OSInt, shoe laces and bubble gum: How to use OSInt with limited time and budget to better understand how attackers see your organization
Jamie McMurray, Security Operations Manager for Kobalt will discuss and demonstrate how to use open source intelligence tools to gather combined insight using subdomain enumeration, port scan and service discovery, web screenshots, and typo-squatting domain enumeration.
Limited effort, no budget OSInt that will help you:
Quickly find actionable intelligence
Keep track of changes in available OSInt data, enumeration of internet-facing assets and exposing potential shadow IT
Gain a better sense of combined OSInt and what it tells an attacker, for example:
Cloud Infrastructure Providers (IP ASN)
Email Hosting Providers (MX Record)
SAAS Services (SPF, subdomains, screencapture)
“Hidden” subdomains exposed via CT Logs and other source
Open ports and services
Screen capture of existing domains and known subdomains revealing visual clues about services
Webpage external dependancies which could be used in an attack
Speakers Bio: Jamie has been living the security space for over 15 years, serving in various role. His background in software development and combined experiences as an implementor and defender has helped him drive automation in his security practices and bridge the gap between traditional security operations and modern security devops.