certified ethical hacking part 4

SERIES

Watch certified ethical hacking part 4 - SERIES on Dailymotion

Transcript

00:00:00so trace route analysis so attackers can conduct trace route extract information

00:00:17or to extract information about networking topology trusted routers and firewall locations

00:00:23is in fact this is used so much against organizations they started some of the

00:00:28firewalls now will not decrement the TTL on a trace route just so that you can't tell

00:00:34that it just hopped an appliance right that might be your IDS or something like that so

00:00:40they try to kind of hide a little bit so not all systems nowadays will decrement but if

00:00:45you have a firewall it definitely will so firewall locations for example after running several

00:00:55trace routes an attacker might obtain the following information so you have this trace route

00:01:00feedback and then putting this information together attackers can draw the network diagram

00:01:05so you can kind of tell what's what and where okay so this is true this is how people use

00:01:10it but it's also you know well if it's such an attack such a cool attack told them why is

00:01:15it why does it exist well it exists because we use it for troubleshooting and taking taking

00:01:20a look at which path we're taking out to the internet and things like that to try and discern

00:01:25is it broken is it on the internet or is it on my network and then some trace route tools path

00:01:30analyzer pro and visual route here's a bunch more tools that you need to play around with nothing

00:01:37worth noting here footprinting through social engineering so social engineering is an art of

00:01:44exploiting human behavior to extract confidential information social engineers depend on the fact

00:01:49that people are unaware of their valuable information and are careless about protecting it and this

00:01:54is true not everyone is careless they just may catch you sleeping right so that's what they count

00:01:59on social engineering attempts to gather credit card details and social security numbers nobody's

00:02:04really stupid enough to give this out although there are older people elderly that are attacked

00:02:08on the phone give me your social I'm never gonna help you and unfortunately they surrender to that

00:02:14kind of thing tragic but it happens user names and passwords security products and use operating systems

00:02:21and software versions network layout information IP address names and servers IP addresses names and

00:02:29servers and then social engineering techniques are eavesdropping so shoulder surfing dumpster diving and

00:02:34impersonation on social networking sites so when you're typing your password just kind of be a little bit

00:02:41paranoid make sure that no one's watching you when you're doing it collecting information using

00:02:45eavesdropping soldier shoulder surfing and dumpster diving so what is this stuff right eavesdropping is

00:02:52unauthorized listening on a conversation or reading of messages so I just come and sit next to you at

00:02:58Starbucks and listen to what you guys are saying it is an interception of any form of communication such as

00:03:04audio video or written but audio I caution you do not eavesdrop on phone calls if you provide proof to

00:03:11someone that you did that that is a federal offense that is a big big deal you can get in a lot of

00:03:15trouble for that only law enforcement can do that shoulder surfing shoulder surfing is a technique where

00:03:22attackers secretly observe the target to gain critical information attackers gather information

00:03:26such as passwords personal identification numbers account details credit card information etc etc so dumpster

00:03:34diving dumpster diving is looking for treasure in someone else's trash so it doesn't mean that you're out in

00:03:39the dumpster in the back although that's the classic definition it could also mean that I just picked it

00:03:44up off the floor in your office as I was walking through okay so there's a test question about this

00:03:49don't let them trick you with that one it also involves a collection of phone bills contact information

00:03:54financial information operations related information etc etc from the target companies trash bins printer trash

00:04:01bin user desktop sticky notes etc there you go so it's not just trash it can be something off of your desk

00:04:08so I could be dumpster diving if I'm just peeking over while you're typing my computer information

00:04:12in at the doctor's office and I peek over and grab you know my target social security number off of

00:04:17something that he just filled out so he's going for a doctor's appointment he has to check in he has to

00:04:21give a social I'm standing right behind him I may hear it I may see it I may read it whatever

00:04:28that's all dumpster diving and shoulder surfing is if I'm watching you over your shoulder type something

00:04:33and then eavesdropping is electronic interception okay so those are the test definitions so now we're

00:04:40going to get into footprinting tools multigo multigo is a program that can be used to determine the

00:04:46relationship and real world links between people groups of people social networks companies organizations

00:04:52websites internet infrastructure phrases and documents and files so multigo is has been around a while

00:05:01it's primarily a law enforcement tool now there's a paid version that they use you can't even buy the

00:05:07paid version unless you're some type of law enforcement it has a lot of information in it

00:05:12there you can use it for free stuff but it's not very fruitful for the free version

00:05:19um footprinting tool recon ng recon ng uh one more thing I want to say about this if you're going

00:05:25to a company and you're just starting there and you say hey timber told me about this cool tool called

00:05:28maltego but we have to pay to use it make sure you trial it before you use it because it depends

00:05:34on what group you are as to what they'll let you have access to so make sure you do a trial like a

00:05:38two-week trial or something to make sure that it's going to be fruitful for your organization because

00:05:42it's expensive recon ng is a web reconnaissance framework with independent modules database interaction

00:05:49built with convenience with built-in convenience functions and stuff like that so recon ng is pretty

00:05:55cool you can play around with that and then foca focus another tool fingerprint organization with

00:06:01collected archives so this will kind of you need to run this over and over and over to get good stuff

00:06:07over a period of time right um foca is possible to undertake um using focus is possible to undertake

00:06:13multiple attacks and analysis techniques such as um metadata extraction and network analysis dns snooping

00:06:20proxy search fingerprinting open directories search etc etc so it's kind of a cool tool i don't use it

00:06:26often and then uh additional fingerprinting tools here's another list for you robtex robtex is a good

00:06:32one dns digger is a good one um the autonomous system scanner um i don't use that one but robtex is a great

00:06:41one you need to learn how to use it it's kind of tricky the menus are really small so just pay attention when

00:06:45you're in there additional footprinting tools ns lookup is a huge one um here's another list of tools google

00:07:01hacks is a good one the bio suite i've heard that i've heard good things about it but i've never used

00:07:06it the google hack db that's pretty good um you can play around with that it's fun to play around with

00:07:11anyway

00:07:38footprinting countermeasures so what can we do about footprinting we

00:07:41You can restrict the employees to access to social networking sites from the organization's

00:07:45network, so then they'll just go and do it at home or they'll step out of the office

00:07:48and use their phone.

00:07:49You can't really stop this, so that's not valid anymore, but just for the test know

00:07:53that that's one of the answers.

00:07:55You can configure the web servers to avoid information leakage.

00:07:58Yes, you can, and that's a good one.

00:08:00Educate employees to use pseudonyms on blogs, groups, and forums.

00:08:03Yes, you can do that.

00:08:05Do not reveal critical information in press releases, annual reports, product catalogs,

00:08:10et cetera, so when you're producing this documentation, anything that 10 or more people are going

00:08:14to read, you should consider public.

00:08:16So just think of it like that.

00:08:17If you're going to put something out there to 10 or more people, you just might as well

00:08:20consider it public information.

00:08:22Limit the amount of information that you are publishing on the website and internet.

00:08:26So you want to limit the information you're putting out there.

00:08:28Only put what you have to.

00:08:30Make it vague.

00:08:31No specifics.

00:08:33Use footprinting techniques to discover and remove any sensitive information that is publicly

00:08:36available.

00:08:37You want to do a test yourself and find out what you've already leaked or what you may

00:08:41be leaking inadvertently.

00:08:43You want to prevent search engines from caching a webpage and using anonymous registration services.

00:08:49This is true.

00:08:53More countermeasures.

00:08:54Enforce security policies to regulate the information that the employees can reveal to third parties.

00:08:58Set apart internal and external DNS or use split DNS to restrict zone transfers to authorized

00:09:05servers.

00:09:06So don't put your public network information out, I mean your private network information

00:09:10out on your public DNS.

00:09:13Don't put that, you know, we have a camera at 10.0.4.5.

00:09:17You might have camera.yourdomain.com and then that IP could be tied to that and that's

00:09:22a bad thing because now I know one, that you have a camera and two, that you're using 10.whatever

00:09:28networking IP addresses.

00:09:29That's a lot less work I have to do once I gain access to your network.

00:09:34Disabled director listings in the web servers.

00:09:37Educate employees about various social engineering tips and tricks and risks.

00:09:41So education is a big one and they need to be reminded because you can't do it once a year

00:09:45they'll forget.

00:09:46So don't put a whole bunch of money in one training.

00:09:48Just, it's better to spread it out and just do constant reminders, hey don't forget

00:09:52about phishing, hey don't forget about phishing.

00:09:53Opt for privacy services on Whois lookup databases.

00:09:58Avoid domain cross-linking for critical assets.

00:10:01And then encrypts and password protects sensitive information.

00:10:06So footprinting penetration testing.

00:10:10Footprint penetration testing is used to determine an organization's publicly available information.

00:10:15The tester attempts to gather as much information as possible about the target org from the internet

00:10:19or other publicly available sources or accessible sources.

00:10:23Prevent information leakage.

00:10:24Prevent social engineering attempts.

00:10:26Prevent DNS record retrieval from publicly available servers.

00:10:30So prevent zone transfers.

00:10:32And then footprinting pentesting helps organizations to do all of the following.

00:10:36So don't take this stuff lightly, it is a very big deal.

00:10:42So you want to get the proper authorization.

00:10:43You want to define the scope of the assessment.

00:10:46So we're talking about a pentest footprint here.

00:10:49Define the scope of the assessment.

00:10:50Perform footprinting through search engines.

00:10:52And perform Google hacking.

00:10:54So scope is a big deal on a pentest.

00:10:56It always tends to creep.

00:10:58And then use search engines such as, you know, Google, Yahoo, Search, Bing, whatever you

00:11:03want to use, Dogpile.

00:11:07Use tools such as GHDB, MetaGoo, Phil, and SiteDigger, etc.

00:11:12These tools, you need to be familiar with the names of them and what they do and not necessarily

00:11:15the tools unless I specifically mention them.

00:11:19Get proper authorization.

00:11:20Well, that's for the test, you know, not for real life.

00:11:22For real life, you want to be familiar with everything you can.

00:11:25But you want to get proper authorization and define the scope of the assessment.

00:11:28That's a big one.

00:11:29Big, big, big.

00:11:31Footprint to search engines such as blah, blah, blah.

00:11:34You can use whatever search engines you want.

