Low Hanging Fruit : Offensive OSINT for Defense

Bio: BosintBlanc is a incident response analyst in the corporate sector and volunteer with the National Child Protection Task Force (NCPTF). In his spare time he loves to learn about OSINT techniques and tactics. He is a firm believer that everything is better with coffee.

Talk Contents: The prevalence and perverseness of search crawlers, data leaks, and social media profiles means that often 80% of the work is done for an attacker. They don’t have to do reconnaissance or compromise systems when Google or a companies employees have done the majority of the work for them. I will talk about how you can use OSINT tools (like Dehashed, hunter.io / Google & Linkedin) and techniques to identify where your organizations weak spots are from an offensive perspective to provide a better defense. This will include a case examples from either a company who provides me permission or a random organization with identifiers redacted.