OSINT for Blue Teams

Our Advanced Training, Focused on Pen-testers, RedTeams and & Offensive Security Professionals.

Deliverables

  • Custom Student Machine
  • Slide Deck
  • Recon/OSINT and Pentest Cheat Sheets
  • Custom Scripts
  • Answers to Lab Exercises

Who Should Attend?

  • Information Security Managers
  • Security Engineer
  • QA Engineers / Devs
  • SOC Analysts
  • DevOps Engineers
  • Risk Management Professionals

Duration?

2 Days

Overview

With dynamic and hybrid cloud infrastructures, scattered code and tons of leaked information on public internet, organizations faces a huge threat of data breach. 

Our Hands-on OSINT for Blue Team training covers a wide range of techniques using which your defensive security teams can learn how to safeguard your company’s information. 

The training also delivers custom scripts which your engineers can consume and modify for their bespoke requirements.

Course Content

Day 1

Introduction to Open Source Intelligence (OSINT)
– Introduction to the Training Lab Environment
– Attack/Defense Methodology
– Red/Blue Team Operations

Scoping and Mapping your Attack Surface – Know your Infrastructure
– ASN ID, IP Lookups, Allocated IP Range Extraction, Domain IP History
– Subdomain Enumeration (WhiteBox and BlackBox)
– Certificate Transparency, Brute Forcing, LDNS Walking
– Scoping the Perimeter (WhiteBox)
– Identifying Organizations Associations
– Cloud Recon
– Cloud Storage Object Enumeration and Scoping
– Art of Making Notes

Organization Data Exposure
– Employee(s) Profiling and Monitoring
– Identifying leaked information on Code Repositories, Dark Web, Paste Sites and Leaked – Data
– Collecting and Querying Internet-wide survey data
– Tech Stack Profiling
– Capturing Screenshots of External Services
– Port Scanning Detection (Active/Passive)
– Listing SSO/Login/Admin/VPN Portal(s)
– Metadata Extraction
– Automating CSE for Dork Matching

Day 2

Active Monitoring and Alerting
– Employee Profile Monitoring
– Social Media Monitoring
– Writing custom Python tools for monitoring.
– Paste Alert, Google Alerts, etc.
– Monitoring Job Openings/Forums Discussion
– OSINT Data Aggregating OSINT
– Data Analytics and Visualisation using ELK Setup
– Custom Alerting using Elastalert
– Organization Reputation – Data Leakage
– Monitoring Source Code Aggregators
– Explore Breached Password Databases
– Domain Typosquatting
– CertStream
– Periodic Intelligent Scans
– Identifying Indicators of Compromise (IoCs)
– Tracking IoCs


Defensive OSINT
– Network Monitoring with Threat Intel Feeds
– Data Loss Prevention (DLP)
– MetaData Filtering
– Investigating Attackers
– Custom Module for Datasploit
– Info Gathering using custom Maltego Transforms and Machines
– Continuous Monitoring/Alerting for Organization Breached Passwords

Upcoming Training Sessions

Nolacon 2020

nolacon2020_
Offensive Recon
OSINT and Attack Methodologies
Date: 13th - 14th May, 2020
Duration: 2 Days
Venue: M 800, Iberville St, New Orleans, LA 70113

HackMiami 2020

hackmiami-conference-2020-904x760-1
Offensive Recon
OSINT and Attack Methodologies
Date: 29th May, 2020
Duration: 1 Day
Venue: The Venue 100 S Andrews Ave, Ft Lauderdale, FL 33301

BlackHat USA (Online) 2020

blackhat-usa-2018-jpg-1200627-1206x1009-1
Tactical OSINT for Pentesters
2020 Edition
Date: 1st-2nd August 2020&
3-4th August 2020
Duration: 2 Days (Twice)
Venue: Mandalay Bay, Las Vegas, USA

Upcoming Training Sessions

Nolacon 2020

nolacon2020_
Offensive Recon
OSINT and Attack Methodologies
Date: 13th - 14th May, 2020
Duration: 2 Days
Venue: M 800, Iberville St, New Orleans, LA 70113

HackMiami 2020

hackmiami-conference-2020-904x760-1
Offensive Recon
OSINT and Attack Methodologies
Date: 29th May, 2020
Duration: 1 Day
Venue: The Venue 100 S Andrews Ave, Ft Lauderdale, FL 33301

BlackHat USA (Online) 2020

blackhat-usa-2018-jpg-1200627-1206x1009-1
Tactical OSINT for Pentesters
2020 Edition
Date: 1st-2nd August 2020&
3-4th August 2020
Duration: 2 Days (Twice)
Venue: Mandalay Bay, Las Vegas, USA

Get in touch.