The InfoSec & OSINT Show

This week River Security's Founder and SANS instructor Chris Dale joins us to explain why recon should be separated from the pen test in order to improve efficiency and increase the quality of the outcome. He also explains his recon process as well as the tools he uses to map out the target's attack surface.

The InfoSec & OSINT Show

This week OWASP's new executive director Andrew van der Stock hangs out to talk about the future of several flagship projects like the Application Security Verification Standard (ASVS) and the Top 10 as well as how OWASP should adapt in order to continue growing in light of Covid.

The InfoSec & OSINT Show

This week we discuss several passive recon techniques to further enumerate the attack surface as well as how we can tie the output from the rest of our recon tools together into a central location via the Amass scripting engine. This allows us to easily combine our results into a single database to track changes over time as well as visualize data points discovered from all of our recon tools.

The InfoSec & OSINT Show

This week we discuss how pen testers and bug bounty hunters can get better brute force results by creating a custom wordlist based on what they're trying to enumerate. The lists that come with popular tools are often dated. We can generate more targeted wordlists based on current trends with BigQuery as well as unique terms used in the target web app itself.

The InfoSec & OSINT Show

This week we talk about how to use the Bash shell to help automate OSINT and pen testing tasks that are run often. We also discuss how to automate parts of the recon process by using vim as a visualization tool to find anomalies.

The InfoSec & OSINT Show

This week we cover a couple of new OSINT tools and techniques like Snapchat maps, Signal face obfuscation, web cam indexes and httpx. We also do a deep dive into Server Side Request Forgery (SSRF) attacks and how to bypass common defenses.

The InfoSec & OSINT Show

This week we cover a couple of new tools like ffuf, RecurseBuster, Subjack and Cloud_enum. We discuss how to combine and recursively scan the output. Then we throw this into a Bash script to automate the initial attack surface mapping to help us find juicy vulns with minimal effort

The InfoSec & OSINT Show

This week we do a deep dive into Amass, the OWASP domain enumeration and network mapping tool. This is essential for figuring out your target's attack surface both for offensive and defensive security.

The InfoSec & OSINT Show

This week we do a deep dive into GitHub reconnaissance. GitHub can be a goldmine for finding leaked credentials and expanding the attack surface by finding new subdomains and API endpoints. This is important both from an OSINT or red team standpoint to figure out where to focus your attacks as well as for the blue team to know what information has been leaked.

The InfoSec & OSINT Show

This week I discuss the latest InfoSec news including hiding XSS payloads in polymorphic images, exploiting remote code execution on Salt servers, using open source intelligence to track down Russian operatives, tracking Ransomware, DNS over HTTPS, Zoom security improvements and the latest data breaches. We also discuss several techniques to track down open noSQL servers like Elasticsearch.