00:11:35We've already talked about that three or four times now.

00:11:38Perform Google hacking using tools such as GHDB.

00:11:42Google hacking database is what that is.

00:11:44And then MetaGoo, Phil, SiteDigger, etc.

00:11:48Then we want to go in and gather target information or target organization employees information

00:11:54from their personal profiles.

00:11:56Facebook, LinkedIn, Twitter, Google, Pinterest.

00:11:59If you're a security engineer at a company and you have, you know, hey, I work with Cisco

00:12:02all the time and you're going to work for company X and you're in security, you probably

00:12:06don't want to list that you work at that company.

00:12:08It's probably just prudent to say, hey, I'm a security engineer, I'm a senior security

00:12:13engineer, I'm a principal security engineer, I'm a new security engineer, I'm an intern,

00:12:18and list what you're doing and what you're working on.

00:12:20But there's no reason to list a company.

00:12:22There's no reason for that until you give them your resume and then know whom you're giving

00:12:26your resume to.

00:12:28So you want to perform website footprinting using tools such as, one more thing I want to

00:12:32say about that is you should encrypt your resumes so that you can revoke the keys that they're

00:12:36used with down the road, right?

00:12:38So that stuff's not out there forever.

00:12:41H2P track website, copier, Black Widow, Web Ripper, we talked about that, cloning websites,

00:12:46right?

00:12:47And then perform email footprinting and using tools such as email tracker pro, polite mail,

00:12:55some of the email tools we looked up or we looked at.

00:12:58And then gather competitive information using tools such as Hoover, Alexis, and Access BusinessWire,

00:13:03et cetera, et cetera.

00:13:04I don't know that that's too valuable unless you're going to be attacked.

00:13:07So unless you're doing a real attack, it's probably not that valuable for a pen test.

00:13:10But you may want to just let them know about it.

00:13:13Most of the time you'll find so much stuff that this won't make it in.

00:13:16So don't leave this off of future pen tests.

00:13:20So always revisit, you know, have a hard list, revisit the list.

00:13:23And again, scope is going to be a big thing.

00:13:25You only have time.

00:13:26You only have so much time, you've got to figure out what you can fit in that time frame.

00:13:30And then you want to document the findings.

00:13:33Let's see.

00:13:34We are still performing the Whois footprinting, perform the DNS footprinting, perform the network

00:13:40footprinting, and the social engineering.

00:13:43So we talked about all of this several times.

00:13:49And then reporting templates.

00:13:50So these are big, right?

00:13:51So reporting templates are big.

00:13:53So you need to have a template.

00:13:54So you go through and when you're typing everything up, you're going, oh yeah, I forgot to do this.

00:13:58And then you can go do that or, hey, you know, I wonder if there's anything interesting in

00:14:01here.

00:14:02Or I know that doesn't apply to this one.

00:14:03So templates are good because you can just kind of throw out what you want and they'll

00:14:06help remind you of what you need to put in there.

00:14:08And I highly recommend that as you're going through the pen test, you start filling out

00:14:12the report.

00:14:13That way you don't miss anything.

00:14:14It's very easy to do when you get caught up in the details of something.

00:14:17You can deep dive into something for a week and just brain dump everything else that

00:14:20you're trying to do for this report, right?

00:14:23So templates are important.

00:14:26More information about the templates, you can read about that.

00:14:30Footprinting is a process of collecting.

00:14:32So in summary, footprinting is a process of collecting as much information as possible about

00:14:35a target network for identifying various ways to intrude into an organization's network

00:14:40system.

00:14:41It reduces an attacker's focus to specific range of IP addresses, network domain names,

00:14:46remote access, et cetera.

00:14:48And then attackers use search engines to extract information about a target, absolutely.

00:14:54Attackers use social engineering tricks to gather sensitive information from social networking

00:14:58websites such as Facebook, MySpace, LinkedIn, Twitter, Pinterest, Google, et cetera, et cetera.

00:15:02Absolutely true.

00:15:03Information obtained from target's website enables attackers to build a detailed map of

00:15:07website structure and architecture, true.

00:15:10And then competitive intelligence is the process by identifying, gathering, analyzing, verifying,

00:15:16and using information about your competitors from resources such as the internet.

00:15:21DNS records provide important information about location and types of servers.

00:15:27Attackers conduct traceroute to extract information about network topology, trusted routers, and

00:15:33firewall locations.

00:15:46Hey everyone, welcome to Cybersecurity Think Tank, myself Manish Sharma, working as a Cybersecurity

00:16:12Trainer.

00:16:14You can catch me on Cybersecurity Think Tank dot com on the instructor tab.

00:16:20You can get my profile.

00:16:23So today, we are going to start CH Labs, we are going to show you the complete demonstration

00:16:31of a single single tool software, right.

00:16:36This lab is all about the open source information gathering using Windows command line utilities.

00:16:43Simply we are talking about the command prompt directly, right.

00:16:47So you know, by using command prompt, how we can get the information of a website, you know,

00:16:53what kind of command we can use in command prompt to get the detail of a website, a web server,

00:16:59or you can say in between that, right.

00:17:01So first thing is, we are going to open the command prompt, we are using here Windows 7, so type

00:17:08here CMD, press enter, this is command prompt, right.

00:17:15So first thing is, first command, we will use how we can get the IP address of a website, right.

00:17:28So for that, we will use the command ping, yes, ping space website address.

00:17:35So I am giving you here Cybersecurity Think Tank, you can use whatever site you want to get.

00:17:40So Cybersecurity Think Tank dot com, press enter.

00:17:52So let's pinging on that particular site, we got the IP address of the website, it's 104.42.97.232, but we got the error, you can say, request timeout, because the ICMP, when we are talking about ping command, it's all about ICMP packets.

00:18:17We are going to send, we are going to send, ICMP is internet control, message protocol, right.

00:18:24So we are using this protocol, to send the ping command, so we are talking about the error, right.

00:18:32So, ping request return this error, because ICMP packets are blocked on a particular machine, on which we are just going, we have sent the ping command.

00:18:40On that particular machine, the ping command is blocked, or you can say the ICMP packet blocked.

00:18:45Why?

00:18:46Because, maybe that particular machine has some firewall or packet filter is working on that particular machine.

00:18:52That's why that packet filter is blocked or discarded our packets.

00:18:57Right.

00:18:58Right.

00:18:59Right.

00:19:00So, use some command like, it's working still.

00:19:04Yeah.

00:19:05So next command we can use, is ping, space, or, CyberSecurityThinkTank.com, space, F, F is for frame.

00:19:26Right.

00:19:27Right.

00:19:28Hyphen frame.

00:19:29Then space, hyphen L, L4 length.

00:19:31So we are giving the length over here.

00:19:33It's all about 1500 bytes.

00:19:35And the bytes, we are just giving the length of the packet.

00:19:38We are trying to send again the ping command.

00:19:42So you can, we are just getting this.

00:19:45The packet need to be fragmented.

00:19:47But, def set.

00:19:49Simply the IP address.

00:19:50So you simply mean, the packet size is really, really larger than the efficiency, or you can

00:19:56see the bandwidth of that.

00:19:57So we'll use, the length, lesser than that length.

00:20:01So we will use, the length, like if 1300, 1400 we can use.

00:20:06So first we will try to, trying for 1300 bytes, to check.

00:20:22We are getting the error.

00:20:23Timeout.

00:20:24So you simply mean that we should use, the packet size larger than 1300, and less than 1500.

00:20:33Right.

00:20:34So we'll use here.

00:20:35Should I go for 1400?

00:20:36Yeah.

00:20:37Of course.

00:20:3810.

00:20:39Kind of how we are getting.

00:20:41Oh, it's working.

00:20:43This again, timeout.

00:20:44So we'll use, more than that.

00:20:53So then, between 1300 and 1400 is, 1450.

00:21:02Should we go for, less than that, because need to be fragmented.

00:21:10Then, 30.

00:21:13Okay.

00:21:15Let me check it out.

00:21:18Then, more than that.

00:21:25To check the exit size.

00:21:30To get the exit size, we are just checking all these.

00:21:3440.

00:21:35Here we go.

00:21:38Okay.

00:21:39Then, less than that.

00:21:41In between.

00:21:4235.

00:21:43Okay.

00:21:44Then, less than that.

00:21:4533.

00:21:46We'll go for.

00:21:47Less than.

00:21:4831.

00:21:49Because.

00:21:50More than.

00:21:511430.

00:21:52Use now.

00:21:53One option only.

00:21:54We have.

00:21:554.

00:21:561430.

00:21:57Okay.

00:21:58Okay.

00:21:59Okay.

00:22:00Then, less than that.

00:22:0133.

00:22:02We'll go for.

00:22:03Less than.

00:22:0431.

00:22:05Because.

00:22:06More than.

00:22:071430.

00:22:08More than.

00:22:091430.

00:22:10Use now.

00:22:11One option only.

00:22:12We have.

00:22:134.

00:22:142.

00:22:15Find out.

00:22:16What happen.

00:22:17Is.

00:22:18Simply.

00:22:19The TTL value.

00:22:20Time to live value.

00:22:21Got expired.

00:22:22Why?

00:22:23Because.

00:22:24The packet length size.

00:22:25We have given.

00:22:26Is.

00:22:27Completely captured by.

00:22:28That particular firewall.

00:22:29The packet filter.

00:22:30Is.

00:22:31Capturing.

00:22:32Every size of.

00:22:33Packet.

00:22:34And.

00:22:35Then.

00:22:36TTL.

00:22:37Got.

00:22:38Exceed.

00:22:39And.

00:22:40Expired.

00:22:41What is TTL?

00:22:42The time.

00:22:43To live.

00:22:44The time.

00:22:45To live.

00:22:46The time.

00:22:47To live.

00:22:48The time.

00:22:49To live.

00:22:50The time.

00:22:51To live.

00:22:52The time.

00:22:53To live.

00:22:54The time.

00:22:55To live.

00:22:56This is the time.

00:22:57This is the value of time.

00:22:58You know.

00:22:59To live.

00:23:00That particular packet.

00:23:01In the network.

00:23:02Why?

00:23:03All kind of.

00:23:04Size packet.

00:23:05Got.

00:23:06Expired.

00:23:07Or simply.

