Exploring techniques and the methodology around utilising OSINT for threat intel-led pentesting, including technical and human recon. This talk will then look to discuss what this means for a target organisation and how this information can be used for pentesting and threat landscaping.

This is a quick all encompassing talk on how to build rapport with a verbal algorithm and some key basics to using body language and nonverbal cues. It starts with breaking down the differences in nonverbal/body language and then cultural and cross cultural cues. Then it moves into how to use language to build comfort in under 5 min. By the end of the talk people will have a working understanding of how to deliver themselves to ensure anyone will feel more at ease and trusting. It will also give them nonverbal tools to ensure the target is being honest and compliant.

Announcements for a new competitive product launch of a high-value brand have already been spotted on Dark Net Forums and Marketplaces. A couple of Dark Web vendors with a Deep Web presence are discussing supply and distribution of hot brands in a highly infringing region, where counterfeiting is business-as-usual. Competitors are looking for a target client’s leaked data to find out about its patent secrets, clients, and suppliers. How are high-value brands addressing these challenges on the Dark Web? How are the Dark Web Investigators detecting, monitoring, and investigating brand infringements, and how are they collaborating with law enforcement? This presentation is based on three key components of a Dark Web Brand Protection investigative workflow. The first component addresses brand infringement attribution, via username identification and correlation across Dark Web, Deep Web and Surface Web platforms; deanonymization via OSINT investigation and CYBER-HUMINT monitoring, infiltration and engagement via Deep Web, Dark Web Forums, Marketplaces, or direct contact details if identified (e.g., phone numbers; emails, IRC, Wickr, Telegram etc.). Secondly, the presentation approaches product traceability from the Dark Web to the Surface Web. This subsection discusses how to find unique identifiers of a brand listed on the Dark Web; useful metadata of a product image; how to correlate dark web storefronts to identify similar products across the Internet and expand the investigative scope; advanced reverse image searches and Surface Web methods (e.g. probabilistic matching, text matching, product attributes matching) to trace similar brand infringements associated with multiple clusters that are part of multi-brand infringing networks. Lastly, the presentation ends with an introduction of how online-to-offline actionable intelligence is gathered via OSINT investigations and CYBER-HUMINT monitoring, infiltration and engagement with the target networks. Live examples and case studies from fashion, pharma, electronics high-value brands are provided throughout presentation.

IRC, Hexchat, XChat, and more recently: Discord, Matrix, Element, … have been an integral part of interconnecting people from around the world on various topics of interest, and thus, have become an integral component in the creation of digital communities.

Building a community online, however, is much like sending a message to everyone in your town that you live at a specific address, and also inviting every one of them over for dinner at the same time: inevitably, less charitable or law-abiding people will show up, and some of them may try to take advantage of the situation.

In being a member of and managing a few digital communities, I have personally had to respond to incidents when such a threat emerges.

As such, I wanted to discuss various processes in managing communities, potentially underlined with examples, such as:
– how to identify, catalog and possibly respond to threats to the wellbeing of a community
– how OSINT and knowledge of law and law enforcement can help in the resolution of incidents
– how exchanging intelligence about threats between communities presents opportunities and risk
– how webs of trust can wrench in complications and facilitate the reduction of vigilance in terms of Operations Security (OPSEC)
– how community guidelines exist as a framework with which staff members can intimate a sentiment of interest and vigilance

“This talk is based on the book Psychology of Intelligence Analysis by Richard Heuer of the CIA (https://www.cia.gov/resources/csi/books-monographs/psychology-of-intelligence-analysis-2/).
We will introduce difference biases and heuristics that our brains use everyday and how these may lead us to make incorrect decisions.
Afterwards, we will teach practical tools and methodologies to combat these biases and that allow individuals and teams to construct better intelligence products.
The talk is quasi-interactive, with the participants being asked to respond in the comfort of their own homes to on-screen prompts in order for them better to understand their biases.”

Description Unavailable

Sometimes OSINT investigators can’t easily find an e-mail address of their targets. But e-mail addresses are important as they are one of the most valuable leads to pivot from. This talk will show ways that OSINT investigators can use to try and guess an e-mail address of their target. We are going to use names and surnames, birth dates, usernames, flaws in platforms and more that can lead an OSINT investigator to drastically increase his chances of “guessing” the target’s e-mail address.

“””Zoom in. Enhance the image. We got ’em.””
Some version of that scene is in nearly every crime show, but somehow when I try the same “”technique,”” the result is a sad-looking scene from an 8-bit game. So what can we do to improve small details in an image during an investigation? What if the photo is blurry? What tools are worth the time and money? Together we will analyze various types of damaged pictures and decide the best route to enhancing them for an OSINT investigation.”

OSINT is a challenging discipline with many distinct parts. It’s my belief like anything though if we break it down into its fundamental parts it can be learned. In this talk BosintBlanc takes you through an exploration of the skills, tools and mindsets you’ll need for successful OSINT investigations. This is a hands on talk where he will break down his process in digging up new information in digital investigations. *This talk includes a practical case study with prerecorded screenshots where BosintBlanc researched information on one the FBI’s most wanted fugitives.

“Public accessibility of breached data is a nightmare for everyone but useful for OSINT investigators.
I’ll go over the good, the bad and the ugly of breached data, how to use it to your advantage in OSINT investigations, how not to use it and more importantly, what you can do today to protect yourself from its repercussions.

A definite eye opener for those who haven’t see the contents of some of these breaches!

“

One of the biggest challenges beginner OSINT practitioners face is finding ways to apply the skills they learn. This presentation will cover another area of OSINT which will allow beginner (and advanced) OSINT practitioners to sharpen their practical skills: scam investigations. We will learn ways to identify scams, collect intelligence, pivot across scammer infrastructure, and ultimately report the scam (hopefully ruining the scammer’s day in the process).

“We are often told to keep OSINT investigations to a separate machine to avoid evidence tainting for professionals, and to prevent unexpected leakage of information to those being investigated, if doing on a voluntary basis.
This could be an expensive way of doing things and often virtual machines are used instead.
In this talk I show how the cheap but powerful Raspberry Pi can be setup as a standalone portable OSINT lab.”

In many instances, images can be as much of a modern day identifier as usernames, and a valuable point of pivoting for any open source investigator. From profile pictures to company logos, images offer a unique opportunity to tie disparate online activity together. Beyond the surface, EXIF metadata contained in these images offer a potentially valuable wealth of information that can move investigations forward. During this talk, Griffin will cover several examples of manual and automated reverse image searching, extraction and use of metadata, and how to find potential modification leveraging an error level analysis tool.

I will be going over examples of targeted investigations, pivoting and analysis of Darkweb CSAM sites. There will also be some blockchain forensics. Potential reverse engineering of a honeypot. (Unless too sensitive)