Loading Events

« All Events

  • This event has passed.

2-3 August, 2021 – VIRTUAL Practical OSINT for Social Engineers at Black Hat

August 2 @ 9:00 am - August 3 @ 6:00 pm

$3,300

Information is the lifeblood of the social engineer. Without the right techniques, it can be difficult to navigate through the vast amount of information available. Our aim is to provide students with all the necessary techniques to enhance their ability to practice social engineering. This course will teach each student the common tips and tricks used by professional social engineering penetration testers at Social-Engineer, LLC. Course participation will guide you from start to finish on how to prepare and run a social engineering focused intelligence investigation. Engaging in multiple challenges, skills evaluations, and even a complete team challenge, will solidify each student’s ability to apply acquired information to planning and launching realistic SE (Social Engineering) scenarios as we do for our clientele daily.

Reserve your spot here!

MODULE 1: INTRODUCTION TO PRACTICAL OSINT FOR SOCIAL ENGINEERS

  • Before We Begin
  • Legal Stuff
  • How To Approach This Course

MODULE 2: WHAT IS OSINT?

  • What is Useful & How Can OSINT Be Used?
  • Documenting, Storing, and Cataloging
  • How Do You Document Information You Find

MODULE 3: NON-TECH OSINT

  • Dumpster Diving
  • The Law
  • The Study of Garbage
  • Stories from garbage collectors
  • How criminals can use info found in the garbage
  • Physical Observation Exercise
  • Shoulder Surfing
  • Onsite Observation
  • Selective Exposure Theory

MODULE 4: GOOGLE

  • Advanced Google Searching
  • Dorking – What is it?
  • Advanced Google Search Interesting Example 1
  • Advanced Google Search Interesting Example 2
  • Advanced Google Search Interesting Example 3
  • Blending with Exploit-DB
  • Creating Your Own Dorks
  • Exercise
  • Class Exercise

MODULE 5: MISC SEARCH ENGINES

  • Search Engines
  • Bing/Yahoo
  • Duck Duck Go
  • Other Search Engines
  • Tweet Map https://www.omnisci.com/demos/tweetmap/
  • MashedWorld http://data.mashedworld.com/dualmaps/map.htm
  • WayBack Machine https://archive.org/web/
  • Shodan https://www.shodan.io

MODULE 6: DATA ABOUT DATA

  • FOCA
  • Class Exercise

MODULE 7: VISHING

  • Vishing (Voice Elicitation) for OSINT
  • Using Vishing as a Professional
  • Caller ID Spoofing
  • Spoofing Services
  • Flag Discovery
  • Professionally Planning Vishing
  • Tips for Professionals
  • Exercise

MODULE 8: END TO END OSINT

  • The Basics
  • Domain Searches
  • Email/Website Searches
  • Finding Social Media Accounts
  • Finding Breach Data
  • Documents and Metadata
  • Class Exercise

MODULE 9: SOCIAL MEDIA

  • Social Media Outlets We Use
  • Twitter
  • FourSquare
  • Facebook
  • LinkedIn
  • Instagram
  • YouTube

MODULE 10: EXTRA – ATTACK VECTORS

  • Developing Attack Vectors
  • Phishing
  • Vishing
  • In-Person
  • Risk Exposure
  • Closing Comments

FINAL TEAM CHALLENGE LAB


Key Takeaways

  • An understanding of OSINT as a practice through multiple hand-on exercises.
  • What a real world, professional OSINT investigation consists of and exercises to put that knowledge to work immediately.
  • Techniques to carry out OSINT investigations with the right mindset to adapt to changing tools and resources.

Who Should Take this Course

  • Anyone with an interest in OSINT and that could use help in increasing their abilities, we have had:
  • Pentesters
  • Researchers
  • Enthusiasts
  • Law Enforcement
  • Military
  • Corp Red Teams
  • Corp Blue Teams

Audience Skill Level

Beginner/Intermediate

What Students Should Bring

  • Computer/Laptop with network access (WiFi capable)
  • Preferred OS with a Remote Desktop Client already installed

What Students Will Be Provided With

An individual Virtual Desktop configured for use in the class

Trainers

Ryan MacDougall is a subject matter expert in the areas of network penetration testing, application security, protocol analysis, as well as social engineering. Ryan directed technical operations, as well as built and secured large networks for the financial and telecommunications industries, whose area of focus covers 6 countries, consisting of 3 data centers and 8 regional offices. During his 10 years running operations in a company that grew through M&A activities, acquiring, integrating, as well as standardizing operations, Ryan developed a deep understanding as well as insight into fundamental flaws present in a wide variety of enterprise environments. Ryan MacDougall is presently the Chief Operating Officer and Open Source Intelligence trainer for Social-Engineer, LLC. In addition, he runs operations during penetration tests and exercises with clients, as well as managing client relationships. Additionally, Ryan is also a multiyear Blackhat conference trainer and DEFCON SEVillage speaker, regarding social engineering as well as, open source intelligence gathering.

Details

Start:
August 2 @ 9:00 am
End:
August 3 @ 6:00 pm
Cost:
$3,300
Website:
https://www.blackhat.com/us-21/training/schedule/#practical-osint-for-social-engineers-218551617900756

Venue

Virtual Event
NV United States

Organizer

Social-Engineer, LLC
Phone:
570-234-3734
Email:
orders@social-engineer.com
Website:
https://www.social-engineer.com/