Data mining is the computing process of finding patterns in large data collections including methods at the intersection of machine learning, statistics, and database systems. A basic process where intelligent methods are used to extract data patterns.
In a penetration testing, the overall purpose is to show the impact of the vulnerability, and this can be done most of the times by presenting the client with critical data. Data mining is a post-exploitation process in which penetration testers explore the compromised machines for sensitive customer data. Not only will this process help us explain to the customer the impact of successful intrusions, but it will also help us further exploit the target network.
The common kind of data that we would be looking for would be saved e-mails and passwords, client contracts, data about the systems, and any other secret data. The popular targets would be file servers, home directories, shared drives, databases, etc.
One of the most popular tools that have been used for data mining is Maltego, which is proprietary software used for open-source intelligence and forensics. The tool focuses on giving a library of transforms for the discovery of data from open sources. It’s an interactive data mining tool that renders directed graphs for link analysis.