Spiderfoot is an automation platform for open source intelligence and can be used to plan red team operations. In this course, you will learn reconnaissance using Spiderfoot.
When planning future operations, a red team needs information about the target organization. Specifically, the organization’s digital footprint and attack surface consisting of email addresses, employees, social media accounts, cloud-based tools, connected devices, public information, and other exposures can be leveraged to plan and execute other phases of the adversary life cycle. In this course, Reconnaissance with Spiderfoot, you'll learn how to utilize Spiderfoot to execute reconnaissance in a red team environment. First, you’ll see how to select relevant and unique identifiers for the target organization. Next, you’ll apply use Spiderfoot’s extensive set of modules to gather data about the target. Finally, you’ll learn how to simulate gathering and analyzing specific information for a potential attack target. When you’re finished with this course, you’ll have the skills and knowledge to execute MITRE ATT&CK techniques, such as T1589 Gather Victim Identity Information, T1593 Search Open Websites/Domains, and T1596 Search Open Technical Databases using Spiderfoot. More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.
When planning future operations, a red team needs information about the target organization. Specifically, the organization’s digital footprint and attack surface consisting of email addresses, employees, social media accounts, cloud-based tools, connected devices, public information, and other exposures can be leveraged to plan and execute other phases of the adversary life cycle. In this course, Reconnaissance with Spiderfoot, you'll learn how to utilize Spiderfoot to execute reconnaissance in a red team environment. First, you’ll see how to select relevant and unique identifiers for the target organization. Next, you’ll apply use Spiderfoot’s extensive set of modules to gather data about the target. Finally, you’ll learn how to simulate gathering and analyzing specific information for a potential attack target. When you’re finished with this course, you’ll have the skills and knowledge to execute MITRE ATT&CK techniques, such as T1589 Gather Victim Identity Information, T1593 Search Open Websites/Domains, and T1596 Search Open Technical Databases using Spiderfoot. More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.