conINT
2021-11-20 14:00:00
CTF Tickets
Donate Now
  • Donate
  • Merch
  • Home
  • Speakers
  • Schedule
  • News
  • Discord
  • Home
  • Speakers
  • Schedule
  • News
  • Discord

conINT 2021 IS THIS WEEKEND!
NOVEMBER 20-21, 2021

VIRTUAL INTELLIGENCE CONFERENCE & CTF
conINT 2021 CTF REGISTRATION NOW OPEN!

TALKS & WORKSHOPS

Whether you are an enthusiast looking to break in to the industry, or a seasoned law enforcement investigator, Day 1 is an opportunity to hone your existing skills and learn new ones in intelligence acquisition and analysis, investigations, and more with a full day of presentations and hands-on technical workshops broadcast free for the community on our Twitch channels.
View conINT 2020 Talks On Youtube

SUPPORT OUR MISSION

conINT 2021 is an fundraising event benefiting the National Child Protection Task Force (NCPTF), a US-based 501(c)(3) non-profit, that provides detectives, analysts, and other law enforcement with access to investigative expertise and resources to support missing and exploited persons investigations.

OSINT CTF

Day 2 of conINT gives attendees an opportunity to directly apply their newly learned skills as part of our OSINT CTF!  More information on the CTF, including registration information, will be made available soon.

conINT 2021 MADE POSSIBLE BY

Sponsor conINT 2021
Speakers

FEATURED SPEAKERS FOR conINT 2021

4000_cropped

TJ Null

TJ is the community manager for Offensive Security and is a pentester in the private sector. He’s very passionate about red team development and supporting open source projects like Kali Linux. TJ earned a BS in Cybersecurity from the University of Maryland University College (UMUC) where he is a board member for the award-winning UMUC Cyber Padawans. Over the years, he has participated in over 250 cybersecurity competitions across the globe and is a two-time SANS Netwars Champion. You can find TJ on a variety of community platforms.

Read more
RaeBaker

Rae Baker

Rae Baker (@wondersmith_rae) is passionate about corporate reconnaissance and scam/fraud tracking and currently works as an Open Source Intelligence Analyst for a large consulting firm. As an OSINT Curious Advisory Board member, Rae also works closely with other OSINT practitioners in the field to educate and inspire within the OSINT community. Additionally, she is the Open Source Intelligence team lead with Operation Safe Escape, which is a 501(c)(3) non-profit comprised of security professionals tasked with keeping domestic violence victims hidden from their abusers, a volunteer with Innocent Lives Foundation, as well as a Senior Judge for Trace Labs.

Read more
beckwith, nicole

Nicole Beckwith

Advanced Security Engineer, Kroger

Ms. Beckwith is a former state police officer, and federally sworn U.S. Marshal. She worked as a financial fraud Investigator and digital forensic examiner for the State of Ohio and a Task Force Officer for the United States Secret Service in their Financial and Electronic Crimes division as an incident responder and digital forensic examiner. She is also Ohio’s first certified female police sniper.

Read more
UK-NCA

Luke Phillips

Liaison Officer, UK National Crime Agency

Luke Phillips is the UK’s National Crime Agency Liaison Officer based in New York. He has over 21 years of law enforcement experience in a wide range of intelligence gathering and investigative disciplines, working both nationally and internationally. With 15 years’ experience as a detective, advising, mentoring, managing and developing both reactive and proactive investigations, he has secured convictions with sentences totaling several hundred years across almost every crime type imaginable. In Luke’s current role he works alongside the FBI in the National Cyber Forensics Training Alliance, specialising in the investigation of serious and complex cybercrimes. He holds a First Class Honours Degree in Applied Investigation.

Read more
Schedule

conINT 2021 SCHEDULE

DAY 1: TALKS & WORKSHOPS
NOVEMBER 20, 2021
1400 UTC
conINT 2021 Opening & KickOff

Conference kick-off and opening keynote with TJ Null.

TJ Null4000_cropped
ORANGE TRACK
1500 UTC
Katie Inns & Chloe Matthews
OSINT for Threat Intel-led Pentesting

Exploring techniques and the methodology around utilising OSINT for threat intel-led pentesting, including technical and human recon. This talk will then look to discuss what this means for a target organisation and how this information can be used for pentesting and threat landscaping.

