Thursday, October 2, 2008

New School Information Gathering ToorconX edition

Here is the outline for my New School Information Gathering talk that I gave at ToorconX.

Open Source Intelligence Gathering (OSINT)‏
Google Mail Harvesters
Online Tools: ServerSniff/DomainTools/CentralOps/
Tying it all together with Maltego

I hid several slides to get the talk into the 20 minute time frame but you should see them in the posted slide deck.

Slides are available here:

Comments and feedback are always welcome even though I received nothing back from all the people that emailed me asking for them last time :-(



Anonymous said...

These is great stuff, nice to see how the new tools are being used. Too often you see folks using the same old worn out methods (not that they dont work), it is nice to see the continued innovation and pervasive believe in asking why!

Kudos man!


CG said...

thanks Thurso!

Anonymous said...

What I like about talks like this is they don't focus on the same items everything else does.

The info gathering phase of a pentest is just as important as any wizbang exploits you might throw at them. Its the foundation of everything else that comes afterward.

What I likes about this talk was how up to date it was. With a constant influx of new tools coming out all the time in this space, its nice to get a feel for what others are finding useful.

CG said...

thanks for the feedback Jim

Jhaddix said...

Hey Chris!

i did leave feedback, just late last time :P

on slide 15 looks like you could add filetypes for config files but i think that goolag searches that.

Other than that i have to say, Chris, this is the most up to date info gathering/recon resource out there right now.

I can see that you did a HUGE overhaul to the original, with screencaps and extented info on each tools and technique.

This is why i have you as my first link on my blog! :P

take care CG!