Prevention to Sensitive Information Disclosure via OSINT

Authors

  • Shweta Sondarva  Student, School of Information Technology and Cyber Security, Rashriya Raksha University, Lavad, Gandhinagar, Gujarat,
  • Dr. Priyanka Sharma  School of Information Technology, Artificial Intelligence, and Cyber Security, Rashtriya Raksha University, Gandhinagar, Gujarat, India
  • Prof. Dharti Dholariya  School of Information Technology, Artificial Intelligence, and Cyber Security, Rashtriya Raksha University, Gandhinagar, Gujarat, India

DOI:

https://doi.org/10.32628/IJSRSET218317

Keywords:

OSINT, Open source Intelligence, Reconnaissance, Recon Report

Abstract

This paper describes OSINT Tools and Approaches to find out sensitive information of any organization's Web Application or network. The paper contains the steps for gathering information and how to secure the web application, organization or network. There are many automated and paid tools available for vulnerability finding and penetration testing. In this paper we are performing recon with the help of OSINT to gather information and give the solution, before an attacker uses this vulnerability and exploits it. Nowadays lot many vulnerabilities are on the web application. I already learned the many cases in the security programs, where a Sensitive data leakage was happening on many reputed websites. So I will start to find out a web-application in which such types of information’s are disclosed, the Problem was that if we find out such information leaking like credentials, Token, API key we can easily get authorization to admins/users account. I found a lot many well-known websites where we can easily use this sensitive data. To perform such kind of attack you just need to perform reconnaissance with the help of various open source tools available on internet.

References

  1. Annie ahuja, “Open source intelligence: An intelligence sustenance,” in International Journal of Recent Trends in Engineering & Research, volume 04, Issue 04; Apr- 2018 [ISSN: 2455-1457]
  2. Béla Genge and Calin Enachescu,”shoVAT: shodan-based vulnerability assessment tool for internet-facing services” in Willey online library. (May 2015), DOI: 10.1002/sec.1262
  3. Xiaokui Shu and Danfeng Yao “Privacy preserving detection of sensitive data exposure” in IEEE transactions on information forensics and security, volume 10, May 2015
  4. Jacob Hedges, “closing gap between data and open source intelligence” in ieworldconference, 2 May 2019.
  5. J. pastor-galindo, “The not yet exploited goldmine of OSINT” in IEEE Access, volume 8, Jan 2020.
  6. Maurice Dawson “Open Source Intelligence: Performing Data Mining and Link Analysis to Track Terrorist Activities” in Information Technology - New Generations (pp.159-163), July 2017, DOI:10.1007/978-3-319-54978-1_22
  7. Ashleigh Powell, “Social Media data in digital forensic investigation” in book digital forensic education (pp.281-303), Jan 2020 DOI:10.1007/978-3-030-23547-5_14
  8. Aishwarya baby “A literature survey on data leak detection and prevention method” in International Journal of Advanced Research in Computer Science, Volume 8, No. 5, May-June 2017

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2021-06-30

Issue

Volume 8, Issue 3, May-June-2021

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Shweta Sondarva, Dr. Priyanka Sharma, Prof. Dharti Dholariya "Prevention to Sensitive Information Disclosure via OSINT" International Journal of Scientific Research in Science, Engineering and Technology (IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 8, Issue 3, pp.109-114, May-June-2021. Available at doi : https://doi.org/10.32628/IJSRSET218317