Katie Inns & Chloe Matthews
1545 UTC
Adam Ticknor
Rapid Rapport: the Algorithm for building trust and liking in person or online

This is a quick all encompassing talk on how to build rapport with a verbal algorithm and some key basics to using body language and nonverbal cues. It starts with breaking down the differences in nonverbal/body language and then cultural and cross cultural cues. Then it moves into how to use language to build comfort in under 5 min. By the end of the talk people will have a working understanding of how to deliver themselves to ensure anyone will feel more at ease and trusting. It will also give them nonverbal tools to ensure the target is being honest and compliant.

Adam Ticknor
1645 UTC
Patrick Rus
Alice in Onionland: Brand Infringement Attribution, Traceability and Online to Offline Actionable Intelligence

Announcements for a new competitive product launch of a high-value brand have already been spotted on Dark Net Forums and Marketplaces. A couple of Dark Web vendors with a Deep Web presence are discussing supply and distribution of hot brands in a highly infringing region, where counterfeiting is business-as-usual. Competitors are looking for a target client’s leaked data to find out about its patent secrets, clients, and suppliers. How are high-value brands addressing these challenges on the Dark Web? How are the Dark Web Investigators detecting, monitoring, and investigating brand infringements, and how are they collaborating with law enforcement? This presentation is based on three key components of a Dark Web Brand Protection investigative workflow. The first component addresses brand infringement attribution, via username identification and correlation across Dark Web, Deep Web and Surface Web platforms; deanonymization via OSINT investigation and CYBER-HUMINT monitoring, infiltration and engagement via Deep Web, Dark Web Forums, Marketplaces, or direct contact details if identified (e.g., phone numbers; emails, IRC, Wickr, Telegram etc.). Secondly, the presentation approaches product traceability from the Dark Web to the Surface Web. This subsection discusses how to find unique identifiers of a brand listed on the Dark Web; useful metadata of a product image; how to correlate dark web storefronts to identify similar products across the Internet and expand the investigative scope; advanced reverse image searches and Surface Web methods (e.g. probabilistic matching, text matching, product attributes matching) to trace similar brand infringements associated with multiple clusters that are part of multi-brand infringing networks. Lastly, the presentation ends with an introduction of how online-to-offline actionable intelligence is gathered via OSINT investigations and CYBER-HUMINT monitoring, infiltration and engagement with the target networks. Live examples and case studies from fashion, pharma, electronics high-value brands are provided throughout presentation.

Patrick Rus
1730 UTC
Roelof Temmingh
Vortimo 2021 Tech Demo

Part 1) Skylight a.k.a kitchen-sinking object enrichment – meaning – you have a phone number, email address, IP address or whatever and you need to know EVERYTHING the Internet knows about it – at any cost. Now make it work directly in your current webpage.
Part 2) Vortimo 1.1 – now with fancy graphs. We skip the boring parts and go straight to the eye candy. Make people think your work is more complex than it really is.
Part 3) AutoVort – the Swiss army knife of scrollers – to automate data collection with tools like … Vortimo (but also others)

Roelof Temmingh
1830 UTC
AtomicNicos
Intelligence in the age of Digital Communities

IRC, Hexchat, XChat, and more recently: Discord, Matrix, Element, … have been an integral part of interconnecting people from around the world on various topics of interest, and thus, have become an integral component in the creation of digital communities.

Building a community online, however, is much like sending a message to everyone in your town that you live at a specific address, and also inviting every one of them over for dinner at the same time: inevitably, less charitable or law-abiding people will show up, and some of them may try to take advantage of the situation.

In being a member of and managing a few digital communities, I have personally had to respond to incidents when such a threat emerges.

As such, I wanted to discuss various processes in managing communities, potentially underlined with examples, such as:
– how to identify, catalog and possibly respond to threats to the wellbeing of a community
– how OSINT and knowledge of law and law enforcement can help in the resolution of incidents
– how exchanging intelligence about threats between communities presents opportunities and risk
– how webs of trust can wrench in complications and facilitate the reduction of vigilance in terms of Operations Security (OPSEC)
– how community guidelines exist as a framework with which staff members can intimate a sentiment of interest and vigilance

AtomicNicos
1915 UTC
Stephen Lerner
The Psychology of Intelligence Analysis

“This talk is based on the book Psychology of Intelligence Analysis by Richard Heuer of the CIA (https://www.cia.gov/resources/csi/books-monographs/psychology-of-intelligence-analysis-2/).
We will introduce difference biases and heuristics that our brains use everyday and how these may lead us to make incorrect decisions.
Afterwards, we will teach practical tools and methodologies to combat these biases and that allow individuals and teams to construct better intelligence products.
The talk is quasi-interactive, with the participants being asked to respond in the comfort of their own homes to on-screen prompts in order for them better to understand their biases.”