00:23:08You can see.

00:23:09The time out.

00:23:10Because.

00:23:11That TTL value.

00:23:12Got.

00:23:13Expired.

00:23:14And.

00:23:15Every size of.

00:23:16Packet.

00:23:17Is.

00:23:18Captured.

00:23:19By.

00:23:20That particular.

00:23:21Firewall.

00:23:22To get.

00:23:23The router IP.

00:23:24So that.

00:23:25In case.

00:23:26We are not getting.

00:23:27So.

00:23:28Now.

00:23:29This time.

00:23:30We will.

00:23:31Use.

00:23:32The command.

00:23:33Cybersecurity.

00:23:34Thinking.

00:23:35Dot.

00:23:36Com.

00:23:37Space.

00:23:38Hyphen.

00:23:39I.

00:23:40Space.

00:23:41Four.

00:23:42To get.

00:23:43The detail.

00:23:44Of.

00:23:45That particular.

00:23:46Router.

00:23:47Or.

00:23:48That particular.

00:23:49Packet.

00:23:50Filter.

00:23:51Dot.

00:23:52The reply.

00:23:53From.

00:23:54This.

00:23:55This.

00:23:56Is.

00:23:57104.

00:23:58Dot.

00:23:5942.

00:24:00Dot.

00:24:0197.

00:24:02Dot.

00:24:03232.

00:24:04As I've.

00:24:05Told you.

00:24:06This.

00:24:07Is.

00:24:08The IP.

00:24:09Address.

00:24:10Of.

00:24:11That.

00:24:12Particular.

00:24:13Site.

00:24:14Reply.

00:24:15From.

00:24:16This.

00:24:17One.

00:24:18So.

00:24:19This.

00:24:20Is.

00:24:21The value.

00:24:22Right.

00:24:23The router.

00:24:24IP address.

00:24:25We got.

00:24:26That.

00:24:27We get.

00:24:28One.

00:24:29Reply.

00:24:30Or.

00:24:31Three.

00:24:32Replies.

00:24:33Simply.

00:24:34So.

00:24:35What.

00:24:36We can.

00:24:37Do.

00:24:38Is.

00:24:39We'll.

00:24:40Use.

00:24:41The.

00:24:42Command.

00:24:43Hyphen.

00:24:44N.

00:24:45Space.

00:24:46One.

00:24:47So.

00:24:48Simply.

00:24:49We'll.

00:24:50Get.

00:24:51The reply.

00:24:52In.

00:24:53One.

00:24:54Line.

00:24:55Simply.

00:24:56Number.

00:24:57Of.

00:24:58Replies.

00:24:59You can.

00:25:00Decrease.

00:25:01The.

00:25:02Number.

00:25:03Of.

00:25:04Reply.

00:25:05For.

00:25:06Then.

00:25:07To.

00:25:08Get.

00:25:09Something.

00:25:10More.

00:25:11You.

00:25:12Can.

00:25:13Use.

00:25:14Number.

00:25:15Of.

00:25:16Command.

00:25:17You.

00:25:18Can.

00:25:19Use.

00:25:20Here.

00:25:21To.

00:25:22Check.

00:25:23The.

00:25:24Multiple.

00:25:25Replies.

00:25:26You.

00:25:27Can.

00:25:28See.

00:25:29I'm.

00:25:30Just.

00:25:31Taking.

00:25:32Multiple.

00:25:33Command.

00:25:34I'm.

00:25:35Just.

00:25:36Forwarding.

00:25:37Right.

00:25:38As.

00:25:39I've.

00:25:41Given.

00:25:42So.

00:25:43Obviously.

00:25:44We.

00:25:45Can.

00:25:46Get.

00:25:47Four.

00:25:48Here.

00:25:49Okay.

00:25:50Then.

00:25:51We.

00:25:52Have.

00:25:53Used.

00:25:54The.

00:25:55Ping.

00:25:56Command.

00:25:57Next.

00:25:58Is.

00:25:59As.

00:26:00We.

00:26:01Got.

00:26:02The.

00:26:03Router.

00:26:04We.

00:26:05And.

00:26:06We.

00:26:07Can.

00:26:08Give.

00:26:09The.

00:26:10Less.

00:26:11Size.

00:26:12Of.

00:26:13The.

00:26:14Packet.

00:26:15Now.

00:26:16We.

00:26:17Are.

00:26:18Going.

00:26:19As.

00:26:20As.

00:26:21As.

00:26:22The.

00:26:23Sink.

00:26:24Tank.

00:26:25Dot.

00:26:26Com.

00:26:27I'm.

00:26:28Able.

00:26:29To.

00:26:30Is.

00:26:31Able.

00:26:32To.

00:26:33Is.

00:26:34Why?

00:26:35The.

00:26:36Target.

00:26:37System.

00:26:38Name.

00:26:39Because.

00:26:40I've.

00:26:41Told.

00:26:42You.

00:26:43There.

00:26:44Is.

00:26:45Nothing.

00:26:46Like.

00:26:47We.

00:26:48Can.

00:26:49Use.

00:26:50Different.

00:26:51Site.

00:26:52you can go for google right www.google.com should i check it out maybe it's working but it will

00:27:03so dealing is the first ip address we got that the local ip address of my system then 59891041

00:27:15the second ip we got second hop we got that it's working third one is trying to get we got

00:27:3221249175.86 great now again we got the star because just don't want to show us

00:27:41detail value we got 34 on the 34 we got this ip uh-huh so simply treasure simply means from

00:27:53this system on which we are using cmd to the target this site www.google.com what are the

00:28:02number of routers ip we have all the simply use in case i'm just going i'm just accessing the

00:28:10command prompt on this particular system and i just want to get the detail of that particular

00:28:14site so in between this client and server what are the numbers of routers we have and having

00:28:21which ip address we can get by using the password command simply mean that right so we can see the

00:28:28number of command you can see here you're getting detail great right okay sorry here we go right so

00:28:54we have there's a complete treasure detail of google.com from the ip address of this system to the ip address

00:29:06google that's complete treasured i can tell you one more thing in case you just want to create the

00:29:13geographical map by using this treasured so what you can do you can get a single one ip and you

00:29:24can do who is on that particular that on later on i'll show you that so how you can do that how

00:29:29you can make a geographical map from this particular system so you can see i'm talking about the network

00:29:34geographical map right so you can create the complete network topology from this local system

00:29:39to the google server right isn't great right so the next thing is we have ns lookup to get the name

00:29:46server detail we'll use the command ns lookup ns lookup enter default server is dealing as we have this

00:29:55server and the address is the local app address we have 192.168.1.1 then we will type the command here

00:30:01set type a or you can see for you first i just want to show you the complete commands so we can type here

00:30:13help by using you know in case we are talking about clinics in case you are talking about windows in

00:30:18case we are talking about any doors so first command you should use help because in case you are you

00:30:22using when this command help the help command will give the complete demonstration well you know what

00:30:26kind of number of commands you have you can explore all the commands so pressing enter here you can see

00:30:32the complete ns commands name servers commands here you can see here number of commands we have

00:30:39like here we have set query type a any c name mx one by one we will discuss one i'll show you some

00:30:48commands you can explore this right so first set type a enter here i'll give you the ip address again

00:31:00cyber security think tank you can use what ever think.com oh i got that so name is cyber security

00:31:12think tank.com address having this and this is the last we got that so this is the ip address right

00:31:17some more command you can see here site set type i can use c name also right

00:31:24press enter then again it will ask you for the website so you can do the website is www.cyber

00:31:35hey security this think tank.com enter you got that the name server and ip version 6 address of that

00:31:52and pdns is 06 domain control dot com this is the c name you know like so we got then we can use multiple

00:32:07commands as i've told you we can use set type for better view i can do like this yeah okay so type you

00:32:17can use c name here c name um then we have uc name so we can use uh mx here then again the website address we

00:32:27have to give so it's all about

00:32:39here we go got that mx preference is 0 this is all about what is mx it's for mail exchange

00:32:46so mail exchanger is cyber security think tank dot com dot mail dot protection outlook dot com

00:32:53so complete protection by outlook you can see right so this is all about information gathering

00:32:58power you know what kind of information we can gather we can get from simply command prompt right

00:33:05so number of things again i'm going to revise this as you can see here we have done first thing we have

00:33:12started from ping right by using ping we got the ip address of the applicable website targeted websites ip address

00:33:24then we use the frame value we have given the frame length here to check whether the packet is we should go for

00:33:33for less or more larger than packet essentially we are talking about

00:33:38so we have used fifteen hundred

00:33:40cyber security think tank dot com is with fifteen hundred bytes of data we have forwarded

00:33:44you know packet need to be fragmented you should go for less than that

00:33:48then we use thirteen hundred should go for time out

00:33:51then go for larger than because detail value would expire in that right

00:33:55right then fourteen hundred and fifteen hundred to check right

00:34:02as we know that that firewall is working or packet filter is working on that particular website

00:34:09then after that i've shown you how to get the detail

00:34:14how we can get the ip address of that particular device because i can get no from number of commands that you know

00:34:21that particular you know some packet filter or a router is working you know which is just going to discard the packet

00:34:27our packet is discarded by that particular router or you can see the packet filter right

00:34:32so our work is to find out now what kind of information we can get of that particular device

00:34:38so our work is to get the ip address so how can we get that the ping is again is i the command will use

00:34:45the command will use then this is the ip address of that particular device 218.248.25.230

00:34:53and this is the ip address of the website so you can see here the pinging from sorry pinging on that particular site

00:34:59having ip address this and reply is from this device right then i told you we can use the number of replies

00:35:13as you all the time we are getting three four so we can give the number of so we can get in one right

00:35:19then next part is imported one we check the complete the trace complete you can see here

00:35:33so we have used command trace search for google from this local system to the google server we got complete detail

00:35:41having multiple ip addresses you can see here from the local ip this is your local ip should i say my local ip

00:35:49192.168.1.1 from this ip to the google server's ip number of ip we have simply mean when you are just sending the request

00:35:59from all these ips your request is just going to process getting my point right then after that something more we have done

00:36:09something more we have done it's all about ns lookup we have done for name server these are number of commands

00:36:17you can check all these commands you can use explore that some of them we have done like set type a

