Information Gathering, the very first phase of any Risk Assessment Exercise, is often underestimated by many security professionals. Every pentester’s arsenal should, however, include Open Source Intelligence (OSINT) and active reconnaissance for an effective assessment and measure the security posture against real-world adversaries. This training not only talks about using OSINT to extract data but also focuses on the significance of this data and how it could be directly enriched and used offensively for attacking and compromising Modern Digital Infrastructures.

The training will cover topics like Mapping the Attack Surface, Enriching Collected Data, Tech Stack Enumeration, Cloud Recon, Processing and Querying Mass Data, Employee Profiling, Identifying Hidden Injection Points, Credential Spraying, Compromising Federation Server, Exploiting Domain Trust, Social Engineering, and much more. Participants will perform real-life attack scenarios in our lab having a Forest Environment expanding over segregated Domains to compromise various services. Also, using the Social Engineering and Human aspect of OSINT, students will be guided to compromise the segregated domain environment which otherwise is unreachable through the previously compromised domain. The training will not only cover these topics but will also go in-depth on how OSINT techniques can be chained together and even a small piece of information can lead to catastrophic damage to an organization.

The ultimate objective of this 2 Days Hands-On training program is to bring together the mindset and the artillery of a modern adversary to ultimately make the organization resilient. The students will be provided with a framework to manage and prioritize all the data collected during the course. A 100% Hybrid-Cloud Based Private ONE MONTH LAB ACCESS will also be provided to each participant where they can practice the skills learned during the course.