Stephen Lerner
2000 UTC
Rae Baker
OSINT on the Ocean: Maritime Intelligence Gathering Techniques

Description Unavailable

Rae Baker
GREEN TRACK
1500 UTC
White Hat Inspector
Can’t find it the e-mail address of your target? Just…guess it!

Sometimes OSINT investigators can’t easily find an e-mail address of their targets. But e-mail addresses are important as they are one of the most valuable leads to pivot from. This talk will show ways that OSINT investigators can use to try and guess an e-mail address of their target. We are going to use names and surnames, birth dates, usernames, flaws in platforms and more that can lead an OSINT investigator to drastically increase his chances of “guessing” the target’s e-mail address.

White Hat Inspector
1600 UTC
Mandy Cox
Can You Enhance That

“””Zoom in. Enhance the image. We got ’em.””
Some version of that scene is in nearly every crime show, but somehow when I try the same “”technique,”” the result is a sad-looking scene from an 8-bit game. So what can we do to improve small details in an image during an investigation? What if the photo is blurry? What tools are worth the time and money? Together we will analyze various types of damaged pictures and decide the best route to enhancing them for an OSINT investigation.”

Mandy Cox
1700 UTC
BosintBlanc
Hunting the FBI's Most Wanted: An OSINT Case Study

OSINT is a challenging discipline with many distinct parts. It’s my belief like anything though if we break it down into its fundamental parts it can be learned. In this talk BosintBlanc takes you through an exploration of the skills, tools and mindsets you’ll need for successful OSINT investigations. This is a hands on talk where he will break down his process in digging up new information in digital investigations. *This talk includes a practical case study with prerecorded screenshots where BosintBlanc researched information on one the FBI’s most wanted fugitives.

BosintBlanc
1745 UTC
Mishaal Khan
Breaches: Mixed Emotions

“Public accessibility of breached data is a nightmare for everyone but useful for OSINT investigators.
I’ll go over the good, the bad and the ugly of breached data, how to use it to your advantage in OSINT investigations, how not to use it and more importantly, what you can do today to protect yourself from its repercussions.

A definite eye opener for those who haven’t see the contents of some of these breaches!

“

Mishaal Khan
1815 UTC
Ryan Foote
Improving Your OSINT Skills by Inconveniencing Scammers

One of the biggest challenges beginner OSINT practitioners face is finding ways to apply the skills they learn. This presentation will cover another area of OSINT which will allow beginner (and advanced) OSINT practitioners to sharpen their practical skills: scam investigations. We will learn ways to identify scams, collect intelligence, pivot across scammer infrastructure, and ultimately report the scam (hopefully ruining the scammer’s day in the process).

Ryan Foote
1845 UTC
Dan Conn
Create a Raspberry Pi OSINT Lab

“We are often told to keep OSINT investigations to a separate machine to avoid evidence tainting for professionals, and to prevent unexpected leakage of information to those being investigated, if doing on a voluntary basis.
This could be an expensive way of doing things and often virtual machines are used instead.
In this talk I show how the cheap but powerful Raspberry Pi can be setup as a standalone portable OSINT lab.”

Dan Conn
1915 UTC
hatless1der
Image Analysis: Reverse Image Search, EXIF Metadata, & Alteration

In many instances, images can be as much of a modern day identifier as usernames, and a valuable point of pivoting for any open source investigator. From profile pictures to company logos, images offer a unique opportunity to tie disparate online activity together. Beyond the surface, EXIF metadata contained in these images offer a potentially valuable wealth of information that can move investigations forward. During this talk, Griffin will cover several examples of manual and automated reverse image searching, extraction and use of metadata, and how to find potential modification leveraging an error level analysis tool.

hatless1der
1945 UTC
Quantus
Darkweb intelligence and CSAM Investigations

I will be going over examples of targeted investigations, pivoting and analysis of Darkweb CSAM sites. There will also be some blockchain forensics. Potential reverse engineering of a honeypot. (Unless too sensitive)

Quantus
DAY 1: CLOSING & AFTER-PARTY
NOVEMBER 20, 2021
2045 UTC
Fireside With The Feds

Two Feds having a virtual “fireside” chat about what keeps us up at night.
A conversation between the FBI and NCA about all things cyber.
Lots of opportunities to ask questions, so start thinking.

