HackMiami Con 7


Offensive OSINT for Pentesters

By RedHunt Labs

Register Now!

This Offensive OSINT training program focuses on a wide range of tools and techniques for performing real-world reconnaissance in order to launch targeted attacks against modern infrastructures.

This advanced training not only talks about using OSINT to extract data but also focuses on the significance of this data and how it could be directly enriched and used offensively for attacking and compromising Modern Digital Infrastructures.

We will take a deep-dive into various methodologies for extracting useful information from the internet. Furthermore, we will cover how this extracted information can be used in multiple attack scenarios.

This course takes a comprehensive hands-on approach to indulge the participants into real world scenarios, simulated lab environment and case studies in order to get proficient in techniques and methodologies. Each participant will also be provided ONE MONTH FREE ACCESS to our Private Lab mimicking the modern age infrastructure, as well as decoy accounts and organization’s social presence, where they can practise the skills learnt during the course.

Course Outline:
* Target Scoping and Mapping the Attack Surface
* Subdomain Enumeration
* Organization’s Social Media Profiling
* Hunting Code Repositories, Dark Web, Paste(s) Sites and Leaked Data
* Employee(s) Profiling
* Cloud Recon
* Bucket/Blogs/Spaces Enumeration        
* Enriching OSINT Data
* Tech Stack Profiling
* Identifying SSO/Login/Admin/VPN Portal(s)
* Explore Breached Password Databases
* Metadata Extraction
* Attacking Network Services using collated data
* Compromising Business Communication Infrastructure (BCI)
* Targeted Credential Spraying
* Compromising Cloud Server Instances

Student Requirements
* Should have basic understanding of Pentesting

Who should take this course
* Penetration Testers
* Social Engineers
* Red-Teamers
* Bug Bounty Hunters
* OSINT Researchers
* Risk Management Professionals

What Students Will Be Provided With
* Student Pack which contains
  * Slide deck and OSINT CheatSheet
  * Important Tools and custom Scripts
  * Answers to challenges (covered during the training program)
* 1 Month Free Lab Access.

Register Now!

About Shubham Mittal

Shubham Mittal is an active Information Security researcher with 6+ years of experience in Pentesting and OSINT. He is Review Board Member for BlackHat Asia. He has delivered his trainings at Black Hat, NullCon, HackMiami, c0c0n, etc. He is the author of OSINT Framework - DataSploit (listed in Top Ten Security Tools of 2016) and is core organizer of @Recon Village which runs @DEFCON. He works from the command line, uses vi and loves beer.

Register Now!

For more information:

About Sudhanshu Chauhan

Sudhanshu Chauhan is an information security professional with 6+ years of experience. He is the developer of RedHunt OS and one of the core contributors to Datasploit (Open Source OSINT Framework). Sudhanshu has also identified multiple critical vulnerabilities in various organisations like Adobe, ATT, Freelancer, Yandex etc. He has been a speaker at various conferences such as Ground Zero Summit, Cyber-Hackathon Bar-Ilan University, BlackHat Arsenal, has delivered training at BlackHat US, AppSec EU, and c0c0n security conference and is core organizer of @Recon Village which runs @DEFCON and other security conferences.

Register Now!

For more information: