target to my hosts file
the host file can be found in /etc/hosts
you may use nano or vim to edit
This will be useful when:
1) Monitoring GeoPolitics
2) Monitoring a Target
4)Information Gathering by location
5)Information Gathering by Time and Date
6) Information Gathering by event
Creator of the tool: https://github.com/twintproject
To install TWINT, run the following:
1) git clone https://github.com/twintproject/twint.git
2) cd to twint directory
Over the years, i have gathered various OSIT tools.
From tracking social media accounts, plane, ship/vessel and train movments Geo-location mapping, Data visualizing tools etc.
You may find some if not all of these tools useful.
I will update it periodically
Do note since most of the tools run on the web, some will be down.
Copy everything from here (remove the \\lines on both ends) to a notepad and save the notepad as bookmarks.html following which import the file to your browser as a bookmarks
Download the html file and import it to your bookmarks
How to import bookmarks:
Ansible is a power management tool which can be used to manage the configurations of mutiple nodes from a single node.
Ansible AWX is the GUI version (Open Source of Ansible tower)
Nexux Sonatype is a repository which can host, Docker, apt, yum Nuget .. and many more.
Below, i have went thru the process of setting these two up in one node.
Kindly let me know if i had missed out anything
Configuration Management: Ansible (AWX)
Respoitory: Nexus Sona Type
Prerequsites of the management node
Ubuntu 18 or Ubuntu 20 server
Download link: https://releases.ubuntu.com/20.04/