Luke PhillipsUK-NCA
2145 UTC
Purple Monkey Dishwasher: How analyst bias can tune out good data and result in bad intelligence.

conINT 2021 Closing Keynote. Nicole will discuss some of the more common types biases in intelligence. She will then dive into the intelligence cycle and how biases can creep into each stage and ultimately give us bad intelligence. Nicole will then discuss how we combat these biases and tips for analysts and managers on the ways to spot bias ahead of a bad incident.

Nicole Beckwithbeckwith, nicole
2245 UTC
Closing Remarks
2300 UTC
conINT 2021 Virtual After Party

Dan Sampayo has been DJing in various night clubs in London, Brighton and the South Coast for 24 years playing at legendary clubs such as Ministry Of Sound, Turnmills, The Honey Club, The Concorde, The Escape Club, Audio and his residencies at The Q Club and 3TO. He also produces tunes and had a few remixes released.
Considering current conditions he’s had a pretty good summer playing at Block, Brighton and The Volks a fair few times as well as for Cyber House Party, BeerCon3 and IsolationCon2 after parties!

DAY 2: CTF
NOVEMBER 21, 2021
0000 UTC
CTF Ticket Sales End
1200 UTC
CTF Platform Registration Open

Access information and registration will be available in the event portal on Eventbrite. Please check your registration email for the Online Event Portal link.

1600 UTC
CTF Starts

Advance Registration REQUIRED To Participate. To register, visit conINT.io/Register

2200 UTC
CTF Ends

Winners will be announced via Twitter and in Discord approximately 1 hour after the CTF ends.

Latest News

Latest News

header1200

2021 CTF Incident Post-Mortem

We would like to extend our sincerest apologies to this year’s CTF participants for the events that transpired on November 21.  It is important that we share with the community what went wrong, what we learned, and what steps we will take to prevent such incidents from happening again in the future.  Below you will find the writeup from NCPTF’s Cloud Operations team, who engineered and hosted this year’s CTF.

Read more
slider_savedate

conINT 2021 Delayed to November 20-21, 2021

SEPTEMBER 24, 2021 – Due to a series of scheduling conflicts and delays, including the National Child Protection Task Force’s ongoing Operation Chivalrous Knight, the conINT board has opted to re-schedule our 2021 event to November 20-21, 2021.  Rescheduling the conference from October to November will allow the event team additional time to handle administrative activities, including CTF development, speaker recruitment, and sponsorship sales.

Read more
ytcracker

YTCracker to Perform at conINT 2020

OCTOBER 10, 2020 – Closing out conINT 2020 is none other than acclaimed nerdcore artist YTCracker. A former “cracker” turned rapper, MC and DJ, YTCracker is considered by many to be one of the originators of nerdcore. Outside of music, YTCracker is a respected information security professional, serving in roles ranging from advisor to CISO.  YTCracker’s performance will start immediately following the conclusion of conINT 2020’s closing keynote.

Read more
View all news

Virtual Intelligence Conference and CTF
October 16-17, 2021
Latest News
  • 2021 CTF Incident Post-Mortem December 7, 2021
  • conINT 2021 Delayed to November 20-21, 2021 September 24, 2021
  • YTCracker to Perform at conINT 2020 October 10, 2020
  • conINT Welcomes 19 Speakers from 2020’s Call for Presentations October 5, 2020
Twitter Hightlights
  • We would like to thank everyone, who showed their support for #conINT2021 - sponsors, speakers, and attendees! We c… https://t.co/s0ufNIaLXw
    12 days ago
  • Following the technical issues from today's CTF, all tickets have been refunded. Participants will receive an email… https://t.co/ASFWYsEYAj
    15 days ago
© Copyright 2020-2021 conINT.io and the National Child Protection Task Force, Inc. All Rights Reserved. Logos and trademarks displayed on this site are the property of the respective trademark holder.
Cookie Policy
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Privacy Policy
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.