HW03: OSINT due Mon 18 Sep 23:59

\begin{purpose}
In this assignment you will practice some OSINT techniques.
\end{purpose}

Overview

In this assignment we will do some passive reconnaissance of an organization.

IMPORTANT: Limit your activities to OSINT sources. Do not perform any scans or attempt to login to any systems or perform any action that might be considered unwelcome!

The company you will investigate is Funeral Directors Life based here in Abilene, TX. In the sections below we refer to this company as “the organization.”

Do the activities named below and record the questions and your answers in a text file which will be uploaded in Canvas.

General Web Search

Do a general web search for the organization and jot down 10 facts you find that may be useful information as general reconnaissance. Record these facts in your text document. (5 pts)

Facebook Stalking

Visit the organization's Facebook page. From that page you should be able to find that FDLIC has started using a product called OnBase. Where did you find that fact? Read a little bit about the OnBase product and, in your own words, explain what it does. How might this information be useful in a penetration test. (3 pts)

Google Hacking

Do a web search on the organization's site that will find any PDF or MS Word documents that provide any technology-related information. What is the search you performed? (2 pts) Name something technology-related you found from this search?(1 pts)

theHarvester

Use theHarvester to perform a Bing-based search on their primary domain (limited to 500 results).

Show the command you entered to perform the search.(1 pts)

Paste into your text document the results obtained by the search.(1 pts)

Visit each of the hosts found by this search and also notice the IP number reported for each. Make two (possibly useful) observations about what you learn.(2 pts)

Summary

As you review all the results gleaned from the passive reconnaissance you performed so far give a thoughtful, one-sentence answer to each of the following questions:

(2 pts) What information did you glean that would be useful in a phishing attempt?

(2 pts) What information did you glean that would be useful finding a starting point for a technical attack?

Upon completion of this assignment, upload your text document to this Canvas assignment.