Explore the OSINT capabilities of pen-testing tools in this BSidesLV conference talk by John Brunn. Delve into security awareness training, cloud migration, and the "Heartbreaker Theory" of diminishing returns in cybersecurity. Examine the new world order for attackers, focusing on topics like SSH benchmarking, protocol version exchange, and AWS DNS logs. Compare Census and Shodan, investigate honeypots, and analyze data dumps. Learn about WordPress vulnerabilities and SSH break techniques. Gain insights into the evolving landscape of offensive security tools and their applications in open-source intelligence gathering.
Give the Dog a Bone - Exploring OSINT Capabilities of Pen-testing Tools
Overview
Syllabus
Intro
Security Awareness Training
General Thoughts
Shell
Cloud Migration
Heartbreaker Theory
Diminishing Returns
Attackers New World Order
Nagini
Oneline fix
SSH benchmark
Protocol version exchange
Enabling SSH
Dockerfile
DNS
AWS DNS
Logs
My Hypothesis
Nmap
Census
The Census
Census vs Shodan
I cant be the only person
Honeypot
Is it Detected
Did it Detect
Koalas
Data Dump
Summary
Whats next
WordPress
SSH Break
Conclusion
Taught by
BSidesLV
