Overview
Learn about advanced data hoarding techniques and breach data research in this DEF CON 31 Recon Village conference talk. Explore how Research & Destroy (RaD), a private security research group, approaches the normalization of breach data research in the cybersecurity community. Discover a methodology for US-based companies and researchers to legally curate publicly breached data for red team operations and penetration testing. Gain insights into the DorXNG tool, a next-generation solution for OSINT data harvesting that uses advanced search engine operators through multiple upstream providers. Examine the legal policy guidance for Breach Data Research (BDR) and learn how to develop a charter document that aligns with company policies and legal requirements. The presentation includes practical deliverables such as template BDR charter documentation and access to the DorXNG tool.
Syllabus
DEF CON 31 Recon Village How I Found Your Password, and Other Advanced Data Hoarding Techniques
Taught by
Recon Village