Cyber Primer Online Learning
The course is part of this learning path
This module will introduce some techniques used for reconnaissance and social engineering. The software simulations introduce some of the methods and software that can be used in reconnaissance.
- Social Engineering
- Twitter Profiling
- Google Hacking
Although perceived as an IT issue, cyber security is, in fact, a subject relevant to all business units. Cyber Primer is aimed at anyone with an interest in cyber security, whether they are looking to pursue a career as a penetration tester, or just want to get a feel for the world of cyber security.
There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet.
We welcome all feedback and suggestions - please contact us at firstname.lastname@example.org to let us know what you think.
In this video we'll cover how to use Twitter for Reconnaissance. Twitter can be used to find information about a particular target. You can profile someone quite easily using Twitter. To start, we'll go to gps-coordinates.net. Once there, we'll scroll down to where it says Address. Let's input QA's address. QA is based in Slough. Once that's done, it will pump you out a longitude and latitude, which we'll then use. Let's create another tab and actually go to Twitter.com. Log in with a legitimate account, or you can use a burner account that you set up for your reconnaissance. Burner or temporary accounts are advised. Let's log in. What we will do now, is type in the geocode from gps-coordinates.net in the search bar, along with the radius of where you would like to search. I'm writing latitude and longitude here, but we will shortly fill that space with the actual details for the area that we're searching. This string should provide us with the search of 50 meters around that area of the chosen location. Now we will input our latitude and input our longitude. Once this is in place, we'll select Search. Here, we go to the searches for tweets within 50 meters of the QA workplace. There's a picture inside of the QA workplace. This could be used to scope QA. There are lots of interesting people around too. Jonny Fisk seems interesting. Looks like a Chelsea fan. Mark's a good lad, also looks interesting. Seems like he's done a bit of traveling. Let's select his Twitter username or handle. Okay, so let's create a new tab now. And we're going to travel over onto the website app.teachingprivacy.org. What this website does, is it allows you to put in anybody's Twitter username. And if they have historical location data on their tweets, we will be able to see where Mark was, when those tweets were posted. If there's enough information, or many geolocation tweets recurring on the same time over a couple of days or months, we can establish what is known as a pattern of life, allowing us to know where individuals might be on any given day. What we're looking for is correlation. In a line over the days you can see any correlation like that going down in a line. You can click the different boxes to see where those tweets were made, and if there seems to be a pattern of the tweets being made in the same particular position. That might be a good place to intercept an individual, or at least know that you might be able to come into contact with them, see them in person to continue your investigation. This could be used as the basis for a social engineer-based attack.
Originating from a systems administration/network architecture career, a solid part of his career building networks for educational institutes. With security being a mainstay his implementation he grew a strong passion for everything cyber orientated especially social engineering. The educational experience led to him mentoring young women in IT, helping them to begin a cyber career. He is a recipient of the Cisco global cyber security scholarship. A CCNA Cyber Ops holder and elected for the CCNP Cyber Ops program.