A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Digital Intelligence Gathering: Using the Powers of OSINT for Both Blue and Red Teams - Ethan Dodge, Brian Warehime BSides San Francisco 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Digital Intelligence Gathering: Using the Powers of OSINT for Both Blue and Red Teams
Ethan Dodge, Brian Warehime
BSides San Francisco 2016

In today's age everyone puts everything on the Internet. Not only can this present a personal threat, it can also introduce tangential risk to your organization. Seemingly innocent public displays of company pride, human error, and all-to-descriptive LinkedIn profiles are all interconnected pieces of information that can be leveraged by both attackers and defenders in the ongoing battle between red and blue.In this presentation we'll explain and demo how we've leveraged Twitter, Instagram, Google Maps, Whitepages.com, court case records and property records to automate and assist in OSINT discovery. We have integrated it all together in a single custom application, coupled all this with the power of Maltego. These custom transforms can easily be used to identify potential insider threats within your organization, prepare for a red team engagement, or to simply dox all your friends. We will discuss the benefits of this information from both an attacker and defender’s point of view.

Back to BSides San Francisco 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast