$350

OSINT for InfoSec: Red Team Recon, Threat Intel, & Attribution

Event Information

Share this event

Date and Time

Location

Location

TEKsystems

200 South College Street

#1200

Charlotte, NC 28202

View Map

Refund Policy

Refund Policy

Refunds up to 30 days before event

Event description

Description

OSINT is amazing and scary! What can be found on the internet astounds me on a daily basis.

Just getting started in the field? This class is perfect for you. Being good at computers is simply knowing how to find an answer on the internet. Learn how to craft better search queries and expertly find answers to strange problems.

But I’m an expert blue teamer, how will OSINT help me? Every blue team should be doing OSINT against their organization to know exactly what their attack surface looks like. It’s surprising just what systems you can find on the public internet or what kind of information your employees are leaking on social media.

Red teamer? Perfect. Use OSINT during your recon phase to find the extra boxes your target forgot about (seriously though, passwords.client.com...) for an easy way in. Perhaps you need to dive deep on an individual to craft the perfect social engineering pre-text.

The main goal of this class is for each student to walk away with a basic understanding of OSINT topics critical to any InfoSec Pro. At the end of two days, you will be able to come up with your own creative ways of using OSINT to hunt for and gather detailed information about a target.


Course Outline

Day 1: Introducing OSINT

Creating Your OSINT Research Environment
-VMs
-Browsers
-Browser extensions
-Tools
-VPNs
-Document everything

OpSec
-VPNs
-Browser Leaks
-LinkedIn
-Persona Creation / Management

Automating OSINT Collection
-Keywords
-Alerting services
-Social Media
-Existing Automation Tools
-APIs / Scripting

Search Engines
-Multiple Search Engines
-Search operators
-Google customized search engines

Social Networks
-Facebook
-Twitter
-LinkedIn
-Instagram
-Other Social Networks

Telephone Numbers
-Reverse Lookups
-VOIP
-Mobile Numbers
-Mobile Emulation

All the Webs and Nets
-Dark / Deep / Dirty
-Tor
-I2P

Day 2: Let's Go Hunting

Threat Intelligence
-Open source IOC sources
-IOC Pivoting
-Hunting for Attribution (Russia, of course)

Hunting Domains / IPs
-DNS and Whois
-IP tools
-Reputation
-Subdomains
-Web Spidering
-Advertising IDs
-Certificates
-Metadata

Hunting Companies
-General Company Info
-Employee Profiling
-Determining a Company's Online Footprint

Hunting People
-Usernames
-People Search Engines
-Email Addresses
-Image Searching
-Property
-Other Public Data


Class Requirements: Students will need to bring their own laptops with the following requirements:

  • You must have admin rights on all of your systems in order to install/remove software, disable antivirus/firewall, etc.

  • VMWare Workstation/Fusion/Player or VirtualBox is highly recommended.

  • Laptops need a reasonable amount of processing power and RAM (4GB of RAM recommended minimum)


About the Instructor: Justin has worked in cyber security for 14 years in various engineering, architecture, and research roles. His day job involves using OSINT techniques to hunt bad guys on the internet. He is currently the Galactic Viceroy of Clicking & Scrolling and occasionally has a global thought. He created and maintains the OSINT Framework (http://osintframework.com) to help others find good free OSINT resources and tools to aid their investigations.

If you have any questions about the class content, please reach out to the teacher on twitter @jnordine

Share with friends

Date and Time

Location

TEKsystems

200 South College Street

#1200

Charlotte, NC 28202

View Map

Refund Policy

Refunds up to 30 days before event

Save This Event

Event Saved