Presentation at Pasadena City College on Maltego. This week focuses on OSINT and conducting an investigation with advanced tools. We learn the importance of framing an investigation and walk beginners through the steps of a sample investigation.
Presentation at Pasadena City College on Maltego. This week focuses on OSINT and conducting an investigation with advanced tools. We learn the importance of framing an investigation and walk beginners through the steps of a sample investigation.
Every single day we use search engines to look for things on the internet. Defenders research a domain or IP that contains malware. Attackers look for email addresses for an upcoming phishing campaign. DFIR people examine locations and usernames that they acquired from a subjects computer. Policy and compliance people examine the risk that employees in their organizations might bring to work. Recruiters scour the internet looking for candidates. And «normal people» shop, date, geolocate, post, tweet, and otherwise send a huge amount of data to the public internet.
While search engines harvest, store, and index billions of web site data points every day, there is much they do not contain. These pieces of OSINT data can, when put in perspective and analyzed, reveal target geolocations, friends and associates, alcohol consumption, user passwords, and more. This talk will be a series of hands on, live demos where we put our OSINT skills to work in unconventional places to harvest this unindexed OSINT data.
Using free web sites, built in web browser tools, and free python scripts, Micah will show attendees how to harvest data from social media applications, the «whois» system, and from breach data that will not appear in search engine results. Students will gain a better understanding of JSON, APIs, reverse whois, and how to run python tools.
Come join Micah as he examines how to move beyond «Googling it» in your personal and professional lives.
Speaker Bio
Micah Hoffman has been active in the information technology field since 1998, working with federal government, commercial, and internal customers to discover and quantify cybersecurity weaknesses within their organizations. As a highly active member of the cybersecurity and OSINT communities, Micah uses his real-world Open-Source Intelligence (OSINT), penetration testing, and incident response experience to provide customized solutions to his customers and comprehensive instruction to his students.
Over the years, Micah has conducted cyber-related tasks like penetration testing, OSINT investigations, APT hunting, and risk assessments for government, internal, and commercial customers. Micahs SANS coursework, cybersecurity expertise, and inherent love of teaching eventually pulled him toward an instructional role, and hes been a SANS Certified Instructor since 2013. Hes the author of the SANS course SEC487: Open Source Intelligence Gathering and Analysis, and also teaches both SEC542: Web App Penetration Testing and Ethical Hacking and SEC567: Social Engineering for Penetration Testers.
There’s a lot of talk about data breaches but not much is discussed about where the data ends up and how it can be used for good. In this low-key talk, we’ll discuss where breach data ends up, how you can find copies of it, and most importantly, how you can use it to further your security goals. We’ll discuss how it can benefit blue teams/threat intel shops, pen testers, OSINT researchers and even DFIR practitioners.
Matt Edmondson @matt0177, Certified Instructor, SANS Institute
OSINT is an essential tool for any investigator or ethical hacker. Today, well start with only a photo of an unknown subject, and string together OSINT tools to locate them on a US sanctions list.
Sign up for our e-mail alerts to stay updated when we go live
Do you want to know how to build a top-ranked competitive hacking team? Its all about the system. In sports, we understand systems that coaches can use to build a system for identifying talent, recruiting them, training them up, and competing in big games. Learn our proven system for building an elite team of hackers that win DEFCON. Its surprisingly easy, but not what youd think.