PSY 860 Assignment Information Gathering and Processing
Write a paper (1,750-2,000 words) that discusses factors that influence information gathering and processing. Address the following in the paper:
1- Briefly describe the fast brain/slow brain concept presented by Kahneman.
2- Briefly describe the positivity ratio concept presented by Fredrickson.
3- Briefly describe the readiness concept presented by Prochaska.
4- Analyze how each of these concepts influences the process of creating hypotheses, testing hypotheses, and drawing conclusions. Which of these researchers’ concepts is the preferred model? Why?
5- Using the model you identified above as the preferred model, draft a sample theoretical foundation/conceptual framework for a dissertation prospectus that is based in that model. You may use your own topic/prospectus if the model is applicable.
“Information is power,” as the saying goes. And in most scenarios it’s true: having critical information, at the right time, and especially knowing how to use it, can be a great source of power.
In the cybersecurity world, the security data about any target (person, company, domain name or service) is something that’s coveted by parties on all fronts, including red teams and blue teams.
Therefore, mastering the information gathering process is one of the ultimate goals of any cybersecurity researcher. That’s why today we’ll be exploring the main information gathering concept, as well as some Information gathering techniques and tools that will help you boost your daily infosec tasks.
What’s information gathering?
When it comes to getting a clear information gathering concept, the simplest way to define it would be the process of collecting information about something you are interested in. A practical example: gathering information with your eyes is called visual perception. In the same way, in the digital world, a lot of information can be gathered in different ways, not with your senses, but with several methods, tools and techniques.
For those in the cybersecurity industry, this is the first step to take during the earlier stages of any hacking activity (both cracking and ethical hacking), when any black- or white-hat researcher needs to gain as much information as possible about the desired target.
While it’s a fun activity for some researchers, information gathering is also one of the most time-consuming tasks during the intel-recon process, and that is why time management is so important.
What are the objectives of information gathering in cybersecurity?
Any basic cybersecurity information gathering process often includes these two types of data collection goals:
Collecting network data: Such as public, private and associated domain names, network hosts, public and private IP blocks, routing tables, TCP and UDP running services, SSL certificates, open ports and more.
Collecting system-related information: This includes user enumeration, system groups, OS hostnames, OS system type (probably by fingerprinting), system banners (as seen in the banner grabbing blog post), etc.
But there’s a lot more involved. Let’s learn about it, by exploring the most popular techniques used during this phase.
Information gathering techniques and methods
Ethical hackers use a big variety of techniques and tools to get this precious information about their targets, as well as locations and data collection software they’ll be using towards the information gathering goal.
Let’s look at the top information gathering methods used to gather information about any target.
Click here to ORDER an A++ paper from our Verified MASTERS and DOCTORATE WRITERS: PSY 860 Assignment Information Gathering and Processing
How to gather information?
Social engineering: This includes in-person chat, phone conversations and email spoofing attacks. What all these methods have in common is the psychology of human weakness, needed to get maximum data about the target.
Search engines: Web crawlers can be used to fetch information about anything, and this includes companies, persons, services, and even real hacks, as seen in our previous article about Google Hacking.
Social networks: Facebook, Twitter, LinkedIn and other social networks are great sources of information to build a profile, especially when targeting individuals.
Domain names: These are registered by organizations, governments, public and private agencies, and people. Therefore, they’re a great starting point when you want to investigate someone. Personal information, associated domains, projects, services and technologies can be found by inspecting domain name information.
Internet servers: authoritative DNS servers are a great source of information, as they often include every single surface point exposed to the Internet—which means a direct link to related services such as HTTP, email, etc. In our previous article about passive DNS, we analyzed the importance of DNS servers, and especially passive DNS-recon services, such as the ones we offer here at SecurityTrails.
All these techniques are really useful when combined with enterprise security tools. Keep reading to discover how to maximize your information gathering results by using some really cool infosec utilities.
Information gathering tools
There are a lot of tools to discuss when talking about information gathering, including one particular software we can’t avoid mentioning… that’s Kali Linux, one of the most popular cyber security linux distributions around.
We’ve written about the top Kali Linux tools before, but that was a general review of the most popular tools on that Linux distro. When it comes to information gathering, Kali Linux includes one of the biggest collections ever. To be precise, exactly 67 information gathering utilities will help you get all the valuable data you need during your infosec investigations.
Creating a full list of all the information gathering tools available would be monumental, not to mention difficult. That’s why we’ve created a summary of the top 12 most popular tools that, in our experience, may help you during your information gathering process:
Nmap: Our beloved network scanner will be always in the #1 position when it comes to data gathering tools. It can be used not only to scan ports and service fingerprinting, but also as a DNS enumeration and network mapping tool.
Unicornscan: Combined with Nmap, it can give you the complete picture of any remote network or host, as it is able to perform asynchronous stateless TCP scanning with all variations of TCP flags, as well as TCP banner grabbing, async UDP Scanning, OS fingerprinting, and much more.
Sublist3r: This is one of the best subdomain enumeration tools around, one that will help you create a virtual subdomain map of any website in no time. By using Google dorks and other search engines such as Baidu, Ask, Yahoo or Bing, it can also be used to perform a brute force subdomain discovery attack with wordlists, thanks to its subroute integration.
DMitry: Its name stands for Deepmagic Information Gathering Tool, and is one of the top terminal-based tools when it comes to intel reconnaissance tasks. It will allow you to get any available data from any host, such as subdomains, email addresses, open ports, WHOIS lookups, server data, and more.
OWASP Amass: Also known simply as ‘Amass’, this information gathering tool helps researchers and IT administrators create a full map of their digital assets by providing an easy way to perform DNS enumeration, asset location, and overall attack surface discovery.
Axiom: This new tool is one of the best available when you need to get massive amounts of data in a limited time. It’s basically a dynamic infrastructure framework that helps system administrators and researchers build and deploy offensive and defensive security multi-cloud infrastructure in mere seconds, by using pre-installed tools based on OS images.
Th3inspector: This infosec utility will enable you to fetch all kinds of website-related information, such as page data, phone number, ip addresses of HTTP and email server, perform a domain WHOIS lookup, bypass the Cloudflare proxy, check the age of your domain name, scan remote active services, subdomain mapping, and even work as a CMS detector.
Devploit: This tool is used to extract DNS and domain data, including DNS lookups, WHOIS lookup information, reverse IP info, port scanning, DNS zone transfer, HTTP-headers, GEOIP lookup, subnet lookup, etc.
Bettercap: Known as the swiss army knife for networking, it’s used mostly for network recon and information gathering, especially for WiFi, Bluetooth low energy devices and Ethernet networks.
Traceroute: As one of the most popular network tools used to track the path of networks packets between one IP address to another, it’s a powerful recon tool that will let you gain critical network information about IP addresses and networking routes.
WHOIS: The WHOIS command is a great source of data for fetching domain- and IP-related information, including tech and admin names, telephones, addresses, country, DNS servers, etc.
Dig: Whenever you need to find current data about DNS records, Dig is one of the best tools there is to help you to accomplish that task, whether you want to get A, NS, TXT or CNAME records.
What’s the best way to gather information about any company?
Most of the tools we’ve mentioned are terminal-based, and while those are good solutions for the console geeks, even some advanced IT users need to jump into web-based tools from time to time. Most importantly, you might need an AIO solution that can not only give you isolated results, but also help you correlate all the information, to ultimately generate a threat intelligence report that includes all the critical data.