OSINT for AppSec Recon ng and Beyond - Tim Tomes

Overview

Explore OSINT techniques for AppSec reconnaissance using Recon-ng, covering data extraction, vulnerability scanning, and leveraging online resources for effective security assessments.

Syllabus

• Introduction to OSINT
Definition and importance of OSINT in AppSec
Overview of OSINT tools and techniques
• Introduction to Recon-ng
Installation and setup
Interface and module overview
Basic commands and usage
• Data Gathering Techniques
Domain and subdomain enumeration
IP address collection and analysis
WHOIS and DNS record investigation
• Vulnerability Scanning with Recon-ng
Identifying vulnerabilities through automated scanning
Understanding module applications for vulnerability assessment
Integrating other tools with Recon-ng
• Leveraging Online Resources
Utilizing public databases and APIs
Accessing social media and open forums for information gathering
Using search engines effectively for reconnaissance
• Analysis and Reporting
Synthesizing gathered data into actionable intelligence
Creating comprehensive security assessment reports
Communicating findings to stakeholders
• Advanced Recon-ng Techniques
Customizing and writing new modules
Automation of repetitive tasks with scripting
Case studies of complex reconnaissance operations
• Ethical Considerations and Legal Compliance
Understanding ethical implications of OSINT
Legal constraints and best practices in reconnaissance
• Tools and Resources Beyond Recon-ng
Overview of alternative OSINT tools
Combining Recon-ng with other reconnaissance frameworks
• Final Project
Practical assessment: Conduct a full OSINT investigation using learned techniques
Presenting findings and insights in a professional report
• Course Review and Q&A
Recap of key topics
Open floor for questions and further discussion

Subjects

Conference Talks