The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.
OSINT for InfoSec: Red Team Recon, Threat Intel, & Attribution
- When: Wednesday, October 18, 2017, 9:00 AM – Thursday, October 19, 2017, 5:00 PM EDT
- Where: University of North Carolina Charlotte 8845 Craver Road Cone Building, Lucus Room Charlotte, NC 28262
- Cost: General tickets are $350. Charlotte ISSA Members can take this course for only $200, a $150 discount!
OSINT is simply amazing. The things that can be found on the internet blow me away on a daily basis.
Just getting started in the field? This class is perfect for you. Everyone knows that being good at computers is simply knowing how to find the answer on the internet. Come learn how to craft better search queries and expertly find the answer to that strange problem no one has been able to solve yet.
But I'm a expert blue teamer, how will OSINT help me? I'm glad you asked! In my opinion every blue team should be doing their own OSINT against their organization to know exactly what their attack surface looks like. You might be surprised just what systems you find on the public internet (OMG what is this passwords.client.com host?) or what kind of information your employees are leaking on social media.
Are you a red teamer? Perfect, you need OSINT for that wonderful recon phase to find those extra boxes that your target forgot about (seriously though, passwords.client.com...) for an easy way in. Perhaps you need to dive deep on a particular individual to craft the perfect social engineering pre-text.
The main goal is to have every student walk away with a basic understanding of OSINT topics critical to any InfoSec Pro. At the end of two days, you should be able to come up with your own creative ways to use OSINT to hunt for your target and discover all the juicy details.
Day 2: Let's Go Hunting
Hunting Domains / IPs
- DNS and Whois
- IP tools
- Web Spidering
- Advertising IDs
- General Company Info
- Employee Profiling
- Determining a Company's Online Footprint
- People Search Engines
- Email Addresses
- Image Searching
- Other Public Data
- Open source IOC sources
- IOC Pivoting
- Hunting for Attribution
Day 1: Introducing OSINT
Creating Your OSINT Research Environment
- Browser extensions
- Document everything
- Browser Leaks
- Persona Creation / Management
Automating OSINT Collection
- Alerting services
- Social Media
- Existing Automation Tools
- APIs / Scripting
- Multiple Search Engines
- Search operators
- Google customized search engines
- Other Social Networks
- Reverse Lookups
- Mobile Numbers
- Mobile Emulation
All the Webs and Nets
- Dark / Deep / Dirty
Students will need to bring their own laptops with the following requirements:
VMWare Workstation/Fusion/Player or VirtualBox
Laptops need enough processing power and RAM (4GB of RAM recommended minimum) to run up to 2 virtual machines at the same time.
You must have admin rights on all of your systems in order to install/remove software, disable antivirus/firewall, etc.
Please be aware that VM installation instructions will be sent after registration.
About the Instructor
Justin has worked in cyber security for 13 years in various engineering, architecture, and research roles. His day job involves using OSINT techniques to hunt bad guys on the internet. He is currently the Galactic Viceroy of Clicking & Scrolling and occasionally has a global thought. He created and maintains the OSINT Framework (http://osintframework.com) to help others find good free OSINT resources and tools to aid their investigations.