Back to timeline

OSINT for Indian Citizens

c0c0n 2018


Abstract Talk

Ever wondered what kind of data is available about you in public? Ever thought how people are able to get hold of your data so easily? Ever thought why people warn about not sharing your data too much? Ever wondered why EU brought GDPR and what would happen if such a law is passed in INDIA.

When we look at the field of OpenSource Intelligence and specifically personal data most of the portals at this point target US Citizens. However is that the only country which exposes information about its own citizens to public. I beg to differ in this context.

This presentation will cover various personal information gathering techniques which can be used to gather information for a Indian resident by various portals and avenues available online.

Some of these were portals identified by the author and a large number of them are gathered via community efforts. The main objective of this presentation is to bring about awareness of what kind of data is exposed and available for everyone specifically about an Indian citizen and specially leaked or disclosed via Indian government operated websites. We will be looking at India centric websites and privacy rights and policies that they hold for Indian citizens. Primary focus is on government websites but we will also be exploring other web applications available online which are focused in India and might be exposing information about Indian citizens.

Just so we are clear this is nothing illegal. we are not going to hack any website or cross any privilege borders. we will not be exposing any zero days we will be talking about legitimate functionality exposed by various portals and legitimate use of those functionalities to perform our task.

Note: Slides withheld for privacy reasons