Category Archives: OSINT

Open Source Intelligence (OSINT)

Secure your DNS!

Being accidentally given a list of all domains and sub-domains within an organisation increases vulnerability to attacks and exploits. A recent engagement uncovered something I”ve never encountered before – I was able to complete a full DNS zone transfer.  Usually DNS is locked down so that it’s not possible to complete a zone transfer, but… Read More »

Responsible disclosure: Supporters and critics

Doing the right thing doesn’t always please everyone Recently I’ve been having a refresher around the area of Google Dorks – using sites and content indexed by Google to carry out Open Source Intelligence (OSINT). As is always the case, you’ll stumble across some interesting items that you can be sure the owner doesn’t want… Read More »