Mobirise

OSINT for Blue Teams

Learn how to discover leaked information from public internet and mitigate risk posed to your organization.

Training Overview

With dynamic and hybrid cloud infrastructures, scattered code and tons of leaked information on public internet, organizations faces a huge threat of data breach. 

Our Hands-on OSINT for Blue Team training covers a wide range of techniques using which your defensive security teams can learn how to safeguard your company's information. 

The training also delivers custom scripts which your engineers can consume and modify for their bespoke requirements.

Offensive

%

Defensive

%

OSINT

%

Course Details

16 Hours (2 days)

Day 1

Introduction to Open Source Intelligence (OSINT)
- Introduction to the Training Lab Environment
- Attack/Defense Methodology
- Red/Blue Team Operations

Scoping and Mapping your Attack Surface - Know your Infrastructure
- ASN ID, IP Lookups, Allocated IP Range Extraction, Domain IP History
- Subdomain Enumeration (WhiteBox and BlackBox)
- Certificate Transparency, Brute Forcing, LDNS Walking
- Scoping the Perimeter (WhiteBox)
- Identifying Organizations Associations
- Cloud Recon
- Cloud Storage Object Enumeration and Scoping
- Art of Making Notes

Organization Data Exposure
- Employee(s) Profiling and Monitoring
- Identifying leaked information on Code Repositories, Dark Web, Paste Sites and Leaked - Data
- Collecting and Querying Internet-wide survey data
- Tech Stack Profiling
- Capturing Screenshots of External Services
- Port Scanning Detection (Active/Passive)
- Listing SSO/Login/Admin/VPN Portal(s)
- Metadata Extraction
- Automating CSE for Dork Matching

Day 2

Attack and Exploitation Techniques
- Attack Planning
- Targeted Credential Spraying
- Business Communication Infrastructure (BCI) Attacks
- Network Service Attacks
- Human Attack Surface

Active Monitoring and Alerting
- Employee Profile Monitoring
- Social Media Monitoring
- Writing custom Python tools for monitoring.
- Paste Alert, Google Alerts, etc.
- Monitoring Job Openings/Forums Discussion
- OSINT Data Aggregating OSINT
- Data Analytics and Visualisation using ELK Setup
- Custom Alerting using Elastalert
- Organization Reputation - Data Leakage
- Monitoring Source Code Aggregators
- Explore Breached Password Databases
- Domain Typosquatting
- CertStream
- Periodic Intelligent Scans
- Identifying Indicators of Compromise (IoCs)
- Tracking IoCs

Defensive OSINT
- Network Monitoring with Threat Intel Feeds
- Data Loss Prevention (DLP)
- MetaData Filtering
- Investigating Attackers
- Custom Module for Datasploit
- Info Gathering using custom Maltego Transforms and Machines
- Continuous Monitoring/Alerting for Organization Breached Passwords  

This course is ideally useful for
* Information Security Managers
* Security Engineers
* QA Engineers / Devs who want to upgrade their skills
* DevOps Engineers
* Blue/Red Teams
* SOC Analysts
* Penetration Testers
* Social Engineers
* Risk Management Professionals
* Anyone with an interest in privacy, social media and OSINT

Send an Inquiry for this Training

Address

RedHunt Labs Limited
Heydon Lodge Flint Cross, Newmarket Road, Heydon, Royston, United Kingdom,
SG8 7PN
Company Number: 11954083 

Contacts

Email: info@redhuntlabs.com
Twitter: @redhuntlabs
Facebook: /redhunt.labs
Phone: +91-9971658929