Infosec Recon using Open Source Intelligence (OSINT)
NO REMOTE OPTION | ONLY OFFERED ONSITE IN CALIFORNIA
Saturday, June 16, 2018 1000a – 500p
This is a hands-on workshop where you will put into practice those things you may have read about or covered in a class. Our workshops are intended for you to leave with working knowledge of the topic, whether you'll be taking it back to the office or if you're applying for a new job. This is also a great opportunity to meet other like-minded women and to keep your skills fresh if you're a veteran! You will also earn continuing education credits towards your certification renewal.
Level 100 courses are designed for students with little to no previous IT Security experience, or no experience in the topic(s) being covered. These courses are meant to be introductory level, or provide the training for entry level certifications.
Level 200 courses are designed for students with some security experience, looking to advance or learn in new topics.
Level 300 courses are designed to offer expert level courses and training on specific topics. Typically, a general understanding and knowledge of the topic being presented is an expected prerequisite.
**No one is excluded from attending a course at a level higher than their current experience. However, the course will move at the pace designed for the level of the course.
Where do I fit? See full description here
This workshop will focus on teaching the ins and outs of Open Source Intelligence (OSINT) gathering. Open source intelligence gathering is a skill that can be used in many ways, including recon during penetration tests, social engineering engagements and threat assessments. Participants will spend the first portion of the morning learning the overall methodology of an OSINT assessment. We will talk about various tools, tricks and tip, as well as discuss the ways in which OSINT can be applied to creatively solve problems.
During this phase, the instructor will explain the process used, and some best practices for documenting findings. We will go over various online records sites that can be leveraged to gain information about people, companies and technical infrastructure. We will also touch on ways in which these resources can be used programmatically by utilizing APIs.
This will be followed up with a deep dive into some of the more robust frameworks relied on by OSINT professionals, including Recon-NG and Maltego, two open source OSINT frameworks. During this period, participants will be hands-on, following along with the instructor on their own computers. We will go through various methods for gathering information, pivoting off that information, and documenting findings.
After lunch, participants will break into teams and leverage the skills gained from the morning session to perform their own assessments on an assigned target. At the end of the day, we will go over one team’s assessment and walk through the various methods used. We will compare their assessment against an assessment done by the instructor and discuss the differences.
Objectives – What You Will Leave Knowing
OSINT methodology and investigation techniques
Use of industry tools
Understanding of online investigation resources
Industry best practices for reporting
Emily Chance is an information security consultant to small/medium businesses and private clients. She frequently leverages OSINT skills to perform threat assessments, giving her clients an overview of threat vectors impacting their business and formulating plans for how to mitigate them. She has eight years of consulting experience, and has spoken at local infosec conferences. She is also an active member of the DEFCON562 group, where she is a semi-regular presenter. She lives in Los Angeles with her two dogs, Qbert and Kirby.
Prerequisites – What You’re Expected to Know
Basic understanding of search engine queries (how to do google, bing, etc searches)
Understanding of how to install browser plugins
Understanding of basic linux commands
1000-1030 Meet ‘n greet/setup
130-430 Group assessment
430-500 Assessment walk-through
A link to materials will be provided after registration.
Remote and Male Associate Member Participation:
This workshop is not available online.
Full/Student/Military Member: $ 80
Associate Member and Remote Attendee: $ NA
Non-Member: $ 120
Early bird: 20% off ends June
9415 Culver Blvd,
Culver City, CA 90232
WE ONLY HAVE ROOM FOR 20 ONSITE, SO REGISTER EARLY!