Index
As this ebook edition doesn't have fixed pagination, the page numbers below are hyperlinked for reference only, based on the printed edition of this book.
A
access controls 25
Active Directory (AD) 83
active information gathering 80-82
Address Resolution Protocol (ARP) 83, 144
AdGuard Desktop app 226
Advanced Encryption Standard (AES) 143, 265-279
AFLogical OSE 94
AltDNS 78
AMASS 77
Andriller 93
Android
privacy and anonymity, improving on 207, 208
Android Data Extractor Lite 94
Android devices
app tracking, blocking on 209
AndroRAT 93
anonymizers 250
advantages 250
Hide My Ass (HMA) 254
ProxySite 255
reference link 252
anti-tracking software 225
application-level attacks 133
Application Programming Interfaces (APIs) 105
applications
preparing, for anonymity 208, 209
app tracking
blocking, by iOS devices 210-212
blocking, on Android devices 209, 210
app tracking transparency (ATT) 214
artifacts
collecting 126
artifacts, that competitors collect
direct web tracking cookies 134
third-party tracking cookies 134
tracking cookies 134
attack
phases 76
attacker
Attack Simulator 100
attack surface, with sensitive data
botnets 46
entry points and bots, creating 42-46
zombie 46
authentication 181
definition 156
Authentication, Authorization, and Accounting (AAA) 277
authentication methods
biometric authentication 159
credit bureau-based authentication 157
database-based authentication 157
knowledge-based authentication (KBA) 156
multi-factor authentication (MFA) 156
Avast AntiTrack Premium 227
Azure Active Directory 159
conditional access policies 159
B
baiting 95
balenaEtcher
download link 273
behavior-tracking applications
best practices, cyber anonymity maintenance
connectivity, securing 177
cookies, disabling 172
disposable email addresses, using 176
overexposure, avoiding 176
personnel assistance programs 177
safe network, using 172
secure browser, using 172
secure device, using 172
secure email service, using 175
sensitive or personal information sharing, avoiding 176
stronger password, using 173-175
user secure storage 176
biometric authentication 159
Bitcoin 287
botnets 46
bring your own device (BYOD) 29, 247
broadband connections 184
browsers
information, compromising 145-150
brute forcing 88
burner phone 239
Business Process Outsourced (BPO) 10
C
cable connections 184
caches
castle security implementation 45
CCleaner 228
censorship circumvention 267
censorship-circumvention networks 270
Censys
reference link 40
Cerberus 93
chain letters 94
choose your own device (CYOD) 32
Citrix Hypervisor 197
Cliqz 226
closed-circuit television (CCTV) 96
coaxial cables 184
Comma-Separated Value (CSV) file 256
Common User Passwords Profiler (CUPP) 173
compromised credentials 133
computer- and mobile-based social engineering 94
baiting 95
chain letters 94
fake SMS messages 95
hoax letters 94
malicious apps 95
phishing 94
quid pro quo 95
scareware 95
spam messages 94
spear phishing 94
targeted chatting 95
conditional access policies
client apps 160
device platforms 159
filter for devices 160
locations 159
sign-in risk level 159
user risk level 159
connections 183
broadband connections 184
cable connections 184
dial-up connections 183
DSL connections 184
Ethernet 185
fiber connections 184
leased lines 184
mobile broadband 185
Wi-Fi connection 185
connectivity
planning 183
contact numbers
cookies 126
credit bureau-based authentication 157
cupp.py 173
download link 173
best practices, for maintenance 168
levels 165
cyber exposure index 50
cyberspace
email address, exposing 56
sensitive information, exposing 54-61
D
data
deleting, before disposal of devices 68-70
database-based authentication 157
data privacy 8
deep web 76
default configurations and passwords 45
device configurations
firewalls, enabling 191
Wi-Fi Protected Setup (WPS) configuration 191
devices
dial-up connections 183
dictionary attack 88
Digital Subscriber Line (DSL) connections 184
discretionary access control (DAC) 26, 27
disposable email service providers
list 236
disposable mail
distributed denial-of-service (DDoS) attacks 46
DNS poisoning 121
DNSRecon 78
DNS servers 84
domain mapping 84
duckyScript language 93
dumpster diving 95
dynamic chain 263
Dynamic Host Control Protocol (DHCP) 197
E
eavesdropping 96
Electrum 287
email address
email alias
service providers 52
Email Extractor
reference link 56
endpoints 138
endpoint security 138
entry points and bots
enum4linux tool 86
techniques 83
Ethernet 185
Exif Purge tool
download link 68
ExpressVPN 279
features 279
reference link 279
F
FakeINFO 66
fake SMS messages 95
Federal Bureau of Investigation (FBI) 14
fiber connections 184
Fifth-Generation (5G) wireless 185
File Transfer Protocol (FTP) 250
firewalls
enabling 191
Five Eyes (FVEY) 175
Fourth-Generation (4G) wireless 185
FoxyProxy
download link 257
FTK Imager Lite 93
G
General Data Protection Regulation Act (GDPR) 234
Geonode
reference link 256
Geonode free proxy list
reference link 258
Google 107
Google Advanced Search 111, 112
reference link 111
Google Chrome
third-party cookies, disabling on 135
Google hacking 77
Google Hacking Database (GHDB) 109
reference link 109
Gophish 99
Graphical User Interface (GUI) 14
guest access 190
H
HexChat 286
Hide My Ass (HMA) 254
hoax letters 94
home network
host records 84
human-based social engineering 95
dumpster diving 95
eavesdropping 96
impersonating users 95
piggybacking 96
shoulder surfing 96
Hydra 89
Hypertext Transfer Protocol (HTTP) 250
Hypertext Transfer Protocol Secure (HTTPS) 118, 177
Hyper-V 196
I
Icedrive 176
information
categorization 4
Information and Event Management (SIEM) 101
active information gathering 80-82
passive information gathering 77, 78
Infosec IQ 100
Internet of Things (IoT) 138
Internet Service Providers (ISPs) 12, 55, 59, 134, 183, 250
intrusion detection system (IDS) 45
Intrusion Prevention Systems (IPSs) 45, 101
iOS devices
app tracking, blocking by 210-212
using, instead of URL 267
iPhone
privacy and anonymity, improving on 207, 208
J
Java Script Object Notation (JSON) file 256
K
Kali Linux 202
KeePass password manager
example 64
KeePassXC 286
Kernel Virtual Machine (KVM) 197
Knock 78
knowledge-based authentication (KBA) 156
Kodachi 203
L
latency 260
leased lines 184
Least-Permission Policy (LPP) 182
level of access 192
administrators of superuser access level 192
protected items access level 192
registered users 192
unregistered or anonymous users 192
levels, cyber anonymity
level 0 – no identification of user 167
level 1 – anonymous identification 166
level 2 – pen-name identification 166
level 3 – latent or potential identification 166
level 4 – usual identification 166
level 5 – super-identification 165
super-anonymous level 168
Lightweight Directory Access Protocol (LDAP) 40, 141
Linux Lite 202
Linux Memory Extractor 94
live boot versions
Local Area Network (LAN) 185, 276
Local Security Authority (LSA) 139
locanto
URL 72
logless services 281
LSA Subsystem Service (LSASS) 139
M
URL 63
malicious apps 95
malware 45
malware attacks 126
ransomware 133
mandatory access control (MAC) 28
man-in-the-middle attacks (MITM attacks) 121
Medusa 89
image
meta data removing, before sharing 67, 68
Microsoft Edge
third-party cookies, disabling on 136
mirrors
mobile application management (MAM) 29
mobile broadband 185
mobile device management (MDM) 29
mobile emulators 197
modern IT systems
cloud identities 88
hybrid identities 88
linked identities 88
on-premises identities 88
Monero 287
Mozilla Firefox
third-party cookies, disabling on 136, 137
Multi Factor Authentication (MFA) 63
MX records 84
MyLastSearch 149
N
National Vulnerability Database (NVD)
URL 35
Near-Field Communication (NFC) 193
NetBIOS cache 86
network
accessing, by attackers 141-144
network capturing 12
Network Mapper (Nmap) 262
network name 190
New Technology File System (NTFS) files 26
non-discretionary access control (RBAC) 28
NordVPN 279
features 280
reference link 279
O
offline password cracking 89-91
One Time Password (OTP) 58, 122, 176, 237
online password cracking 88, 89
OnonShare 286
Open Handset Alliance 195
open-source intelligence (OSINT) 61, 76, 103
Open Virtual Appliance 284
OpenVPN 277
open Wi-Fi 117
risks, minimizing with 122, 123
open Wi-Fi connectivity 117
open Wi-Fi networks 116
operating systems
boot option 15
P
Parrot Security 202
passive information gathering 77, 78
passphrase generation
references 174
password attacks 45
password cracking
offline password cracking 89-91
