The InfoSec & OSINT Show

In episode 66, Matt Danner joins the show to talk about digital forensics. My 3 main takeaways were 1) How to perform a forensics investigation against Google Storage 2) What the limitations of the Google Drive API are and 3) How to approach iOS and Android devices in an investigation.

The InfoSec & OSINT Show

In episode 65, I talk with Dr. Martina Dove about the psychology behind fraud, persuasion and scam techniques. My 3 main takeaways were 1) What makes some people more susceptible to fraud 2) the techniques scammers use to convince us to take certain actions and 3) What influence factor is the most powerful For more information, including the show notes check out:  

The InfoSec & OSINT Show

In episode 64, Daniel Cuthbert joins us to talk about the OWASP Application Security Verification Standard. My 3 main takeaways were 1) Why the ASVS will make you a better pen tester and even bounty hunter 2) How to use the ASVS for threat modelling and 3) His tips on getting your talk accepted at a security conference For more information, including the show notes check out:  

The InfoSec & OSINT Show

In episode 63, I talk with Nico Dekens, a.k.a Dutch_Osintguy about the dangers of relying on one search engine, Telegram OpSec, browser extensions & more. My 3 main takeaways were 1) When specific search engine will give you better results than others 2) How Telegram can be a better OSINT source than Tor and 3) Search techniques for finding the right keywords and channels on Telegram

The InfoSec & OSINT Show

In episode 62, Alissa Knight, the author of Hacking Connected Cars, joins us to talk about hacking connected cars, APIs, defense as well as vulnerability management. My 3 main takeaways were 1) Where to even begin with car hacking 2) The challenges car manufacturers have when trying to defend against these attacks and 3) How APIs are shaping the future of hacking

The InfoSec & OSINT Show

In episode 61, Robert Graham, the creator of masscan, joins us to talk about running internet wide port scanning the right way. My 3 main takeaways were 1) How to use the banner function correctly 2) How to figure out the fastest rate you can send packets and 3) The most common mistakes Rob sees when folks run masscan

The InfoSec & OSINT Show

In episode 60, Josh Amishav chats with AJ Yawn about AWS security, compliance in the cloud, choosing an auditor and more. My 3 main takeaways were 1) How to make compliance not suck 2) How to automate security within an AWS environment and 3) What shared responsibility means when managing cloud infrastructure

The InfoSec & OSINT Show

In episode 59, Tim Adams joins us this week to talk DNS security, Zero Trust, TLD filtering and more. My 3 main takeaways were 1) How to integrate DNS Response Policy Zones, or RPZs, to prevent access to known bad domains 2) How aged a domain should be, sort of like wine, before trusting it and 3) DNS Tunneling, how to identify it and stop it

The InfoSec & OSINT Show

Ryan Dewhurst joins us this week to talk about all things WPScan. My 3 main takeaways were 1) common mistakes he sees when people run WPScan 2) 3 things you can do to stop 90% of WordPress attacks 3) His tips on launching a security tool

The InfoSec & OSINT Show

Ben Dowling hangs out this week to talk about IP Geolocation. My 3 main takeaways were 1) how they determine where an IP address is actually located 2) how they deal with massive amounts of crowdsourced geodata 3) how they attribute IP addresses to specific companies