Ending Soon! Get an iPad Air with Smart Keyboard, Surface Go, or $300 Off thru Dec 11 with OnDemand or vLive Training!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

OSINT for Pentesters: Finding Targets and Enumerating Systems

  • Friday, March 2nd, 2018 at 3:30 PM EST (20:30:00 UTC)
  • Micah Hoffman and David Mashburn
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

You look at your watch as the time edges closer to the start of your security assessment. Your customer contracted with you to perform a black box penetration test of their internet-facing systems. With no information about their networks and systems to start with, you have to find targets to attack. Where do you begin? In this webcast, you will learn some well-known and some more-obscure methods of finding targets that may be in scope for your internet assessments using Open Source Intelligence (OSINT) tools and techniques.

 

Join Micah Hoffman, author of the new SEC487: Open-Source Intelligence Gathering and Analysis (https://www.sans.org/course/open-source-intelligence-gathering) course in the second installment of a three part series of webcasts on the practical applications of using Open Source Intelligence (OSINT) in our daily lives.

Speaker Bios

Micah Hoffman

Micah Hoffman has been active in the information technology field since 1998, working with federal government, commercial, and internal customers to discover and quantify cybersecurity weaknesses within their organizations. As a highly active member of the cybersecurity and OSINT communities, Micah uses his real-world Open-Source Intelligence (OSINT), penetration testing, and incident response experience to provide customized solutions to his customers and comprehensive instruction to his students.

Over the years, Micah has conducted cyber-related tasks like penetration testing, OSINT investigations, APT hunting, and risk assessments for government, internal, and commercial customers. Micah's SANS coursework, cybersecurity expertise, and inherent love of teaching eventually pulled him toward an instructional role, and he's been a SANS Certified Instructor since 2013. He's the author of the SANS course SEC487: Open Source Intelligence Gathering and Analysis, and also teaches both SEC542: Web App Penetration Testing and Ethical Hacking and SEC567: Social Engineering for Penetration Testers.


David Mashburn

David Mashburn is currently the IT Security Manager for a global non-profit organization in the Washington, D.C. area. He also has experience working as an IT security professional for several civilian federal agencies, and over 15 years of experience in IT. He holds a masters degree in computer science from John Hopkins University, and a B.S. from the University of Maryland at College Park. David holds multiple security-related certifications, including CISSP, GPEN, GCIH, GCIA, and CEH. He is also a member of the SANS / GIAC Advisory Board, and has previously taught courses in the Cybersecurity curriculum at the University of Maryland - University College.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.