OSINT, Recon, Dark Web & Threat Intel Talks, You Can’t Miss This Hacker Summer Camp

Every year, Hacker Summer Camp brings together the folks who live at the edge of visibility. If you care about mapping exposures, monitoring threats, and staying three steps ahead of adversaries, this is the place to be. From Black Hat’s big-stage narratives to DEF CON’s underground playbooks, this year’s agenda is stacked with real-world tactics in OSINT, recon, threat intel, and dark web research.

This isn’t just about listening to talks. It’s about seeing how the best are building and breaking, learning how others are operationalizing intel into defense, and walking away with stuff you can plug into your own workflows the moment you get back.

Why These Events Matter

Exposure isn’t theoretical anymore. It’s real, measurable, and moving faster than most orgs can keep up with. And the root of solving that? Visibility. That’s where OSINT, recon, and intel come in.

The talks we’ve picked here focus on uncovering what attackers already know about you. From mapping your attack surface in real time to harvesting dark web signals before breaches hit the news, the sessions below go beyond buzzwords.

Here’s a curated list to make your planning easier, go through it, lock in your picks, and make sure your calendar’s up to date.

Top Talks to Attend @ Black Hat USA & DEF CON 33

1. Kill List: Hacking an Assassination Site on the Dark Web (DEF CON) 🔗
Speakers: Carl Miller, Chris Monteiro
Why attend: A real-world case study on tracking and disrupting a dark web operation. Walks through actor tradecraft, evidence handling, and coordinated takedown efforts. Valuable for anyone building dark web collection or disruption playbooks.
When: Aug 10, 11:00 AM at LVCC Track 5

2. Making CTEM Reality: Exposure Management in Practice (Black Hat Sponsored) 🔗
Speakers: Koby Bar, Gopi Krisha Boyinapalli
Why attend: Great session if you’re rolling out CTEM internally or struggling to get org-wide alignment. Focuses on prerequisites, cadence, data source selection, and tooling comparisons.
When: Aug 6, 11:25am at Business Hall Theater E

3. Is Your CTEM Money‑Minded? (Black Hat) 🔗
Speaker: Richard Seiersen (Qualys)
Why attend: Executive framing of CTEM that moves beyond asset lists. Learn how to map exposure to actual business impact, and how to start thinking in terms of risk surfaces, not just attack surfaces.
When: Aug 6, 12:15 PM at Oceanside A, Level 2

4. Navigating the Invisible: Maritime OSINT (DEF CON) 🔗
Speakers: Mehmet Önder Key (Self), Furkan Aydogan (UNCW)
Why attend: If you’re into sector-specific OSINT or curious about asset visibility in high-noise environments, this one is for you. Walks through mapping surface infra at sea using public data.
When: Aug 9, 4:30 PM at LVCC Creator Stage 3

5. State of the POPs: Mapping the Digital Waters (DEF CON) 🔗
Speakers: Vlatko Kosturjak (Marlink Cyber), MJ Casado
Why attend: Covers heuristics and visual models for mapping infrastructure. Great for CTEM teams trying to improve asset inventory and reduce blind spots.
When: Aug 9, 4:00 PM at LVCC Creator Stage 2

6. From Pwn to Plan: Turning Physical Exploits Into Upgrades (DEF CON) 🔗
Speaker: Shawn
Why attend: Tracks the full journey from recon to remediation in physical environments. Solid example of how to drive fixes using evidence and metrics.
When: Aug 9, 12:00 PM at LVCC Creator Stage 2

7. Access Everywhere: OSINT Footprint and Obfuscation (DEF CON) 🔗
Speaker: Meghan Jacquot
Why attend: Build your own personal or brand exposure baseline and walk away with a checklist to reduce it. Particularly useful for folks managing high-risk users or execs.
When: Aug 9, 10:15 AM at LVCC Comm Stage

8. Weaponizing Trust: Threat Actor Targeting Researchers (DEF CON) 🔗
Speakers: Christophe Tafani-Dereeper, Matt Muir
Why attend: Focused on how researchers are being targeted. If you’re in the public eye, this talk is a wake-up call.
When: Aug 8, 1:30 PM at LVCC Track 5

9. OSINT Enabled Ghost Mode: Counter-Surveillance for Everyday People Like Us (DEFCON) 🔗
Speaker: Desiree Wilson
Why attend: Learn how to protect your digital footprint using OSINT and practical counter-surveillance tips. This session is packed with real-world strategies anyone can use.
When: Aug 10, Sunday 11:00 for 45 minutes, at LVCC – L1 – EHW4 – C105 (Comm Stage) 

