Hi malware fighters,
Most organizations are familiar with Penetration Testing and other ethical
hacking techniques as a means to understanding the current security status
of their information system assets. Consequently, much of the focus of
research, discussion, and practice, has traditionally been placed upon
active probing and exploitation of security vulnerabilities. Since this type
of active probing involves interacting with the target, it is often easily
identifiable with the analysis of firewall and intrusion
detection/prevention device (IDS or IPS) log files.
However, too many organizations fail to identify the potential threats from
information unintentionally leaked, freely available over the Internet, and
not normally identifiable from standard log file analysis. Most critically,
an attacker can passively gather this information without ever coming into
direct contact with the organizations servers - thus being essentially
undetectable.
Use all Google has there for ye, e.g.: http://www.google.com/search?as_lq=
Very little information has been publicly discussed about arguably one of
the least understood, and most significant stages of penetration testing -
the process of Passive Information Gathering.
A lot of Passive Information Gathering can be done via readily available
online sources, or via special browser extensions, for instance Wappalyzer,
http://www.vulnerabilityassessment.co.uk/precon.htm
Fiddler, robtex data, online vulnerability scans from third parties,
link and iFrame detecting online third party scans, javascript analysis.
Without going anywhere near the actual website server a lot of online
information is there. On the one hand the info can be used by pentesters
to improve the website’s security and protect against these threats:
www.ngssoftware.com/.../Passive_Information_Gathering_-_The_Analysis_of_Leaked_Network_Security_Information.sflb.ashx
polonus