DEX Talk Notes

A couple weeks ago, I had the pleasure of speaking at the Dutch DEX-XL conference in The Netherlands. I’m trying to lower the barrier to doing talks and workshops by not making presentation “decks of slides” (for PowerPoint, etc.). I’m finding that, as we go through the talk, people have questions and instead of showing them how to answer them, when I have slides, I need to stick to the script and then do ad hoc stuff after. So, I’m trying to do more talks and workshops sans slides.

The challenge is that, if you’ve seen me present before, as the talk goes on, I get more and more excited about the cool topics and tend to speed up (I’m working on not doing that but it is so HARD!). This increase of presentation pace makes it difficult for some people to take notes.

Below are my notes on the content I covered in those workshops. They are not meant to be complete but, instead, to point people towards those tools, tactics, and techniques I demonstrated during the classes.

Using Command Line Tools to Gather OSINT from Online Documents (Monday – 1 hour)

Using the Spiderfoot and Recon-NG OSINT Tools (Tuesday – 1 hour)

  • Recon-ng – (redirects to site)
    • Showed global options and how to change user agent
    • –no-analytics – Shuts off the Google Analytics calls
    • Rough outline of demo
      • add domains
      • use netcraft
      • run
      • show hosts
      • use recon/hosts-hosts/resolve
      • run
      • use recon/hosts-hosts/reverse-resolve
      • run
      • show hosts
      • use profiler
      • add profiles PROFILENAME~~~~
      • run
      • show profiles
      • use reporting/csv
      • set table profiles
      • run
    • Also demoed the bozocrack module with hashes I had made.
  • Spiderfoot –
    • Showed global options and how to change user agent
    • Ran “Investigate” Use Case with a domain
    • Ran some specific modules
    • Exported to CSV

Comments are closed.

Up ↑

%d bloggers like this: