Website owners identification

Март 12, 2021

Главная
Разное
Website owners identification

Содержание

2. OUR COMPANY
3. Clowns and faggots 01 Whoever doesn't want to work as a clown for a faggot will
4. Main mission Identify the owner of the website with picrelated article compromat.group
5. Enumerating similar domains We started looking for the websites mirroring content from compromat.group website. Successfully identified:
10. VIEWDNS.INFO Framework for technical OSINT. Reverse IP Lookup, Whois lookup, IP History etc.
11. IP History results For compromat.pro website Russian IP addresses is a win for law enforcement, but
12. Bypassing Cloudflare IP protection Most of the websites we have identified used Cloudflare IP protection. So
13. WAF Bypass This script will try to find: - the direct IP address of a server
14. Whois Domain Bot Whois information about IP address or domain in pocket format
15. GO STUPID GO CRAZY
16. GO STUPID GO CRAZY
19. Builtwith.com Find out what websites are built with Analytics and Tracking JavaScript Libraries and Functions Webmaster
20. SpiderFoot HX Framework for website, IP, human names etc. OSINT
21. A PICTURE IS WORTH A THOUSAND WORDS
25. Скачать презентацию

Слайд 2

OUR COMPANY

OUR COMPANY

Слайд 3

Clowns and faggots
01
Whoever doesn't want to work as a clown for a

Clowns and faggots 01 Whoever doesn't want to work as a clown

faggot will work as a faggot for a clown. For the same small price. Victor Pelevin.

Слайд 4

Main mission
Identify the owner of the website with picrelated article compromat.group

Main mission Identify the owner of the website with picrelated article compromat.group

Слайд 5

Enumerating similar domains
We started looking for the websites mirroring content from compromat.group

Enumerating similar domains We started looking for the websites mirroring content from

website. Successfully identified:
http://kompromat.group/
https://compromat.pro/
http://Compromat.ws

Слайд 6

Слайд 7

Слайд 8

Слайд 9

Слайд 10

VIEWDNS.INFO
Framework for technical OSINT. Reverse IP Lookup, Whois lookup, IP History etc.

VIEWDNS.INFO Framework for technical OSINT. Reverse IP Lookup, Whois lookup, IP History etc.

Слайд 11

IP History results
For compromat.pro website
Russian IP addresses is a win for law

IP History results For compromat.pro website Russian IP addresses is a win

enforcement, but we needed to go deeper

Слайд 12

Bypassing Cloudflare IP protection
Most of the websites we have identified used

Bypassing Cloudflare IP protection Most of the websites we have identified used

Cloudflare IP protection. So we came up with using WAF Bypass tool
https://github.com/vincentcox/bypass-firewalls-by-DNS-history

Слайд 13

WAF Bypass
This script will try to find:
- the direct IP address

WAF Bypass This script will try to find: - the direct IP

of a server behind a firewall like Cloudflare, Incapsula, SUCURI ...
- an old server which still running the same (inactive and unmaintained) website, not receiving active traffic because the A DNS record is not pointing towards it

Слайд 14

Whois Domain Bot
Whois information about IP address or domain in pocket format

Whois Domain Bot Whois information about IP address or domain in pocket format

Слайд 15

GO STUPID
GO CRAZY

GO STUPID GO CRAZY

Слайд 16

GO STUPID
GO CRAZY

GO STUPID GO CRAZY

Слайд 17

Слайд 18

Слайд 19

Builtwith.com
Find out what websites are built with
Analytics and Tracking
JavaScript Libraries and Functions
Webmaster

Builtwith.com Find out what websites are built with Analytics and Tracking JavaScript

Registration

Слайд 20

SpiderFoot HX
Framework for website, IP, human names etc. OSINT

SpiderFoot HX Framework for website, IP, human names etc. OSINT

Слайд 21

A PICTURE IS WORTH A THOUSAND WORDS

A PICTURE IS WORTH A THOUSAND WORDS

Слайд 22

Слайд 23