10. Supercharging Threat Intelligence with AI (The Diana Initiative) 🔗
Speakers: Omkar Nimbalkar and Sai Kiran Uppu
Why attend: This lightning talk hits hard on one of the biggest current challenges, drowning in threat data and slow enrichment cycles.
When: Aug 5, 4:30 PM at The Diana Initiative, Track 1 (208A)

Tools You Should Check Out @ Black Hat Arsenal USA

1. Varunastra: Securing the Depths of Docker V2 🔗
Container recon and exposure detection tool built for CTEM teams. Secret detection, CVE scans, SAST, and clear reporting.
When: Aug 6, 10:00 AM at Arsenal Station 8

2. Ghost Scout – Phishing AI Agent 🔗
AI-powered recon that builds phishing profiles. Useful to understand how attackers use OSINT to craft personalized phish.
When: Aug 6, 3:00 PM at Arsenal Station 6

3. DataTrap – AI-Based Honeypot for Threat Intel 🔗
Not strictly OSINT, but this honeypot captures attacker TTPs in the wild and feeds into your detection and threat intel stack.
When: Aug 6, 3:00 PM at Arsenal Station 8

Villages That Deserve Your Time @ DEF CON 33

1. Recon Village (DEF CON 33) 🔗
This is where the recon tribe lives. You’ll find talks, GEOSINT demos, and live recon happening throughout August 8th to 10th. Talks to highlight here:

• Keynote: Attack Surface in Motion: Why Today’s Threats Don’t Knock First 🔗
  Muslim Koser
  
• Inside the Shadows: Tracking RaaS Crews 🔗
  John Dilgen
  Focused on operationalizing dark web insights to track ransomware groups like Black Basta.
  
• How to Become One of Them: Deep Cover in Cybercrime Forums 🔗
  Speakers: Sean Jones and Kaloyan Ivanov
  Walks through deep-cover HUMINT ops inside criminal spaces. Covers persona building, OPSEC, and ethical red lines.

And don’t miss:

• Live Recon Contest 🔗
  Two-day, real-time reconnaissance challenge scoped around in-scope companies. Contestants submit findings and present to judges like NahamSec and Daniel Miessler.If you want to test your recon game under pressure or see how pros work fast and clean, this is the event.
  When: Aug 8 and 9 @ Recon Village

2. Red Team Village (DEF CON 33) 🔗
Learn how to extract product and service info using DNS records. TXT scanning at scale, rate limiting, and mapping outputs back to owners. Two important tracks to not miss while you’re there:

• DNS-Based OSINT Tactics for Service Discovery 🔗 ft. Rishi Chudasama
  Learn large-scale scanning with TXT records to find hidden products and services.
  When: Aug 9, 11:00 AM
  
• Adversary Intel Lab: Build Your First Threat Emulation Plan 🔗 ft. Fredrik Sandstrom
  Move from raw intel to actual emulation plans. Teaches mapping actor TTPs into your own testing.
  When: Aug 8, 2:00 PM

3. Bug Bounty Village (DEF CON 33) 🔗
Not just for hunters. If you care about how adversaries are finding your exposures in the wild, and want to understand how real attackers find your exposures, or you’re building attack surface maps based on bounty reports, stop by. Two talks to highlight here:

• Secret Life of an Automationist: Engineering the Hunt 🔗
  Speaker: Gunnar Andrews
  This talk breaks down real lessons, tools, and pitfalls from years of hands-on experience, perfect for anyone looking to turn bug bounty into an engineering game.
  When: Aug 8, Friday 10:00 for 30 minutes, at LVCC – L2 – W229 (Creator Stage 5) 
  
• Hacking at Scale with AI Agents: Building an Autonomous Bug Bounty Hunter 🔗
  Speaker: Vanshal Gaur
  Learn how an autonomous agent was built to scan, recon, and find bugs across thousands of targets. A must-attend for bug hunters curious about scaling with AI.
  When: Aug 10, Sunday 11:00 for 30 minutes, at LVCC – L2 – W232 (Creator Stage 2)

Pro Tips Before You Go

• Arrive Early: These rooms get packed and some fill up 20 minutes before the talk starts.
• Bring Questions: Speakers often drop bonus insights during Q&A that aren’t in the slides.
• Follow Speakers on X or LinkedIn: Many of them share slides, tools, or references after their sessions.

Got a Talk We Missed?

Bookmark this post. Share it with your team. Send it to that one friend who always scrambles to plan their con schedule the night before. And if there’s a must-attend talk we missed, drop it in the comments or tag us in LinkedIn 🔗. Let’s help each other get the most out of Hacker Summer Camp.

See you in Vegas. And if you’re near Recon Village, stop by. You’ll find some of the sharpest minds in the recon world, and maybe even a few surprise tools in action.