Open-Source Intelligence (OSINT)

Open-Source Intelligence (OSINT) is derived from public information. OSINT is not limited to online searches and can be used to focus efforts on a specific area of interest. Watch out for information overload.

Search Engines

When performing OSINT, do not limit yourself to only one search engine. There are different algorithms which means different results.

Some common search engines include:

• Google
• Bing
• Duck Duck Go
• Shodan
• Google Hacking Database

Google Hacking

Google hacking is also known as Google dorking or Google-Fu. Google hacking is a technique using Google to search and find security holes using advanced Google search operators.

Google Hacking Examples

Exact phrase

"private marketing material"

Specific site

site:example.com

Specific title

allintitle:marketing

Specific file extension

ext:pdf

Specific file type

filetype:pdf

Specific string in the URL

inurl:marketing

Text that must be included

intext:marketing

One or the other

marketing OR purchasing

Number range

2000..2025 marketing

Include and exclude a word

+marketing -sales

Search Google’s cached pages for a site (trying to be stealthy)

cache:example.com

Specific site excluding the "www" subdomain

site:example.com -site:www.example.com

Search for marketing PDF files

site:example.com filetype:pdf allintitle:marketing

Search for directory listings

intitle:index.of "parent directory"

Search for a directory listing that may be vulnerable to directory traversal up to the admin directory

intitle:index.of inurl:"/admin/*"

Find public web cameras

inurl:"ViewerFrame?Mode="

Google Hacking Database

The Google Hacking Database (GHDB) is an index of search queries (dorks) used to find public information. It is intended for penetration testers and security researchers.

https://www.exploit-db.com/google-hacking-database

Professional Security Services Offered by Central InfoSec

Central InfoSec offers a variety of professional security services including:

• Red Teaming
• Attack simulation to test, measure, and improve your detection and response
• Penetration Testing
• Real-world security tests using advanced hacking methods to identify your weaknesses
• Vulnerability Assessments
• Identification of potential vulnerabilities in your network and applications
• Application & API Testing
• Testing of security controls and products to identify your gaps and weaknesses
• vCISO Services
• Virtual CISO (vCISO) services allowing immediate access to strategic security guidance
• Cyber Risk Management
• Cyber solutions to help address security threats and to help you reach your security initiatives
• Phishing Assessment
• Effective security awareness training through social engineering and phishing emails
• Managed Phishing
• Routine phishing campaigns to track and measure the security awareness of your employees
• Password Audit
• Detection of weak passwords to help you improve your password policies
• C2 & Pivot Testing
• Command and control (C2) communications, pivoting, and data exfiltration testing
• Purple Team Tabletop
• Targeted training exercises to measure people, processes, and technologies
• Security Training
• Fully customizable cyber security training and employee awareness support

Best Boutique Penetration Testing Company

Central InfoSec named Best Boutique Penetration Testing Company by the Global 100 Awards.

Best Penetration Testing Firm

Central InfoSec named Best Penetration Testing Firm by Corporate Vision's Corporate Excellence Awards.

“Central InfoSec helps organizations by discovering network and web application vulnerabilities before the hackers do!”

Central InfoSec is an award-winning cyber security company that offers professional security services including Red Teaming, Penetration Testing, and Security Training.

The Central InfoSec team consists of skilled security professionals bringing a total of 20+ years of red teaming, penetration testing, web application, and exploitation experience. Central InfoSec team members have achieved industry leading professional certifications including CRTO, OSCP, OSWP, GXPN, GPEN, GCPN, GWAPT, GMOB, AWS-CSS, AWS-CCP, PenTest+, CEH, CISSP, and more.

The Central InfoSec team goes one step further and develops open-source tools including Burp Suite extensions, Cobalt Strike aggressor scripts, scripts tying into tools (including GoPhish, PhishMe, Slack, Lair), other custom-built security tools, and Capture The Flag (CTF) events!

Central InfoSec performs a variety of penetration tests including external-networks, internal-networks, web applications, and APIs. The company quickly informs clients of critical vulnerabilities by creating ad-hoc reports and hosting ad-hoc debriefs as necessary.

Best Penetration Testing & Security Consulting Firm

Central InfoSec Red Teaming
& Penetration Testing

Central InfoSec can quickly uncover critical vulnerabilities that have been missed for years. No automated scanning tool can replace high-quality security professionals. Utilizing Central InfoSec’s custom-built tools and manual analysis, Central InfoSec’s security experts have found numerous vulnerabilities within web applications including multiple 0-days allowing direct access to web servers hosting the applications. Once critical vulnerabilities are discovered, Central InfoSec’s experts work directly with application developers to address security flaws. With many success stories, Central InfoSec is constantly contributing to the community by sharing its knowledge through blogs, open-source projects, tool development, conferences, presentations, and local security meetups.

Every organization, at a minimum, should receive both network pen testing and web application pen testing, and cost should never be the reason that quality testing is not performed. Therefore, the company focuses on offering quality and affordable professional security services while increasing security awareness at organizations. The Central InfoSec team educates clients through security assessments and tailored security training while also helping with permanent resource staffing. We want to help organizations understand the core foundation to security, help businesses acquire the appropriate staff that they need, and help strengthen security postures through offensive security testing.

Best Boutique Pen Test Company

Central InfoSec strengthens the security posture of businesses by reducing cyber risk through red teaming and pen testing.

Best Boutique Pen Test Company

Let’s Work Together

If you’d like to see why Global 100 selected Central InfoSec as the Best Boutique Pen Test Company, let's have a chat to see how you could benefit from Central InfoSec security services. It’s simple and easy. We’ll even include a free customized quote. Let’s get started: Contact Us

Central InfoSec offers a variety of other professional security services to help you test, measure, and improve your overall security posture. Security services offered include red teaming, pen testing, vulnerability assessments, web app testing, managed phishing, and other tailored security services to help you reduce risk to your organization.