00:36:23right we have done for the c name as you got that the canonical name should i say like this is the canonical name of the trigger site right

00:36:37then we have done the mail exchanger command we have used that type is mx cyber security think tank dot com so

00:36:45mx preferences the mail exchanger is cyber security think tank dot com this one mail protection dot outlook dot com

00:36:55simply mean the main exchanger is for is from outlook so this is all about you know how can get information from the command prompt

00:37:01so we can use multiple commands you can explore so this is all about we have done your lab one open source

00:37:11information gathering by using windows command utility thank you so much

00:37:19you

00:37:31hey everyone welcome to cyber security think tank myself manish sharma working as a cyber security trainer

00:37:59right you can catch me on cyber security think tank dot com on instructor tab you can get my profile

00:38:07so today we are going to start

00:38:11ch labs

00:38:13we are going to show you the complete demonstration of a single single tool software

00:38:19right

00:38:21first lab is all about

00:38:23the open source information gathering using windows command line utilities

00:38:29simply we are talking about the command prompt directly right

00:38:33so you know by using command prompt how we can get the information

00:38:37of a website

00:38:39you know what kind of command we can use in command prompt

00:38:41to get the detail of a website or web server

00:38:43or you can see in between that

00:38:45right

00:38:47so first thing is we are going to open the command prompt

00:38:49we are going to open the command prompt

00:38:51we are using here windows seven

00:38:53so type here cmd

00:38:55press enter

00:38:57this

00:38:59command prompt

00:39:01right

00:39:03so first thing is

00:39:05first command

00:39:07we will use

00:39:09how we can get

00:39:11the IP address of a website

00:39:13right

00:39:15so for that we will

00:39:17command

00:39:18ping

00:39:19ping

00:39:20yes

00:39:21ping

00:39:22space

00:39:23website address

00:39:24so i am giving you here cyber security sink tank

00:39:25you can use

00:39:26whatever the site you want to get

00:39:27so cyber

00:39:28security

00:39:31sink tank

00:39:32dot com

00:39:34pressing enter

00:39:39so it is pinging on that particular site

00:39:45we got the IP address of the website

00:39:48is 104.42.97.232

00:39:52but we got

00:39:53the error you can say

00:39:55request time out

00:39:58because

00:39:59the ICMP

00:40:00when we are talking about ping command

00:40:01it is all about ICMP packets

00:40:03we are going to send

00:40:05ICMP is internet control

00:40:07message protocol

00:40:10right

00:40:11so

00:40:13we are using

00:40:14this protocol

00:40:15to send the ping command

00:40:16so we are talking about

00:40:18error

00:40:19so

00:40:20ping request return

00:40:21this error

00:40:22because ICMP packets are blocked

00:40:23on a particular machine

00:40:24on which we are just going

00:40:26we have sent

00:40:27the ping command

00:40:28on that particular machine

00:40:29the ping command is blocked

00:40:30or you can say

00:40:31the ICMP packet blocked

00:40:32why

00:40:33because

00:40:34maybe that particular machine

00:40:36has some firewall

00:40:37or packet filter is working

00:40:38on that particular machine

00:40:39that's why

00:40:40that packet filter

00:40:41is blocked

00:40:42or discarded

00:40:43our packets

00:40:44right

00:40:46so

00:40:47use some command like

00:40:50it is working still

00:40:52yeah

00:40:53so next command we can use

00:40:54is ping

00:40:55space

00:40:56or

00:40:57cyber security think tank dot com

00:41:10space

00:41:11f

00:41:12f is for frame

00:41:13right

00:41:14hyphen frame

00:41:15then space

00:41:16hyphen l

00:41:17l for length

00:41:18so we are giving the length

00:41:19over here

00:41:20it's all about fifteen hundred bytes

00:41:22and the bytes we are just giving the length of the packet

00:41:25we are trying to send again the ping command

00:41:28so you can we are just getting this

00:41:32the packet need to be fragmented

00:41:34but

00:41:35def set

00:41:36simply the IP address

00:41:38so you simply mean

00:41:39the packet size is really really larger than

00:41:42the efficiency

00:41:43you can see the bandwidth of that

00:41:44so we will use

00:41:45the length

00:41:46lesser than that length

00:41:48so we will use

00:41:49the length

00:41:50like if thirteen hundred fourteen hundred we can use

00:41:52so

00:41:53first we will try to

00:41:56trying for thirteen hundred bytes

00:41:58to check

00:42:08so simply mean

00:42:09we are getting the error

00:42:10timeout

00:42:11so it simply mean that we should use

00:42:13the packet size

00:42:15larger than

00:42:16thirteen hundred

00:42:18and less than

00:42:19fifteen hundred

00:42:20right

00:42:21so we will use here

00:42:22should i go for fourteen hundred

00:42:23yeah

00:42:24of course

00:42:25then

00:42:26kind of how we are getting

00:42:27oh it's working

00:42:29it's again

00:42:30timeout

00:42:31so we will use

00:42:32more than that

00:42:36so then

00:42:41between thirteen hundred and fourteen hundred is

00:42:44fourteen hundred fifty

00:42:48thirty

00:42:49should you go for

00:42:50less than that

00:42:54because

00:42:55need to be fragmented

00:42:56then

00:42:58thirty

00:42:59okay

00:43:00let me check it out

00:43:05then

00:43:09more than that

00:43:11to check the exit size

00:43:18to get the exit size

00:43:19we are just checking all these

00:43:20forty

00:43:22here we go

00:43:24then

00:43:26less than that

00:43:27in between

00:43:28thirty-five

00:43:32thirty-three

00:43:33will go for

00:43:46thirty-three

00:43:47will go for

00:43:48less than

00:43:49thirty-one

00:43:51thirty-one

00:43:54because

00:43:55more than

00:43:56fourteen hundred thirty

00:43:58use now

00:44:03one option only we have

00:44:05four

00:44:07two

00:44:08find out what happen is simply the TTL value

00:44:15the time to live value got expired

00:44:19why

00:44:21because the packet length size we have given

00:44:25is completely captured by that particular firewall

00:44:29the packet filter is capturing every size of packet and then TTL got exceed and expired

00:44:36what is TTL the time to live packet value you know the time

00:44:40TTL is time to live

00:44:43this is the time this is the value of time you know to live that particular packet in the network

00:44:49why all kind of size packet got expired or simply you can see the timeout

00:44:55because that TTL value got expired and every size of packet is captured by that particular firewall

00:45:02we are trying to bypass that particular firewall to get the router IP

00:45:06so that in case we are not getting from ping we have something we have to use something more

00:45:13so now this time we will use the command

00:45:17cyber security thinking dot com space hyphen I space for to get the detail of that particular router or that particular packet filter IP

00:45:32so here we go we got that so TTL expired in transit but we got the reply from this

00:45:39this is 104.42.97.232 as I have told you this is the IP address of that particular site but this is the IP address of that particular router

00:45:54right as you can see here the pinging on this website having IP this but reply from this one

00:46:02so this is the value right the router IP address we got that then as we are getting all the time for reply you can see here

00:46:12so in case you want to get one reply or three reply simply so what we can do is we will use the command hyphen n space one

00:46:21so simply mean we will get the reply in one line single reply you will get as simply you can see here

00:46:28pinging on this you will get only single reply right note for one once we got note twice five simply so we can use we can increase the number of replies you can you know decrease the number of reply as you can give the here n this is number of reply for

00:46:49reply for

00:46:56then

00:46:58to get something more we can use

00:47:01number of command you can use here

00:47:08to check the multiple replies

00:47:12number of replies

00:47:13number of replies

00:47:14number of replies

00:47:19you can see I am just doing the multiple command I am just forwarding right as I have given so obviously we can get four here ok then so we have used the pink command next

00:47:41Now, next is as we got the IP address, as we got the IP address of the website, as we got the IP address of the router, we got the TTL value, we have seed and we can give the lessest size of the packet.

00:47:55Now, we are going to use the complete trace rules. For that, we will use the command tracert space, website address www.cybersecurity.sync tank.com.

00:48:15It is unable to resolve. Why? The target system name because as I have told you, there is nothing like we can get the tracert on that particular site because a firewall or a packet filter is working on.

00:48:35So, we can use some different site. We can go for Google, right? Statler www.google.com. Should I check it out? Maybe it is working, but it will...

00:48:51So, t-link is the first IP address, we got that. The local IP address of my system, then 59891041, the second IP we got, second hop, we got that.

00:49:06It is working. Third one is trying to get, we got 21248175.86. Great. Now again we got the star because we don't want to show us detail value.

00:49:31We got 34. We got 34. On the 34, we got this IP. Uh-huh. So, simply, tracert simply means from this system on which we are using CMD to the target, this site, www.google.com.

00:49:47What are the number of router's IP we have? Or simply, in case I am just going, I am just accessing the command prompt on this particular system.

00:49:58And I just want to get the detail of that particular site. So, in between this client and server, what are the numbers of routers we have?

00:50:07And having which IP address we can get by using the tracert command. It simply means that. Right? So, we can see the number of command you can see here.

00:50:17We are getting detail. Great. Right? Okay. Sorry. Here we go. Right? So, there is a complete tracer detail of Google.com.

00:50:45From the IP address of this system to the IP address of Google. That's complete tracer detail. I can tell you one more thing. In case you guys want to create a geographical map by using this tracer detail. So, what you can do? You can get a single one IP and you can do who is on that particular site.

00:51:12Later on, I will show you that. So, how you can do that. How you can make a geographical map from this particular system. So, you can see I am talking about the network geographical map. Right? So, you can create the complete network topology from this local system to the Google server. Right? Isn't it great? Right?

00:51:29So, next thing is we have NSLOOKUP to get the name server detail. We will use the command NSLOOKUP. NSLOOKUP. Enter. Default server is dealing as we have this server. And the address is the local IP address. We have 192.168.1.1.1. Then we will type the command here. Set type.

00:51:49A. Oh, you can see for you first. I just want to show you the complete commands. So, we can type here help. By using, you know, in case we are talking about Linux, in case you are talking about Windows, in case we are talking about any doors.

00:52:06So, first command you should use help. Because in case you are using Windows command help. The help command will give you the complete demonstration. Well, you know, what kind of number of commands you have. You can explore all the commands. So, pressing enter. Here you can see the complete NS commands. Name servers commands we have. You can see here number of commands we have.

