Creepy tool

Click here to load reader

download Creepy tool

of 6

  • date post

  • Category


  • view

  • download


Embed Size (px)

Transcript of Creepy tool

1. Creepy ToolA geo location information aggregator Gaurav Thorat MBA ITBM 2012-14 2. Questions before we Start How many of you use Twitter? How many of you use Flickr? How many of you use Smartphone? Do you know geo location tagging feature in your phone? Is it enabled? Do you like to Check in to places via Foursquare? If all or most of the above are YES then you areat Risk! Somebody can track you down. 3. What the heck is Social Engineering? It is easier & cheaper to train an IDS than a user! In many cases, attacker needs to Just ask to exploit the default settings inpeople. Social Engineering attacks are against Human Nature Humans are weakest link in security chain (esp. Poorly trained andunmotivated users) The art and science of getting people to comply to your wishes. (by Bernz) An outside hackers use of psychological tricks on legitimate users of acomputer system, in order to obtain information he needs to gain access to thesystem. 4. Type of Social Engineering Attacks Active Attacks Directly interaction with target to obtain security relevant information, gain access privileges, persuade someone to commit a policy violation or act as a proxy on attackers behalf Passive Attacks Includes eavesdropping, observation and subsequent analysis of the results. Often seek to acquire seed information for further active social engineering or network-based attacks. 5. Creepy Tool Passive Social Engineering Attack Application written in python that allows you to gather geo location relatedinformation about users from social networking platforms and image hostingservices. Social networking platforms currently supported : Twitter Foursquare (only check ins that are posted to twitter) Gowalla (only check ins that are posted to twitter) Image hosting services currently supported flickr ,, , ,,,,,,,, 6. Creepy Tool - Demo creepy.lnk Details Website : Platforms : Linux, Windows License : GPLv3 Author : Yiannis Kakavas Contact Email :