This is essentially the same course offered at BH 2013. The course is broken into two days. Day One focuses on learning the various tools and websites that can be used to gather OSINT. Spiders, metadata, Maltego, social media API's, automated tools and services will all be covered, with live demos. We then cover organizing the data, making correlations, and identifying often overlooked sources of information. The class then covers Maltego (and Netglub), examines transforms, and then learns how to write transforms in a class exercise. Students then take their newly written transform and put it to work. The second day consists mainly of hands-on exercises, as well as a deeper dive into some of the tools reviewed in day one. The afternoon will be a condensed OSINT exercise, where teams compete to build the best dossier on a target company.
Unlike most OSINT classes, our students will get hands-on experience with leading edge tools, receive copies of unpublished transforms, and learn how to develop their own OSINT tools.
Information security professionals, penetration testers, corporate intelligence offices, competitive intelligence professionals, LEO/MIL
There are no basic student reqs other than having a basic understanding of current internet technology and good computer skills. Basic programming or scripting skills nice to have but not mandatory.
Laptop with VMWare running Community version of Maltego
DVD/USB with all required tools
Shane MacDougall has been involved in the infosec industry since 1989. He has been a pentester, auditor, defender, and researcher. Shane has presented at security conferences around the world, including Black Hat EU, Black Hat Abu Dhabi, BSidesLV, and ToorCon. He is also a two time winner of the DEFCON social engineering CTF competition, and his book Practical OSINT and Social Engineering will be published in 2014 by No Starch Press.
