## 6. Analysis & Impact Assessment | Threat Vector | Likelihood | Impact | Overall Rating | Mitigation Recommendations | |---------------|------------|--------|----------------|----------------------------| | Publicly exposed API keys | High | Data exfiltration, service abuse | Critical | Rotate keys, implement secret management, restrict IP ranges. | | Unauthenticated admin panel | Medium | System takeover, data manipulation | High | Add authentication, IP whitelist, enable MFA. | | Credential leak on Pastebin | High | Account takeover, credential stuffing | Critical | Force password reset, monitor for abuse, adopt password‑less auth. | | Phishing using brand domain | Medium | Reputation damage, credential theft | Medium | Deploy DMARC/DKIM/SPF, employee training, brand monitoring. | | Geo‑tagged interior photos | Low | Physical security reconnaissance | Low | Strip EXIF data from publicly posted images. |
*--- End of Report ---*
---
---
## 8. Limitations - All data collected is **publicly available** as of the report date; any private/internal information was not accessed. - The assessment **does not** include active exploitation (no network intrusion, no credential cracking). - Dark‑web findings are limited to indexed sources; deeper investigation may reveal additional data (subject to legal review). OSINT Report.zip
## 4. Sources & Tools Inventory | Category | Tool / Platform | URL / Command | Notes | |----------|----------------|----------------|-------| | Domain WHOIS | `whois` (CLI) | `whois example.com` | Check registration dates, registrar, admin contacts. | | DNS | `dig`, `dnsenum` | `dig ANY example.com` | Identify subdomains, MX, TXT records. | | SSL | SSL Labs, `testssl.sh` | `https://www.ssllabs.com/` | TLS version support, certificate chain. | | Passive DNS | PassiveTotal, `dnsdb` | `https://www.passivetotal.org/` | Historical DNS mappings. | | Search Engines | Google Dorks, Bing | `site:example.com filetype:pdf` | Targeted file discovery. | | Social Media | Twint, Netlytic | `twint -u @handle` | Collect tweets without API limits. | | Code Repositories | GitHub Search | `https://github.com/search?q=example.com` | Look for exposed credentials, config files. | | Image/Video | ExifTool, TinEye | `exiftool image.jpg` | Metadata & reverse‑image lookup. | | Geolocation | Google Earth, OpenStreetMap | N/A | Validate physical locations from posts. | | Dark Web | Ahmia, TorLinks | `http://msydqstlz2kzerdg.onion` | Search for leaked data (legal review required). |
---
---
## 1. Executive Summary - **Purpose:** Brief description of why the assessment was performed. - **Key Findings:** 3‑5 bullet points summarising the most critical insights. - **Overall Risk Rating:** <Low / Medium / High / Critical>. | | Credential leak on Pastebin | High
---