Automation of cyber-reconnaissance: A Java-based open source tool for information gathering

Roy, Ahana; Mejia, Louis; Helling, Paul; Olmsted, Aspen

doi:10.23919/icitst.2017.8356437

Cited by 6 publications

(2 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Dari 88 juta serangan tersebut, 43% tergolong serangan tipe pencurian informasi (Information Gathering) [1]. Information Gathering merupakan kegiatan mengumpulkan informasi sebanyak-banyaknya mengenai suatu sasaran tertentu [2]. Pada penelitian [3] Jeon, dkk.…”

Section: Pendahuluanunclassified

Rancang Bangun Aplikasi Gamifikasi Untuk Meningkatkan Kesadaran Keamanan Siber

Hadiprakoso¹,

Satria²

2022

JIKOM

View full text Add to dashboard Cite

Pada awal tahun 2021 Badan Siber dan Sandi Negara melaporkan data serangan siber yang terjadi di Indonesia. Jumlah serangan yang diterima pada kuartal pertama tahun 2021 lebih dari 88 juta serangan. Serangan pengumpulan informasi menyumbang sebanyak 43% dari serangan ini. Serangan pengumpulan informasi menyumbang sebanyak 43% dari serangan ini. Sangat penting untuk menemukan cara untuk meningkatkan kesadaran keamanan siber untuk mencegah serangan pengumpulan informasi semacam itu. Akibatnya, sebuah penelitian dilakukan untuk menggunakan gamifikasi instruksional kesadaran keamanan siber untuk meningkatkan kesadaran keamanan siber komunitas. Menggunakan Software Development Lifecycle (SDLC) Personal Xtreme Programming, aplikasi gamifikasi SadarSiber ini dibuat dalam bentuk permainan kuis. Berdasarkan hasil kuesioner yang dibagikan kepada responden, aplikasi gamifikasi SadarSiber dapat meningkatkan kesadaran keamanan siber dan mencegah pengguna mengekspos data pribadinya kepada pihak yang tidak dikenal.

show abstract

Section: Pendahuluanunclassified

Rancang Bangun Aplikasi Gamifikasi Untuk Meningkatkan Kesadaran Keamanan Siber

Hadiprakoso¹,

Satria²

2022

JIKOM

View full text Add to dashboard Cite

show abstract

“…Roy et al [11] presents a practice for Pentest that uses the Google search engine, to nd vulnerabilities in internet pages only using speci c strings, that is, only using a certain set of characters that may or may not be composed by advanced Google operators. This string used in Google to search for vulnerabilities is called Dork, while the practice for Pentest that uses Google and Dorks is called Google Hacking (GH) or Google Dorking.…”

Section: Google Hackingmentioning

confidence: 99%

Google Hacking Database Attributes Enrichment and Conversion to Enable the Application of Machine Learning Techniques

Evangelista

Sassi

Romero

2022

Preprint

View full text Add to dashboard Cite

In the initial phase of the pentest, named Open Source Intelligence, we use passive recognition with Google Hacking. Google Hacking is a practice that uses strings called Dorks. To support them, the Google Hacking Database is available with thousands of Dorks. However, the Google Hacking Database contains a reduced number of attributes, all with textual values, which makes it impossible to apply Machine Learning techniques. one way to enrich the Google Hacking Database with attributes is with Natural Language Processing and the transformation of textual values to numeric, converting Dorks characters to ASCII. So, the objective was to apply Natural Language Processing to enrich Google Hacking Database with attributes and convert its textual values to ASCII, to enable the application of Machine Learning techniques. The computational experiments were conducted in seven steps: Selection of the GHDB Base, Removal of Hyperlinks and Deletion of Attributes, Removal of the Site Parameter from Dorks, Removal of Outliers and Stopwords, Enrichment with Natural Language Processing, Base Transformation, and Application of the SOM. The results obtained with the application of the SOM were considered good, depending on the values presented by the metrics that evaluated the network. Thus, it is considered that the objective of this paper was achieved.

show abstract

Parallelized Cyber Reconnaissance Automation: A Real-Time and Scheduled Security Scanner

Malkawi

Alhajj

2023

Lecture Notes in Social Networks

View full text Add to dashboard Cite

Automation of cyber-reconnaissance: A Java-based open source tool for information gathering

Cited by 6 publications

References 2 publications

Rancang Bangun Aplikasi Gamifikasi Untuk Meningkatkan Kesadaran Keamanan Siber

Rancang Bangun Aplikasi Gamifikasi Untuk Meningkatkan Kesadaran Keamanan Siber

Google Hacking Database Attributes Enrichment and Conversion to Enable the Application of Machine Learning Techniques

Parallelized Cyber Reconnaissance Automation: A Real-Time and Scheduled Security Scanner

Contact Info

Product

Resources

About