root
/
public
mirror of https://github.com/01-edu/public.git
14
27
Fork 0
Code Releases Wiki Activity
Browse Source

CON-3040 feat:(osint-master) add audit for the project

CON-3116-Fix-nascar-online-alpha-subject-and-audit
Zouhair AMAZZAL 3 months ago committed by Zouhair AMAZZAL
parent
09723f5ff8
commit
d184ab95e8
2 changed files with 77 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      subjects/cybersecurity/osint-master/README.md
  2. 76
      subjects/cybersecurity/osint-master/audit/README.md

1
subjects/cybersecurity/osint-master/README.md
unescape_control_characters View File

@ -145,6 +145,7 @@ Challenge yourself!
### Documentation
Create a `README.md` file that provides comprehensive documentation for your tool (prerequisites, setup, configuration, usage, ...). This file must be submitted as part of the solution for the project.
Add clear guidelines and warnings about the ethical and legal use of the tool to your documentation.
### Ethical and Legal Considerations
- Get Permission: Always obtain explicit permission before gathering information.

76
subjects/cybersecurity/osint-master/audit/README.md
unescape_control_characters View File

@ -0,0 +1,76 @@
#### General
##### Check the Repo content.
Files that must be inside the repository:
- Detailed documentation in the `README.md` file.
- Source code for the OSINT-Master tool.
- Any required configuration files and scripts for running the tool.
###### Are all the required files present?
##### Play the role of a stakeholder
Organize a simulated scenario where the student take on the role of Cyber Security Experts and explain their solution and knowledge to a team or stakeholder. Evaluate their grasp of the concepts and technologies used in the project, their communication efficacy, and their critical thinking about their solution and knowledge behind this project.
Suggested role play questions include:
- What is OSINT and why is it significant in cybersecurity?
- What types of information can be gathered using OSINT techniques?
- Explain what subdomain takeovers are, and how to protect against it?
- How does the OSINT-Master tool help in identifying sensitive information?
- What challenges did you face while developing the OSINT-Master tool and how did you address them?
- How we can protect our cretical information from OSINT techniques?
- How can this tool help in a defensive approach?
###### Were the student able to answer all the questions?
###### Did the student demonstrate a thorough understanding of the concepts and technologies used in the project?
###### Were the student able to communicate effectively and justify their decisions and explain the knowledge behind this project?
###### Did the student able to evalute the value of this project in the real life scenarios?
###### Did the students demonstrate an understanding of ethical and legal considerations related to OSINT?
##### Check the Student Documentation in the `README.md` File
###### Does the `README.md` file contain all the necessary information about the tool (prerequisites, setup, configuration, usage, ...)?
###### Does the `README.md` file contain clear guidelines and warnings about the ethical and legal use of the tool?
##### Review the Tool's Design and Implementation
1. **Help Command:**
```sh
$> osintmaster --help
```
###### Does the output include explanation how to use the tool?
2. **Full Name Option:**
```sh
$> osintmaster -n "Full Name" -o filename
```
###### Does the output include accurate details such as phone numbers, addresses, and social media profiles?
###### Does the output stored to the file specified in the output parameter?
3. **IP Adress Option:**
```sh
$> osintmaster -i "IP Address" -o filename
```
###### Does the output include geolocation data, ISP details, and historical data?
###### Does the output stored to the file specified in the output parameter?
4. **Username Option:**
```sh
$> osintmaster -u "Username" -o filename
```
###### Does the output check the presence of the username on multiple social networks and public repositories?
###### Does the output stored to the file specified in the output parameter?
5. **Domain Option:**
```sh
$> osintmaster -d "Domain" -o filename
```
###### Does the output enumerate subdomains, gather relevant information, and identify potential subdomain takeover risks?
###### Does the output stored to the file specified in the output parameter?
##### Ensure that the student submission meets the project requirements:
1. **Functionality:** Does the tool retrieve detailed information based on the given inputs (Full Name, IP Address, Username, and Domain)?
2. **Data Accuracy:** Is the retrieved information accurate and relevant?
3. **Ethical Considerations:** Are there clear guidelines and warnings about the ethical and legal use of the tool?
4. **Usability:** Is the tool user-friendly and well-documented?
###### Did the tool design and implementation align with all the project requirements above?
###### Were the students able to implement a functional and reliable tool that meets the project requirements?
#### Bonus
###### + Did the student implement additional features, such as a graphical user interface (GUI) or PDF generation for the OSINT results?
###### + Is this project an outstanding project that exceeds the basic requirements?
Write Preview
Loading…
Cancel
Save