The InfoSec & OSINT Show
Your weekly dose of information security and open source intelligence news, tips and commentary.
info_outline 19 - Tommy Devoss (Dawgyg) & Bug Bounty Hunting on Steroids 08/07/2020
19 - Tommy Devoss (Dawgyg) & Bug Bounty Hunting on Steroids This week Dawgyg (Tommy DeVoss) hangs out to chat about his approach to bug bounty hunting, which led him to be one of eight million dollar hackers on the HackerOne platform. We discuss his approach to recon, how he finds unique bugs, how to get into bug hunting and more.
info_outline 18 - Simon Bennetts & Headless Automated Scanning with ZAP 07/31/2020
18 - Simon Bennetts & Headless Automated Scanning with ZAP This week Simon Bennetts joins me to talk about how to automate web app scanning via ZAP. We discuss API integration, headless scanning, Github action scans, the HUD and more.
info_outline 17 - Matthias Wilson & Using OSINT Against Nigerian Scammers 07/24/2020
17 - Matthias Wilson & Using OSINT Against Nigerian Scammers This week Matthias Wilson joins me to discuss how he uses various OSINT techniques to track down Nigerian advance payment scammers while having a bit of fun. Matthias also shares some social engineering techniques he's used on physical engagements.
info_outline 16 - Ty Miller & Security Automation 07/17/2020
16 - Ty Miller & Security Automation This week Ty Miller of Threat Intelligence fame joins us to talk about security automation. Whether you're tasked with incident response, pen testing or gathering threat intelligence, automation can enable you to scale and maximize resources. We talk about chaining various open source tools together to give you an initial baseline level of information as well as Evolve, their commercial alternative.
info_outline 15 - Chris Dale & Breaking up Recon from the Pen Test 07/10/2020
15 - Chris Dale & Breaking up Recon from the Pen Test This week River Security's Founder and SANS instructor Chris Dale joins us to explain why recon should be separated from the pen test in order to improve efficiency and increase the quality of the outcome. He also explains his recon process as well as the tools he uses to map out the target's attack surface.
info_outline 14 - Andrew van der Stock & the Future of OWASP 07/03/2020
14 - Andrew van der Stock & the Future of OWASP This week OWASP's new executive director Andrew van der Stock hangs out to talk about the future of several flagship projects like the Application Security Verification Standard (ASVS) and the Top 10 as well as how OWASP should adapt in order to continue growing in light of Covid.
info_outline 13 - Advanced Passive Recon with the Amass Scripting Engine 06/26/2020
13 - Advanced Passive Recon with the Amass Scripting Engine This week we discuss several passive recon techniques to further enumerate the attack surface as well as how we can tie the output from the rest of our recon tools together into a central location via the Amass scripting engine. This allows us to easily combine our results into a single database to track changes over time as well as visualize data points discovered from all of our recon tools.
info_outline 12 - Brute force more effectively with custom wordlists 06/19/2020
12 - Brute force more effectively with custom wordlists This week we discuss how pen testers and bug bounty hunters can get better brute force results by creating a custom wordlist based on what they're trying to enumerate. The lists that come with popular tools are often dated. We can generate more targeted wordlists based on current trends with BigQuery as well as unique terms used in the target web app itself.
info_outline 11 - Hacking from the command line with Bash and Vim 06/12/2020
11 - Hacking from the command line with Bash and Vim This week we talk about how to use the Bash shell to help automate OSINT and pen testing tasks that are run often. We also discuss how to automate parts of the recon process by using vim as a visualization tool to find anomalies.
info_outline 10 - Server Side Request Forgery Attacks and Bypasses 06/05/2020
10 - Server Side Request Forgery Attacks and Bypasses This week we cover a couple of new OSINT tools and techniques like Snapchat maps, Signal face obfuscation, web cam indexes and httpx. We also do a deep dive into Server Side Request Forgery (SSRF) attacks and how to bypass common defenses.
info_outline 9 - Automating Recon - Mapping Your Target Effectively 05/29/2020
9 - Automating Recon - Mapping Your Target Effectively This week we cover a couple of new tools like ffuf, RecurseBuster, Subjack and Cloud_enum. We discuss how to combine and recursively scan the output. Then we throw this into a Bash script to automate the initial attack surface mapping to help us find juicy vulns with minimal effort
info_outline 8 - Domain and Network Recon using Amass - Mapping the Attack Surface 05/28/2020
8 - Domain and Network Recon using Amass - Mapping the Attack Surface This week we do a deep dive into Amass, the OWASP domain enumeration and network mapping tool. This is essential for figuring out your target's attack surface both for offensive and defensive security.
info_outline 7 - GitHub Reconnaissance - Finding the needle in the Haystack 05/15/2020
7 - GitHub Reconnaissance - Finding the needle in the Haystack This week we do a deep dive into GitHub reconnaissance. GitHub can be a goldmine for finding leaked credentials and expanding the attack surface by finding new subdomains and API endpoints. This is important both from an OSINT or red team standpoint to figure out where to focus your attacks as well as for the blue team to know what information has been leaked.
info_outline 6 - Hunting Open Elasticsearch Databases for Fun and Profit 05/08/2020
6 - Hunting Open Elasticsearch Databases for Fun and Profit This week I discuss the latest InfoSec news including hiding XSS payloads in polymorphic images, exploiting remote code execution on Salt servers, using open source intelligence to track down Russian operatives, tracking Ransomware, DNS over HTTPS, Zoom security improvements and the latest data breaches. We also discuss several techniques to track down open noSQL servers like Elasticsearch.
info_outline 5 - Asset Inventory for Red Teamers and OSINT Investigators 05/01/2020
5 - Asset Inventory for Red Teamers and OSINT Investigators This week I discuss the latest InfoSec news including Covid-19 tracking apps, an iOS no-click 0-day, phishing the WHO, hacking Microsoft Teams and and a SQL Injection in the Sophos firewall. We also discuss several techniques on mapping out the attack surface for your target.
info_outline 4 - Infosec News & Website Attribution 04/24/2020
4 - Infosec News & Website Attribution This week I discuss the latest InfoSec news including automated grocery shopping delivery time slot bots, IBM 0-days, thieves returning stolen cryptocurrency, the Webkinz breach and more, as well as some tips on how to track down who is behind a website.
info_outline 2 - InfoSec News & Cyber Attribution with Canary Tokens 04/07/2020
2 - InfoSec News & Cyber Attribution with Canary Tokens This week I discuss the latest InfoSec news including Zoom, Twitter, Marriott, GoDaddy, the SBA and CloudFlare as well as cyber attribution and how to implement canary tokens to figure out who's attacking you.
info_outline 1 - Zoom Security Risks & Anonymous LinkedIn Searches 04/02/2020
1 - Zoom Security Risks & Anonymous LinkedIn Searches This week I discuss the security risks video conferencing software such as Zoom presents, some tips on separating your work and personal digital lives as well as an OSINT tip on how to search LinkedIn anonymously.