Network DiscoveryInside Out

What’s in a name?

Target Identification

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 2

Ask the right questions

Identify keywords

Recon – find the history of the company

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 4

Look Outside

ARIN Whois, Domain Dossier, reverse.report, Robtex, Dnsdumpster, Zoomeye, Shodan, Censysand so on..

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 6

From the inside

nslookup, dig, nmap

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 8

Pandora’s box

recon-ng, datasploit, maltego

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 10

Rigging information wells

DNS history, Related domains, CIDRs

NetBlocks, Name Servers

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 12

Purple Teaming

The importance of OSINT

How different from Red and Blue Teams

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 14

The basic emotions

Interpreting response and responsibilities

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 16

AngerProduct Owners

Developers

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 17

FearDevOps

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 18

SadnessManagers

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 19

JoyQA

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 20

DisgustCFO

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 21

Credits

• Google Images

• Pixar

OWASP / n|u Delhi Chapter Meet – November 2016 – A K Goel 22

That’s all for today, folks.A K Goel