online password cracking 88, 89
password managers 63
Patator 89
pCloud 176
Peppermint OS 202
personal information 4
versus sensitive information 4
Personally Identifiable Information (PII) 4, 60, 65, 123
phishing sites 124
physical access 91
piggybacking 96
point-to-site VPNs 276
potentially unwanted programs (PUPs) 228
Preinstallation Environment (PE) 16
Pretty Good Privacy (PGP) encryption 53
Private Internet Access (PIA) 280
reference link 280
PrivateVPN 280
features 280
reference link 280
Proton
reference link 63
download link 260
proxy 250
capabilities 262
modes 263
ProxyHam 186
proxy servers 270
ProxySite 255
Psiphon 271
download link 270
public IP address
URL 169
Public Switching Telephone Network (PSTN) 183
Puppy Linux 202
Q
QEMU 197
download link 275
quid pro quo 95
R
random chain 263
RapidTables
reference link 268
raw data
creating, sensitive information 11, 12
Read-Only Memory (ROM) 189
recovered vulnerability
Red Hat Virtualization 197
relays 266
remote access tool (RAT) 39
Remote Desktop Protocol (RDP) 40
Research in Motion (RIM) 195
Reverse Image Search 112
reference link 112
rogue access point 121
role-based access control (RBAC) 28-31
S
scareware 95
secure messaging apps
encryption, versions 232
Security Account Manager (SAM) 126, 139
sensitive information 4
raw data, creating 11
versus personal information 4
Separation of Duties (SoD) 182
Sequencial Alignment Map (SAM) file 90
Service Set Identifiers (SSIDs) 99, 190
session hijacking attacks 133
shoulder surfing 96
Simple Phishing Toolkit 100
Single Sign-On (SSO) 181
site-to-site VPN 276
skokka
URL 72
sniffing 90
social engineering 94
computer- and mobile-based social engineering 94
human-based social engineering 95
social engineering attacks
Social-Engineer Toolkit (SET) 96
social media 71
potential scams, identifying 74
scams 72
solutions, to minimize risks 73
usage, concerns 71
Social Searcher
URL 11
Social Security Number (SSN) 62
spam messages 94
strict chain 263
strong Wi-Fi password
SubBrute 78
Subgraph OS 203
Sublist3r 77
SuperPhisher 100
surface internet 265
sync 176
T
benefits 272
download link 272
options, to connect to Tor 274
targeted chatting 95
technical controls 25
access controls 25
discretionary access control 26, 27
mandatory access control 28-31
TheHarvester 41
The Onion Router (Tor) 227, 264, 286
the tip of the iceberg 265
Third-Generation (3G) wireless 185
third-party cookies
disabling, on Google Chrome 135
disabling, on Microsoft Edge 136
disabling, on Mozilla Firefox 136, 137
Thunderbird 286
Time to Live (TTL) value 16
tools, for launching social engineering attacks
Maltego 99
Social-Engineer Toolkit (SET) 96-99
Wifiphisher 99
Trusted Platform Module (TPM) 172
Two-Factor Authentication (2FA) 54, 156
TXT records 84
U
Ultimate Boot CD (UBCD) 16
unsecured cameras
risks 70
untroubled.org password generator 175
URL 174
URL encoding 268
USB Rubber Ducky 93
User Event Behavior Analysis (UEBA) 101
Uvrx File Search 114
Uvrx Health Search 116
V
VirtualBox 196
download link 284
virtualization options
Citrix Hypervisor 197
Hyper-V 196
Kernel Virtual Machine (KVM) 197
mobile emulators 197
QEMU 197
Red Hat Virtualization 197
VirtualBox 196
VMware Fusion 197
VMware Workstation 197
VMware Workstation Player 197
virtual machines 196
creating 200
default gateway, configuring in NAT settings 199, 200
DHCP configuration 199
Virtual Network Editor 197, 198
Virtual Private Network (VPN) 15, 29, 122, 161
VLC 287
VMware Fusion 197
VMware Workstation 197
VMware Workstation Player 197
voice over internet protocol (VOIP) 241
benefits 277
point-to-site VPN 276
site-to-site VPN 276
vulnerabilities
creating, to compromise systems 34
VyprDNS 278
VyprVPN 278
reference link 278
W
Wappalyzer technology profiler 82
Wayback Machine 79, 80, 269, 270
web application
Website Attack Vectors 98
WHOIS
personnel information, removing from 67
WHOIS lookup 79
download link 282
Wi-Fi connection 185
Wi-Fi cracking tools 142
Wifiphisher 99
Wi-Fi Protected Access 2 (WPA2) 143
Wi-Fi Protected Access (WPA) 143
Wi-Fi Protected Setup (WPS) 191
Windows 10
privacy and anonymity, improving on 204-207
Wired Equivalent Privacy (WEP) 143
Wireshark 44
X
XP Psiphon 270
Z
zero days 39
zero-trust 45
implementation 161
zombie 46