The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.
Open Source Intelligence (OSINT)
- When: Wednesday, October 18, 2017, 9:00 AM – Thursday, October 19, 2017, 5:00 PM EDT
- Where: University of North Carolina Charlotte 8845 Craver Road Cone Building, Lucus Room Charlotte, NC 28262
- Cost: General tickets are $350. Charlotte ISSA Members can take this course for only $200, a $150 discount!
OSINT is simply amazing. The things that can be found on the internet blow me away on a daily basis.
Just getting started in the field? This class is perfect for you. Everyone knows that being good at computers is simply knowing how to find the answer on the internet. Come learn how to craft better search queries and expertly find the answer to that strange problem no one has been able to solve yet.
But I'm a expert blue teamer, how will OSINT help me? I'm glad you asked! In my opinion every blue team should be doing their own OSINT against their organization to know exactly what their attack surface looks like. You might be surprised just what systems you find on the public internet (OMG what is this passwords.client.com host?) or what kind of information your employees are leaking on social media.
Are you a red teamer? Perfect, you need OSINT for that wonderful recon phase to find those extra boxes that your target forgot about (seriously though, passwords.client.com...) for an easy way in. Perhaps you need to dive deep on a particular individual to craft the perfect social engineering pre-text.
The main goal is to have every student walk away with a basic understanding of OSINT topics critical to any InfoSec Pro. At the end of two days, you should be able to come up with your own creative ways to use OSINT to hunt for your target and discover all the juicy details.
Day 2: Let's Go Hunting
Hunting Domains / IPs
- DNS and Whois
- IP tools
- Web Spidering
- Advertising IDs
- General Company Info
- Employee Profiling
- Determining a Company's Online Footprint
- People Search Engines
- Email Addresses
- Image Searching
- Other Public Data
- Open source IOC sources
- IOC Pivoting
- Hunting for Attribution
Day 1: Introducing OSINT
Creating Your OSINT Research Environment
- Browser extensions
- Document everything
- Browser Leaks
- Persona Creation / Management
Automating OSINT Collection
- Alerting services
- Social Media
- Existing Automation Tools
- APIs / Scripting
- Multiple Search Engines
- Search operators
- Google customized search engines
- Other Social Networks
- Reverse Lookups
- Mobile Numbers
- Mobile Emulation
All the Webs and Nets
- Dark / Deep / Dirty
Students will need to bring their own laptops with the following requirements:
VMWare Workstation/Fusion/Player or VirtualBox
Laptops need enough processing power and RAM (4GB of RAM recommended minimum) to run up to 2 virtual machines at the same time.
You must have admin rights on all of your systems in order to install/remove software, disable antivirus/firewall, etc.
Please be aware that VM installation instructions will be sent after registration.
About the Instructor
Justin has worked in cyber security for 13 years in various engineering, architecture, and research roles. His day job involves using OSINT techniques to hunt bad guys on the internet. He is currently the Galactic Viceroy of Clicking & Scrolling and occasionally has a global thought. He created and maintains the OSINT Framework (http://osintframework.com) to help others find good free OSINT resources and tools to aid their investigations.
Charlotte ISSA Annual Summit 2017 Recap
Lee Holmes (@lee_holmes) is the lead security architect of Microsoft's Azure Management group, covering Azure Stack, System Center, and Operations Management Suite. He is author of the Windows PowerShell Cookbook, and an original member of the PowerShell development team.
Will Schroeder (@harmj0y) is a offensive engineer and red teamer. He is a co-founder of Empire/Empyre, BloodHound, and the Veil-Framework, developed PowerView and PowerUp, is an active developer on the PowerSploit project, and is a Microsoft PowerShell MVP. He has presented at a number of conferences, including DEF CON, DerbyCon, Troopers, BlueHat Israel, and various Security BSides.
Chris Nickerson, CEO of LARES, is an 18+ yr veteran of the Cyber Security industry. His main area of expertise is focused on real world Attack Modeling, Red Team testing and Adversarial Simulation. Mr Nickerson has held Sr. positions at Arrow Electronics, KPMG, and Sprint providing security testing and recommendations to corporations worldwide. He is a founder of the BSides security conference series and PTES (the first community written penetration testing execution standard). Having spoken at most major Information Security conference in the world, Mr. Nickerson is a also a TED speaker alumni. He was a featured member of the TrueTv series “Tiger Team” and author of the upcoming Red Team Testing book published by Elsevier.