The OSINT and reconnaissance landscape is beginning to face some challenges. Current valuable sources such as open sourced lists are already facing offensive and malicious data poisoning. Privacy laws are creating barriers in many areas, and as court rulings are levying increasing fines for playing fast and loose with user data privacy. Social media companies are starting to realize that they actually need to start making profits, and are restricting their data.
Sites are aggressively combating web crawling, services like TOR and VPN face uncertain futures, the list of potential hurdles to the future of OSINT and recon seems grim. But fear not. There is still hope - and plenty of it. This presentation will discuss both the challenges and changes to both offensive and defensive reconnaissance that the presenter believes we will see in the future, and strategies that will help mitigate or enhance these changes.
Shane MacDougall tactical_intel is a two-time winner of the Defcon Social Engineering Capture The Flag, and has placed in the top three of the attack portion in every year of the contest’s existence. He is a principal partner in Tactical Intelligence, a boutique InfoSec consulting firm in Canada that specializes in social engineering, corporate information gathering, and red team attacks. Mr. MacDougall started in the computer security field in 1989 as a penetration tester with KPMG, and worked on the attacking side of the field until 2002, when he joined ID Analytics, the world’s largest anti-identity theft detection company as the head of information security. In 2011 he left the firm to start his own company. Mr. MacDougall has presented at several security conferences, including BlackHat EU, BSides Las Vegas, DerbyCon, LASCON, and ToorCon. He is currently doing research in the areas of integrating near-realtime OSINT into IDS/SIEM, as well as the generation of a real-time pre-text generator.