00:52:26Like here we have set query type A. Any CNAME MX. One by one. We will discuss. I will show you some commands. You can explore this. Right. So, first set type A. Enter. Here I will give you the IP address again. Cyber security think tank. You can use whatever.

00:52:50Think.com. Oh, I got that. So, name is. Cyber security think tank.com. Address. Having this. And this is the last. We got that. So, this is the IP address. Right. Some more commands you can see here. Site. Set type. I can use CNAME also. Right. Press Enter. Then again, it will ask you for the website.

00:53:19So, you can use the website. So, you can use the website. It is www.cyber security think tank.com. Enter. You got that. The name server and IPv6 address of that. And pdns is 06.domaincontrol.com. This is the CNAME. You know like. So, we got.

00:53:49Then. Then we can use. Multiple commands. As I have told you. We can use sit type. For better view. I can do like this. Yeah. Okay. Sit type. We can use CNAME here. CNAME. Then we have used CNAME. So, we can use MX. Yeah. Then again the website address we have to give. So, it's all about.

00:54:19Here we go. Got that. MX. Preferences 0. This is all about. What is MX? It's for mail exchange. So, mail exchanger is cyber security think tank.com.mail.protection.outlook.com.

00:54:26So, complete protection by outlook you can say. Right. So, this is all about information gathering power. You know. What kind of information we can gather. We can get from.

00:54:38Simply command prompt. Right. So, number of things. Again I am going to revise this. As you can see here. We have done. First thing. We have started from ping. Right.

00:54:45By using ping. We got the IP address of the applicable website. Targeted website's IP address. Then we use the frame value.

00:54:52We have given the frame value. We have given the frame length here. To check whether the packet is. We should go for less or less.

00:54:59So, simply command prompt. Right. So, simply command prompt. Right. So, number of things. Again I am going to revise this.

00:55:04As you can see here. We have done. First thing. We have started from ping. Right. By using ping. We got the IP address of the applicable website.

00:55:10If sites IP address. Then we use the frame value. We have given the frame length here. To check whether the packet is. We should go for less or more. Larger than packet.

00:55:23Simply we are talking about. So, we have used 1500. Cybersecurity think tank.com is with 1500 bytes of data. We have forwarded. You know packet need to be fragmented.

00:55:33You should go for less than that. Then we use 1300. Should go for time out. Then go for larger than. Because detail value would expire in that. Right.

00:55:43Then 1400. Then 1500. To check. Right. As we know that. That firewall is working. Or packet filter is working on that particular. If site. Then after that. I have shown you.

00:55:59How to get the detail. How we can get the IP address of that particular device. Because I can get know from number of commands. That you know. That particular. You know. Some packet filter. Or a router is working. You know. Which is just going to discard the packet.

00:56:15Our packet is discarded by that particular router. Or you can say the packet filter. Right. So, our work is to find out now. What kind of information we can get. Of that particular device. So, our work is to get the IP address.

00:56:29So, how can we get that. So, how can we get that. So, ping is again. Is I. The command we will use. Then. This is the IP address of that particular device.

00:56:37218.248.25.2130. And this is the IP address. Of the website. So, you can see here. The pinging from. Sorry. Pinging on that particular site. Having IP address. This. And reply is from.

00:56:51From this device. Right. Then. I told you. We can use the number of. As you all the time. We are getting 3, 4. So, we can give the number of. So, we can get in 1. Right.

00:57:06Right. Then. Then. Next part is. Imported 1. We check the complete. The trace complete. You can see here. So, we have used command trace search. For Google. From this local system. To the Google server. We got complete detail. Having multiple IP addresses.

00:57:31You can see here. From the local IP. This is your local IP. Should I say my local IP. 182.168.1.1. From this IP. To. The Google server's IP. Number of IP. We have simply mean. When you are just sending the request. From all these IPs. Your request is just going to process. Getting my point. Right. Then after that. Something more we have done. It's all about.

00:57:58It's all about. And let's look up. We have done. For name server. These are number of commands. You can check all these commands. You can use. Explore that. Some of them we have done. Like set type A. Right.

00:58:13We have done. We have done. For. The C name. As you got that. The canonical name. Should I say like. This is. The canonical name. Of the trigger site. Right. Then we have done. The mail exchanger command. We have used that. So type is.

00:58:31Mx. Cybersecuritythinktank.com. So. Mx preferences. The mail exchanger is. Cybersecuritythinktank.com. This one. Mailprotection.outlook.com. Simply mean. The mail exchanger is for.

00:58:46It's from. Outlook. So this is all about. You know. How you can get information from the command prompt.

00:58:51So we can use. Multiple commands. You can explore. So this is all about. We have done.

00:58:57Your lab. One. Open source. Information gathering. By using. Windows command utility.

00:59:03Thank you so much.

00:59:27Hello everybody. Welcome back. This is Balikahal. I'm your instructor for CH Labs. We are in lab number two.

00:59:44And this lab is actually about. People search. Right. People search.

00:59:50So what is people search. And why do you need to know. About it. As an ethical hacker.

00:59:58So basically. What happens is. In the security field. When you are a security analyst.

01:00:04When you are working. As a. As a CEH specialist. Or even a pen tester.

01:00:11You need to understand. That. At any given point of time. You could have the requirement.

01:00:15To check. Or do a background check. Or do. Some kind of a checkup.

01:00:20On a. Person. Or an individual. Or on a company.

01:00:23And this could be because.

01:00:26Of your. You're trying to conduct a penetration test.

01:00:29Or it could be because. You are trying to get more information.

01:00:31About a particular individual. It could be because.

01:00:34You are. Suspicious.

01:00:36And have been told to.

01:00:39Do. A kind of a reconnaissance.

01:00:41On. On somebody.

01:00:43And see. Like. And if they are valid or not. Authentic or not.

01:00:46And this could be need from management also.

01:00:48And as a security specialist.

01:00:50As being part of the security team.

01:00:53Or the IT security team of a company.

01:00:55This is what your job is.

01:00:56And this is how you can help the company also.

01:00:59Right.

01:00:59So now. Let's look at.

01:01:02People search itself.

01:01:04And.

01:01:04Let's first start with.

01:01:06The different tools.

01:01:07Which you can use for people search.

01:01:09Okay.

01:01:09My favorite one down here is.

01:01:15Is a people.

01:01:16P-I-P-L dot com.

01:01:19So it's not P-E-O-P-L-E.

01:01:21Right.

01:01:21So it's P-I-P-L dot com.

01:01:24P-I-P-L dot com.

01:01:27And.

01:01:28This tool is a fantastic tool.

01:01:30When you want to get information.

01:01:32About an individual.

01:01:34It has actually.

01:01:35It does have.

01:01:36A professional component to it.

01:01:37Where you can see it has a.

01:01:39People data API.

01:01:41It also lets you do.

01:01:43It lets you like download.

01:01:45A lot of stuff.

01:01:46You know.

01:01:46In this case.

01:01:47You know.

01:01:47It's giving an example.

01:01:48How it's like.

01:01:49You know.

01:01:49Basically getting information.

01:01:50From their.

01:01:51Social graph.

01:01:52And so forth.

01:01:54It's a quick setup tool.

01:01:56It has got.

01:01:58Cross language.

01:02:00Compatibility.

01:02:01You can.

01:02:02You can use.

01:02:03Quickly use your API.

01:02:04And their.

01:02:08And their.

01:02:09Search API.

01:02:10Request API.

01:02:10It looks like a web.

01:02:11API.

01:02:13Web server.

01:02:14API.

01:02:15And.

01:02:15And then.

01:02:16You can basically get information.

01:02:17Around everything.

01:02:19So you can.

01:02:20Try a live demo.

01:02:23Basically.

01:02:23You can put in.

01:02:24Some information.

01:02:25And it will.

01:02:26You know.

01:02:27Get you that.

01:02:28Get you the person's.

01:02:29Details back.

01:02:30You know.

01:02:31And this details.

01:02:32Then.

01:02:33Those can be like.

01:02:34You know.

01:02:34Used in any way or form.

01:02:35Which you want.

01:02:36And this is a demo.

01:02:37I would not.

01:02:37I would not go through.

01:02:38All of these.

01:02:39You can go and.

01:02:40Skim through.

01:02:41The different.

01:02:42You know.

01:02:42Aspects.

01:02:43When you're going to look at.

01:02:44From a business perspective.

01:02:45But.

01:02:46For an individual perspective.

01:02:47I think so.

01:02:49I will just stick to the.

01:02:50The basic.

01:02:51Search.

01:02:52Which it offers.

01:02:53Right.

01:02:53So let's.

01:02:54Let's search first.

01:02:55To start with.

01:02:56Let's search on.

01:02:57I want to actually keep my searches.

01:02:58Limited to.

01:02:59Famous people.

01:03:00Celebrities.

01:03:01And I will just click on.

01:03:02The first result.

01:03:03Which comes back.

01:03:04Because.

01:03:04The goal here.

01:03:05Is not to search.

01:03:06On a particular person.

01:03:08The goal here.

01:03:09Is to showcase.

01:03:09The tools to you.

01:03:10So just remember.

01:03:11The underlining goal here.

01:03:12Right.

01:03:13So let me search.

01:03:14For.

01:03:14On Hillary Clinton.

01:03:15So Hillary Clinton.

01:03:16Since this is a.

01:03:17Election year.

01:03:18Going on.

01:03:19So.

01:03:20You will.

01:03:21You will find.

01:03:22Different.

01:03:23You know.

01:03:24Profiles.

01:03:25Of course.

01:03:25Since it's election 26.

01:03:26This is election year.

01:03:28Hillary Clinton is a strong.

01:03:29Candidate.

01:03:30For.

01:03:31President.

01:03:32Election.

01:03:32And the first woman.

01:03:33Candidate.

01:03:34If she succeeds.

01:03:35Being a.

01:03:36And she has.

01:03:37She will create a legacy.

01:03:39But.

01:03:40But yeah.

01:03:41I mean.

01:03:41The key thing.

01:03:42Out here.

01:03:42Notice.

01:03:42Is.

01:03:43Let's click on the first profile.

01:03:44Which comes up.

01:03:45Right.

