Jamie McMurray .png

OSInt, shoe laces and bubble gum: How to use OSInt with limited time and budget to better understand how attackers see your organization

Jamie McMurray

Jamie McMurray, Security Operations Manager for Kobalt will discuss and demonstrate how to use open source intelligence tools to gather combined insight using subdomain enumeration, port scan and service discovery, web screenshots, and typo-squatting domain enumeration.

Limited effort, no budget OSInt that will help you:

  • Quickly find actionable intelligence

  • Keep track of changes in available OSInt data, enumeration of internet-facing assets and exposing potential shadow IT

  • Gain a better sense of combined OSInt and what it tells an attacker, for example:

  • Cloud Infrastructure Providers (IP ASN)

  • Email Hosting Providers (MX Record)

  • SAAS Services (SPF, subdomains, screencapture)

  • “Hidden” subdomains exposed via CT Logs and other source

  • Typo-squatting domains

  • Open ports and services

  • Screen capture of existing domains and known subdomains revealing visual clues about services

  • Webpage external dependancies which could be used in an attack

Speakers Bio: Jamie has been living the security space for over 15 years, serving in various role. His background in software development and combined experiences as an implementor and defender has helped him drive automation in his security practices and bridge the gap between traditional security operations and modern security devops.