The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.

Past Training

OSINT for InfoSec: Red Team Recon, Threat Intel, & Attribution

  • When: Wednesday, October 18, 2017, 9:00 AM – Thursday, October 19, 2017, 5:00 PM EDT

Course Description

OSINT is simply amazing. The things that can be found on the internet blow me away on a daily basis. 

Just getting started in the field? This class is perfect for you. Everyone knows that being good at computers is simply knowing how to find the answer on the internet. Come learn how to craft better search queries and expertly find the answer to that strange problem no one has been able to solve yet. 

But I'm a expert blue teamer, how will OSINT help me? I'm glad you asked! In my opinion every blue team should be doing their own OSINT against their organization to know exactly what their attack surface looks like. You might be surprised just what systems you find on the public internet (OMG what is this host?) or what kind of information your employees are leaking on social media. 

Are you a red teamer? Perfect, you need OSINT for that wonderful recon phase to find those extra boxes that your target forgot about (seriously though, for an easy way in. Perhaps you need to dive deep on a particular individual to craft the perfect social engineering pre-text. 

The main goal is to have every student walk away with a basic understanding of OSINT topics critical to any InfoSec Pro. At the end of two days, you should be able to come up with your own creative ways to use OSINT to hunt for your target and discover all the juicy details.

Day 2: Let's Go Hunting

Hunting Domains / IPs 

  • DNS and Whois 
  • IP tools 
  • Reputation 
  • Subdomains 
  • Web Spidering 
  • Advertising IDs 
  • Certificates 
  • Metadata 

Hunting Companies 

  • General Company Info 
  • Employee Profiling 
  • Determining a Company's Online Footprint 

Hunting People 

  • Usernames 
  • People Search Engines 
  • Email Addresses 
  • Image Searching 
  • Property 
  • Other Public Data 

Threat Intelligence 

  • Open source IOC sources 
  • IOC Pivoting 
  • Hunting for Attribution 











Day 1: Introducing OSINT

Creating Your OSINT Research Environment 

  • VMs 
  • Browsers 
  • Browser extensions 
  • Tools 
  • VPNs 
  • Document everything 


  • VPNs 
  • Browser Leaks 
  • LinkedIn 
  • Persona Creation / Management 

Automating OSINT Collection 

  • Keywords 
  • Alerting services 
  • Social Media 
  • Existing Automation Tools 
  • APIs / Scripting 

Search Engines 

  • Multiple Search Engines 
  • Search operators 
  • Google customized search engines 

Social Networks 

  • Facebook 
  • Twitter 
  • LinkedIn 
  • Instagram 
  • Other Social Networks 

Telephone Numbers 

  • Reverse Lookups 
  • VOIP 
  • Mobile Numbers 
  • Mobile Emulation 

All the Webs and Nets 

  • Dark / Deep / Dirty 
  • Tor
  • I2P

About the Instructor

Justin has worked in cyber security for 13 years in various engineering, architecture, and research roles. His day job involves using OSINT techniques to hunt bad guys on the internet. He is currently the Galactic Viceroy of Clicking & Scrolling and occasionally has a global thought. He created and maintains the OSINT Framework ( to help others find good free OSINT resources and tools to aid their investigations.

Charlotte ISSA would like to thank our generous sponsors

Platinum Sponsors

Gold Sponsors

Silver Sponsors