01:03:46And.

01:03:47It basically gets you.

01:03:48Blogs.

01:03:49Criminal records.

01:03:49Court records.

01:03:51Marriage records.

01:03:52Everything.

01:03:53It goes in.

01:03:53Searches for everything.

01:03:54So it doesn't.

01:03:54This person doesn't look like Hillary Clinton.

01:03:57But I just clicked on a first profile.

01:03:59To show you.

01:04:00What are the details of information.

01:04:02You can get back.

01:04:03From a social.

01:04:05From a people social search.

01:04:07You know.

01:04:07Using a simple tool like people.

01:04:09You know.

01:04:09It's an on-based.

01:04:10Web-based tool.

01:04:11And it's free.

01:04:13So.

01:04:13You can get.

01:04:14Canada information.

01:04:15Like you know.

01:04:16Where all they worked.

01:04:17And jobs.

01:04:17Which they did.

01:04:18So.

01:04:19You can get education information.

01:04:21What universities.

01:04:22They went to.

01:04:23Additional names.

01:04:24They have.

01:04:25So in the additional information.

01:04:26It gives you more.

01:04:27More details.

01:04:29Around.

01:04:29The schools.

01:04:30The year they graduated.

01:04:31And so forth.

01:04:32Also in the additional names.

01:04:34You can get.

01:04:34You know.

01:04:34If they're using any secondary names.

01:04:36If they.

01:04:36Change their last name.

01:04:38Because of marriage.

01:04:39Or any other reason.

01:04:40They change their first name.

01:04:42It won't tell you the reason.

01:04:43Just to let you know.

01:04:44You have to use some other tools for that.

01:04:46But.

01:04:47But also.

01:04:48Then.

01:04:49Any aliases.

01:04:50Which they're using.

01:04:51For their Facebook.

01:04:51Twitter.

01:04:52And so forth.

01:04:53So all these.

01:04:54And then places.

01:04:55So.

01:04:56Places where they.

01:04:57Where they have lived.

01:04:59Or where they have been.

01:05:00Or where they have property.

01:05:01At.

01:05:02And under their name.

01:05:03So all those places.

01:05:04Get listed down here.

01:05:05Even if they're rented.

01:05:06So that information.

01:05:08Also you can pull up from here.

01:05:09Also associated with.

01:05:11These are the people.

01:05:12The name of other people.

01:05:13Who are.

01:05:14Who they are associated with.

01:05:15This could be their.

01:05:17Their family.

01:05:18Relatives.

01:05:19Members.

01:05:19Children.

01:05:20Grandparents.

01:05:21Parents.

01:05:21Anything.

01:05:22Friends.

01:05:23So these people are.

01:05:24There's a relation graph.

01:05:25With them.

01:05:26Right.

01:05:26And then of course.

01:05:27There's other social.

01:05:28Media.

01:05:29Related links.

01:05:30Their Facebook.

01:05:31Their LinkedIn.

01:05:32And so forth.

01:05:34Also we have.

01:05:35You know.

01:05:35With similar.

01:05:36The related people.

01:05:37You can find their information.

01:05:38Down below.

01:05:40And.

01:05:40Which is pretty nifty.

01:05:41I would say.

01:05:42Right.

01:05:43And this we did.

01:05:44One.

01:05:44One was on Hillary Clinton.

01:05:46Let's do a quick one again.

01:05:47On.

01:05:48On another celebrity.

01:05:50Let's pick up.

01:05:50Natalie Portman.

01:05:51Right.

01:05:51Natalie Portman.

01:05:52Those of you don't know.

01:05:53Is another star.

01:05:55And.

01:05:56She is basically.

01:05:58Also.

01:05:59Pretty intelligent.

01:05:59She is.

01:06:00I think she's gone to Harvard.

01:06:02And.

01:06:03Studied.

01:06:03She's one of the.

01:06:04Intelligent.

01:06:05People in the.

01:06:07And all intelligent stars.

01:06:08I would say.

01:06:09So it basically is going through.

01:06:10Profile.

01:06:11Criminal records.

01:06:12Public records.

01:06:13Blogs.

01:06:14It's doing all that search for you.

01:06:15Right.

01:06:16And.

01:06:17And.

01:06:18In return.

01:06:19It will basically get you.

01:06:20All this information.

01:06:22It'll.

01:06:23It'll siphon.

01:06:24It'll siphon over this.

01:06:25It should not take that long.

01:06:26Let me just pause.

01:06:27And like reset it.

01:06:28So that.

01:06:28Just a second please.

01:06:32Alright.

01:06:33So you're back.

01:06:34So Natalie Portman.

01:06:35So here you can see.

01:06:36We have.

01:06:38Natalie's profile.

01:06:39We just came back.

01:06:41And.

01:06:42And.

01:06:43Let's click on this.

01:06:44Second profile.

01:06:45Or.

01:06:45Let's do the first one.

01:06:47And.

01:06:48What all information you get down here is.

01:06:50A lot of celebrities.

01:06:50They don't show their information out.

01:06:52In public.

01:06:52And this is like somebody else looks like.

01:06:54But.

01:06:55I want to just.

01:06:57Just skim through it.

01:06:58This person that has their carrier information listed.

01:07:00This education.

01:07:01Where they went to.

01:07:02They went to Columbia University.

01:07:03In.

01:07:04In city of New York.

01:07:05Looks like that.

01:07:06And.

01:07:07There's a phone number listed down here.

01:07:09Additional names.

01:07:10Which this person.

01:07:11Are associated with.

01:07:13Not associated with.

01:07:14But they have used.

01:07:15And this could be their.

01:07:17Names.

01:07:17Which people have given them.

01:07:18Nicknames.

01:07:19They have kept.

01:07:20ALS's.

01:07:21And so forth.

01:07:22Places.

01:07:23Where they have lived.

01:07:24Or.

01:07:25Or been at.

01:07:26And.

01:07:27You can actually.

01:07:28Click on.

01:07:29Golden Colorado.

01:07:30And it will give you.

01:07:31Exactly where that location is.

01:07:33Right.

01:07:33And you can drill down into it.

01:07:34If you want.

01:07:36But then.

01:07:36Associated with.

01:07:37Other people.

01:07:38Who they are associated with.

01:07:40Social graph.

01:07:41LinkedIn.

01:07:42Facebook.

01:07:43Beinverified.com.

01:07:46And.

01:07:4710.

01:07:4710 digits.

01:07:48People finder.

01:07:50Spokio.

01:07:51Yellow pages.

01:07:52Adverse.com.

01:07:53Everything.

01:07:54So.

01:07:54Now you understand.

01:07:55What is the power of this tool.

01:07:57Right.

01:07:57So it can get you.

01:07:58A lot of information.

01:08:00Which.

01:08:01You would not think of.

01:08:02Otherwise.

01:08:02Right.

01:08:03You can just search on a name.

01:08:04And I'm using.

01:08:05I'm using celebrity names.

01:08:06Just to search on.

01:08:07So it's easy.

01:08:08And then you can get a lot of information.

01:08:10About those people.

01:08:11Right.

01:08:11Let's do one more search here.

01:08:14Since it's pretty interesting.

01:08:15And.

01:08:16Let me use another tool.

01:08:17Actually for this.

01:08:18Another favorite tool of mine.

01:08:20Is 411.com.

01:08:22Right.

01:08:22So in 411.

01:08:24Let's search for Ashton.

01:08:26And this is.

01:08:27This is again.

01:08:29Celebrity I'm searching for.

01:08:30Ashton Kutcher.

01:08:31A-S-H.

01:08:32T-O-N.

01:08:33And.

01:08:34K-U-T.

01:08:36C-H-E-R.

01:08:38Okay.

01:08:39I got her name right.

01:08:40So this will basically.

01:08:42Bring back.

01:08:43People.

01:08:44With a similar name.

01:08:45And list it on a different website.

01:08:47So.

01:08:47I'm actually.

01:08:48This website.

01:08:48Let me give you a little bit.

01:08:49Background on this website.

01:08:51411.

01:08:54I don't know if it's this website.

01:08:56But.

01:08:56It's the same.

01:08:57Service or not.

01:08:58But like.

01:08:58Back in the days.

01:08:59Like in.

01:09:001998.

01:09:012000.

01:09:032001.

01:09:032000.

01:09:042005.

01:09:04I think so.

01:09:05Until Google.

01:09:06Maps.

01:09:07And Google.

01:09:07Services became very prevalent.

01:09:09And Bing took over.

01:09:10And they kind of.

01:09:12Made good progress.

01:09:13In their search.

01:09:14And find.

01:09:15Area.

01:09:17A lot of people used to use 411.

01:09:18And 411 used to be a dialing service.

01:09:21Which you could dial from your mobile phone.

01:09:23The old ones.

01:09:24And then.

01:09:25Somebody would.

01:09:26A voice.

01:09:27A physical operator.

01:09:28A person would basically pick up.

01:09:30And then you could ask them for a location.

01:09:33That hey.

01:09:34There was a charge.

01:09:35I think so your phone company would charge you.

01:09:38And this was.

01:09:39This was a finder service.

01:09:41That I have it so and so place.

01:09:43I want to get here.

01:09:43I want to get there.

01:09:44Can you.

01:09:45You know.

01:09:45Find me this.

01:09:46Find me that.

01:09:47So this service used to help you.

01:09:49Basically get on to.

01:09:50To get on to that kind of information.

01:09:52And.

01:09:53Spinned up from there.

01:09:54Is this 411.com.

01:09:56Which basically.

01:09:59Let's you.

01:09:59Find other.

01:10:01Other information also.

01:10:03So.

01:10:07And.

01:10:07And basically.

01:10:08Very very nifty.

01:10:09Very handy.

01:10:11And.

01:10:12You can you know.

01:10:13Search for people.

01:10:14You can.

01:10:14You can understand.

01:10:15Let's click on one of these reports.

01:10:17Right.

01:10:17And let's see.

01:10:17Like you know.

01:10:18What all.

01:10:19Well.

01:10:19This is.

01:10:20This is kind of doing it.

01:10:21It's going to premium services.

01:10:23I'm not.

01:10:23I don't want premium services.

01:10:25So I think.

01:10:25This first one.

01:10:26A white page.

01:10:27The premium service.

