This is a guest post by David Mashburn (@d_mashburn, https://www.sans.org/instructors/david-mashburn), Certified SANS Instructor and cyber ninja! OSINT isn't just about doing pre-attack recon. It is often leveraged by defenders as part of the incident response and investigation process. One of the most common applications of OSINT for a defender is to perform lookups on available... Continue Reading →
Harvesting Whois Data for OSINT
At work I was given the task of figuring out at least one method to find some of the domains that were registered by my company's employees but that we may not have known that they registered. Anyone can visit GoDaddy or PSI or 1and1 and register a domain. We wanted to find out anyone... Continue Reading →
