New Video: Moving Past Just Googling It: Harvesting and Using OSINT

  • Micah Hoffman is back! This time with the SANS institute

    Every single day we use search engines to look for things on the internet. Defenders research a domain or IP that contains malware. Attackers look for email addresses for an upcoming phishing campaign. DFIR people examine locations and usernames that they acquired from a subject’s computer. Policy and compliance people examine the risk that employees in their organizations might bring to work. Recruiters scour the internet looking for candidates. And “normal people” shop, date, geolocate, post, tweet, and otherwise send a huge amount of data to the public internet. While search engines harvest, store, and index billions of web site data points every day, there is much they do not contain. These pieces of OSINT data can, when put in perspective and analyzed, reveal target geolocations, friends and associates, alcohol consumption, user passwords, and more. This talk will be a series of hands on, live demos where we put our OSINT skills to work in unconventional places to harvest this unindexed OSINT data. Using free web sites, built in web browser tools, and free python scripts, Micah will show attendees how to harvest data from social media applications, the “whois” system, and from breach data that will not appear in search engine results. Students will gain a better understanding of JSON, APIs, reverse whois, and how to run python tools. Come join Micah as he examines how to move beyond “Googling it” in your personal and professional lives.

    Video is available in the Learning section on the video page.

    #3620
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.

Copyright © 2020 Investigators Toolbox. All rights reserved

New Report

Close