01:10:27It looks like.

01:10:28It's little.

01:10:29I just want a regular.

01:10:30411.

01:10:31Okay.

01:10:32There you go.

01:10:33So now here.

01:10:33When you look at it.

01:10:36Alright.

01:10:38So now this gives you good information about.

01:10:40The particular person.

01:10:41The address of the person.

01:10:42It tells you.

01:10:44People.

01:10:46This person is associated with.

01:10:48It tells you different.

01:10:49Birth records.

01:10:50Background records.

01:10:52Bankruptcy records.

01:10:53If any.

01:10:53Driving records.

01:10:54Court records.

01:10:56Death record.

01:10:56Marriage.

01:10:57Divorce records.

01:10:58Everything.

01:10:59Right.

01:10:59So this is pretty powerful.

01:11:00That way.

01:11:01Right.

01:11:01And.

01:11:02This one.

01:11:03Which we had.

01:11:03Collected accidentally.

01:11:04Or was.

01:11:05You know.

01:11:05Highlighted.

01:11:06So this is a.

01:11:06White pages.

01:11:07Dot com.

01:11:07But a premium service.

01:11:08Of white pages.

01:11:09Dot com.

01:11:10Where it will give you.

01:11:11More information about it.

01:11:13Again.

01:11:13You have to subscribe for this.

01:11:15So.

01:11:18So you got to make sure.

01:11:19That you subscribe for it.

01:11:20And you make.

01:11:20You got to make sure.

01:11:21That you.

01:11:22That you get.

01:11:23You know.

01:11:24Information.

01:11:25Which you need.

01:11:26If you are.

01:11:27Basically doing a subscription.

01:11:28Based model down there.

01:11:29Right.

01:11:30Another thing.

01:11:31I'm not going to.

01:11:31I'm just going to kill this search.

01:11:32Because it's going to take time.

01:11:34So since we're.

01:11:36Let me fire up.

01:11:37Chrome again.

01:11:38So we can.

01:11:39You know.

01:11:39Get back to.

01:11:40Where we were.

01:11:41So now.

01:11:42We are doing people search.

01:11:45We were.

01:11:46We did.

01:11:47PIPL dot com.

01:11:48I showed you about.

01:11:49411.

01:11:50Now.

01:11:50Let's look at social graphs.

01:11:52What are the different.

01:11:52Social graphs of people.

01:11:54And.

01:11:55And how do you.

01:11:55How do you get to.

01:11:56So let's.

01:11:57Search for.

01:11:58Nurse Liberty.

01:12:00Cindy Crawford.

01:12:01Right.

01:12:02So Cindy Crawford.

01:12:04Sorry.

01:12:05C-I-N-D-Y.

01:12:07Cindy Crawford.

01:12:08So Cindy Crawford.

01:12:09Again.

01:12:09Is a model.

01:12:10Actress.

01:12:11And.

01:12:12Sorry.

01:12:13A model.

01:12:14And.

01:12:14She's a supermodel.

01:12:15Actually.

01:12:16And.

01:12:16So let's look at her.

01:12:18And I want to actually.

01:12:19Take her social graph.

01:12:21And show you.

01:12:22A few things.

01:12:23Interesting.

01:12:23About social graph.

01:12:25Right.

01:12:25I want to open her Twitter.

01:12:26And I'm going to open her Facebook.

01:12:28And two different tabs.

01:12:29So now.

01:12:29First is.

01:12:30Twitter.

01:12:30Right.

01:12:31So let's look at her Twitter.

01:12:32So this is Cindy Crawford's Twitter.

01:12:33And a few things.

01:12:35I want you to notice down here is.

01:12:37Right below the picture.

01:12:38There is a verified account.

01:12:41So there is a verified account.

01:12:43And.

01:12:44What does this mean?

01:12:45So let's click on this verified account link.

01:12:49This basically is authenticating.

01:12:52And is vouching.

01:12:53The Twitter.

01:12:54The company.

01:12:56Is vouching.

01:12:57That this is an authentic profile.

01:12:59So.

01:12:59So what does it mean?

01:13:00An account with a blue verified badge.

01:13:02On Twitter profile.

01:13:03Is a verified account.

01:13:05Also.

01:13:05Why does Twitter verify accounts?

01:13:07The verification is currently used to establish authenticity of identities of key individuals and brands on Twitter.

01:13:17So.

01:13:17So if you look at this.

01:13:19I mean.

01:13:19This is like a very good sign.

01:13:21If a company who you want to work with.

01:13:23If an individual.

01:13:24Has a blue verifying.

01:13:27Verified badge in Twitter.

01:13:28Right.

01:13:29So now let's look at the equivalent of this in Facebook.

01:13:33So what Facebook does.

01:13:34Is it has this verified page.

01:13:37It has a blue tick mark on Facebook.

01:13:39Which basically is authentic verification of a particular individual.

01:13:45In this case.

01:13:46We went and searched for Cindy Crawford.

01:13:49So why is it important?

01:13:51Right.

01:13:51Why is this verified important?

01:13:53Suppose you are part of a penetration testing team.

01:13:58As an ethical hacker.

01:14:00And now.

01:14:01You are working with a company.

01:14:03Who.

01:14:05Who's being.

01:14:06Who's been under attack.

01:14:07And you want to know who the.

01:14:08Who the.

01:14:09Culprit is.

01:14:10Right.

01:14:11So a lot of these.

01:14:12Proprietors.

01:14:13Like you know.

01:14:13They.

01:14:14What they do is.

01:14:14They.

01:14:15They form.

01:14:17Very.

01:14:18Fishy.

01:14:19Illegal.

01:14:21Profiles.

01:14:22And they would pretend as something which they.

01:14:25Are not.

01:14:26You know.

01:14:26So.

01:14:27They would.

01:14:27Somebody would.

01:14:29Reach out to you.

01:14:29And say hey.

01:14:31You know.

01:14:31I am.

01:14:33A CEO.

01:14:34Or I am.

01:14:34I am a VP.

01:14:35Of XYZ company.

01:14:37And this is my profile.

01:14:38This is my card.

01:14:39You know.

01:14:39Everything looks very legit.

01:14:40Right.

01:14:41But when you look into it.

01:14:42Like you know.

01:14:43There is.

01:14:43Some signs out there.

01:14:45His profile was built.

01:14:46A couple of days ago.

01:14:47With a thousand entries in it.

01:14:48You can pay people to do that.

01:14:49And then.

01:14:50It has.

01:14:51A copy of everything.

01:14:53So you need to make sure.

01:14:54That whoever you deal with.

01:14:56They have.

01:14:57And they want to sign a contract with you.

01:14:59For their company.

01:15:00For X amount of dollars.

01:15:02You know.

01:15:02So you want to make sure.

01:15:03That those people are authentic.

01:15:04Right.

01:15:04So this is a few places.

01:15:05Which you can check.

01:15:06And as a.

01:15:07As a social engineering technique.

01:15:09Also.

01:15:09It is important to be another side.

01:15:11Because now you are playing.

01:15:13An hacker.

01:15:13You are.

01:15:14You are basically.

01:15:15A gray hat hacker.

01:15:16You are trying to.

01:15:17Trying to get to.

01:15:18To the information.

01:15:20And do penetration testing.

01:15:22And you are.

01:15:23Getting into a network.

01:15:25Getting into.

01:15:26Using people.

01:15:27As tool.

01:15:28As a mechanism.

01:15:29To infiltrate.

01:15:30So you need to understand.

01:15:32That why.

01:15:33And how.

01:15:33A verified.

01:15:34Badge is achieved.

01:15:35And why it is important.

01:15:36Right.

01:15:38Another powerful tool.

01:15:39Which we all use.

01:15:40All the time.

01:15:41Most of the time.

01:15:42And if you are not.

01:15:43Then you should be.

01:15:44Is basically.

01:15:44LinkedIn.

01:15:45Right.

01:15:46So LinkedIn is pretty powerful.

01:15:47Let's search for.

01:15:48A few things on LinkedIn.

01:15:50Let's search for.

01:15:52Bill Gates.

01:15:53LinkedIn profile.

01:15:56Right.

01:15:57So Bill Gates.

01:15:59LinkedIn.

01:16:01Okay.

01:16:02So.

01:16:04I really love the auto.

01:16:05Complete.

01:16:06Of Google.

01:16:08But here.

01:16:08Here you go.

01:16:09So Bill Gates.

01:16:10It's got.

01:16:10It's got an influencer badge.

01:16:12Given by Twitter.

01:16:13And if you click on it.

01:16:15And it will tell you.

01:16:16Like you know.

01:16:16What exactly.

01:16:17Does this badge mean.

01:16:20And these are the main.

01:16:21Main influencers.

01:16:23When it comes.

01:16:24Influencers.

01:16:26When it comes down to LinkedIn.

01:16:27I can't say it today.

01:16:29But yeah.

01:16:29Richard Branson.

01:16:30Bill Gates.

01:16:31And so forth.

01:16:31Right.

01:16:32So you get the idea.

01:16:33And.

01:16:34These people actually.

01:16:37And these are linked to their authentic profiles.

01:16:40Right.

01:16:41They're.

01:16:42They're like.

01:16:42There's channels out there.

01:16:45Publishers.

01:16:45All of these.

01:16:46They get special attention by LinkedIn.

01:16:48And they have been placed in a special category.

01:16:51Right.

01:16:51The pulse.

01:16:52People follow them.

01:16:53People.

01:16:53You know.

01:16:54Want to know about them.

01:16:55People.

01:16:55You know.

01:16:55Talk about them.

01:16:57So that's what it is.

01:16:58So now.

01:16:58Coming back to it.

01:16:59So this is how a profile looks like.

01:17:02And.

01:17:02What you need to know is.

01:17:03I'm not logged in.

01:17:04But you can get more details.

01:17:06But there are.

01:17:06A couple of things.

01:17:07A profile.

01:17:08Basically.

01:17:08It will give you.

01:17:09A lot of.

01:17:11Information about a person.

01:17:12Their.

01:17:13Company.

01:17:13Which they work for.

01:17:14Education.

01:17:16If they have listed.

01:17:17All this information out.

01:17:18Their interests.

01:17:19You can build out.

01:17:20You know.

01:17:20You can see their professional interests.

01:17:22And in Facebook.

01:17:23You can see their personal interests.

01:17:24And build out a social graph.

01:17:26For effective social engineering.

01:17:27So you can talk to that person.

01:17:29About that particular.

01:17:31Things.

01:17:32And they will respond to it.

01:17:34Even if you.

01:17:35Say that.

01:17:35Hey.

01:17:35You know.

01:17:36You see.

01:17:36Like where the person.

01:17:37Is hanging out.

01:17:39At a coffee shop.

01:17:40At a bar.

01:17:41Strike a conversation.

01:17:42And talk about.

01:17:43You know.

01:17:44Philanthropy.

01:17:45Or talk about.

01:17:46You know.

01:17:46Certain.

01:17:47You know.

01:17:48Traveling.

01:17:48Or.

01:17:49Or.

01:17:49Eradication strategies.

01:17:51Talk about.

01:17:52Tennis as a sport.

01:17:53Bridge.

01:17:54So they.

01:17:54So not.

01:17:55They.

01:17:55They would.

01:17:56Think that you are.

01:17:57Kind of.

01:17:58Same.

01:17:58Same and similar to them.

01:17:59And they.

01:18:00Because their interests match.

01:18:01And they will.

01:18:02They know about this stuff.

01:18:03They won't feel awkward.

01:18:04And they will start sharing their experiences.

01:18:06And so.

01:18:07You know.

01:18:07You will be trying to get a password out of them.

01:18:09To get into the network.

01:18:09As a penetration tester.

01:18:11And.

01:18:12That's how it works.

01:18:13So this is basic things.

01:18:16You know.

01:18:16Which you need to understand.

01:18:17And especially when it comes down to.

01:18:19Searching people online.

01:18:21So now let's.

01:18:21Let's search.

01:18:22Let's see how does a company's profile look online.

01:18:24Right.

01:18:25So let.

01:18:25Let me.

01:18:26Let me actually just.

01:18:27See.

01:18:27If I can just type in directly.

01:18:30Microsoft.

01:18:31As a company name.

01:18:33And get a.

01:18:33Well.

01:18:34Give me a phone for her.

01:18:35I'm sure there is a URL.

01:18:36Which.

01:18:37Which.

01:18:38Pattern which they follow.

01:18:39But I'll just replace.

01:18:41Bill Gates.

01:18:42With Microsoft.

01:18:45Right.

01:18:46Microsoft.

01:18:47And then I'm putting LinkedIn.

01:18:48So I'm trying to go to a company's profile.

01:18:50Basically.

01:18:51And.

01:18:52If you got a company's profile.

01:18:54Micro.

01:18:54Soft.

01:18:55Or micro.

01:18:56Soft.

01:18:57Definitely.

01:18:57It's not Microsoft.

01:18:59Right.

01:18:59You have to make sure that they have the URL.

01:19:02To that particular domain.

01:19:03The authentic URL.

01:19:05You know.

01:19:05Because all these big companies.

01:19:06They need a proper URL.

01:19:08Right.

01:19:08So you can see like.

01:19:09You know.

01:19:10These are the.

01:19:11The different VPs.

01:19:13At this company.

01:19:14You can also see.

01:19:16The.

01:19:17You can see like.

01:19:18You know.

01:19:19Other information.

01:19:20There is a company detail.

01:19:22The special.

01:19:23The specialties area.

01:19:25Then there's websites.

01:19:26Industry.

01:19:26Which they follow.

01:19:27Type.

01:19:27Founder.

01:19:28Date.

01:19:29And all that stuff.

01:19:30Right.

01:19:30So all this is very critical.

01:19:31When you're trying to search for companies.

01:19:33Try to see.

01:19:34If it's a legit company.

01:19:35Trying to make a social graph.

01:19:37For a company.

01:19:38And also try to.

01:19:39Now work around it.

01:19:41So now.

01:19:41Another thing.

01:19:42Which you need to also know is.

01:19:44When it comes down to.

01:19:46People search.

01:19:47Let's do another.

01:19:48Google.

01:19:49People search.

01:19:52And let's look at some of the key tools.

01:19:54Which.

01:19:54Which are there.

01:19:55Right.

01:19:55So there's a tool called.

01:19:56Anywho.

01:19:57Right.

01:19:57So that we'll.

01:19:58Just do a quick search on this tool.

01:20:00Using this tool.

01:20:01An online website tool.

01:20:03Then I think so.

01:20:04Antellius has a tool.

01:20:06People search now.

01:20:08I'm just picking up.

01:20:09Any like.

01:20:09First.

01:20:10Two.

01:20:10Three tool searches.

01:20:11Which are out there.

01:20:12So just getting you familiar.

01:20:13With how these tools work.

01:20:15This is basically reverse engineer.

01:20:16You can type in a phone.

01:20:18You can.

01:20:18Here.

01:20:18You can type in.

01:20:20First name.

01:20:21Last name.

01:20:22Here.

01:20:22You can type in.

01:20:23First and last name.

01:20:23City.

01:20:25I mean.

01:20:26If I know.

01:20:27Bill.

01:20:28Gates.

01:20:30And.

01:20:31Well.

01:20:34I know he's in Washington.

01:20:35For sure.

01:20:36And.

01:20:41Let's.

01:20:42Let's try Redmond for him.

01:20:43I know he doesn't live in Redmond.

01:20:44He lives in.

01:20:47He lives on the island.

01:20:48But.

01:20:50So.

01:20:55Well.

01:20:56Yeah.

01:20:57You get some hits back.

01:20:58Right.

01:20:59And.

01:21:00Usually.

01:21:01Like.

01:21:01You know.

01:21:01These hits are pretty.

01:21:02Pretty close.

01:21:03And pretty accurate.

01:21:04Right.

01:21:06And.

01:21:07And.

01:21:07This is how you.

01:21:08You basically start.

01:21:09Let's look at the first profile.

01:21:10Whatever it is.

01:21:11Right.

01:21:12And.

01:21:13And this basically tells you.

01:21:14Well.

01:21:15This is a paid service.

01:21:16It wants no money now.

01:21:17So.

01:21:17I like people that way.

01:21:19Let's use the search through people.

01:21:22Let's do another Judy Foster.

01:21:24And.

01:21:27Let's see.

01:21:28If.

01:21:28People smart.

01:21:30Is smart enough to give us.

01:21:32Lots of information about a.

01:21:33About a person.

01:21:36Well.

01:21:36I spelled it wrong.

01:21:37It's a J-O-D-I-E.

01:21:40Not E-I.

01:21:40But.

01:21:42But.

01:21:42Anyhow.

01:21:42Somebody.

01:21:43I'm sure it will hit.

01:21:44It will get something back.

01:21:46Well.

01:21:46Again.

01:21:46So.

01:21:47It wants more information.

01:21:48It's not.

01:21:49You know.

01:21:49It's not letting me go in.

01:21:51Go in.

01:21:52And get the information as people did.

01:21:54But.

01:21:54You get an idea.

01:21:55Like.

01:21:55You know.

01:21:56How.

01:21:56Any of.

01:21:56All of these tools work.

01:21:58Right.

01:21:58And.

01:21:59And.

01:21:59What.

01:21:59What all does it go through.

01:22:01To find.

01:22:03Let's do Donald Trump.

01:22:05For that matter.

01:22:06D-O-N-A-L-D.

01:22:10Last name.

01:22:12Trump.

01:22:12T-R-U-M-P.

01:22:16And.

01:22:17I'm not sure.

01:22:18I think it's in Florida somewhere.

01:22:19But.

01:22:20His address listed.

01:22:21But yeah.

01:22:21So here.

01:22:22We get something.

01:22:23So.

01:22:23He's not Donald E.

01:22:24Trump.

01:22:24He's Donald J.

01:22:25Trump.

01:22:26Because Donald John Trump.

01:22:28So.

01:22:29I'm not.

01:22:30Getting any direct hit.

01:22:31But.

01:22:33Yeah.

01:22:34There's no Donald J.

01:22:35Trump here.

01:22:35But.

01:22:36Let's look at the first person.

01:22:39I'm sure this person is getting.

01:22:41A lot of popularity.

01:22:42Right now in the US.

01:22:43Because.

01:22:43His name kind of matches his liberty.

01:22:46But this is what it is.

01:22:48So.

01:22:48You get a lot of information.

01:22:49These are the yellow pages.

01:22:50You can use yellow pages.

01:22:51You can do.

01:22:52You can use other.

01:22:54Services out there.

01:22:55But.

01:22:56People search is something.

01:22:57Which I wanted.

01:22:57To get you familiar with.

01:23:00Get you a little bit more.

01:23:03Acquainted with.

01:23:04So that you can use it.

01:23:05Openly.

01:23:06And.

01:23:07Choose the right tool.

01:23:09I've got you familiar with.

01:23:10Crunchbase.

01:23:11I got you familiar with.

01:23:12LinkedIn.

01:23:13I got you familiar with.

01:23:15People.

01:23:16411.

01:23:17So these are some cool tools.

01:23:18Which you can just simply open up.

01:23:20And start.

01:23:20Getting people's information.

01:23:22Other tools.

01:23:23Which are out there.

01:23:23Which are in the market.

01:23:24Which you should know about.

01:23:26Which are paid ones also.

01:23:28Are.

01:23:28Our yellow pages.

01:23:29Premium services.

01:23:30Again.

01:23:31People has premium services.

01:23:32So you can.

01:23:33If you want to go one step further.

01:23:35Then you can do that also.

01:23:36All right.

01:23:37I hope you enjoyed the lab.

01:23:39I will see you in the next lab.

01:23:40And thank you for joining.

01:23:42Okay.

01:23:42Bye-bye.

01:23:43Bye-bye.

01:23:44Bye-bye.

01:23:45Bye-bye.

01:23:46Bye-bye.

01:23:47Bye-bye.

01:23:48Bye-bye.

01:23:49Bye-bye.

01:23:50Bye-bye.

01:23:51Bye-bye.

01:23:52Bye-bye.

01:23:53Bye-bye.

01:23:54Bye-bye.

01:23:55Bye-bye.

01:23:56Bye-bye.

01:23:57Bye-bye.

01:23:58Bye-bye.

Category

Transcript

Comments

Recommended