OSINT Tactics on Source Code & Developers

1 minute read

Abstract

This practical talk is about using OSINT techniques and tools to obtain intelligence from source code. By analyzing the source code, we will profile developers in social networks to see what social networks they use, what they are saying, who they follow, what they like and much more data about them.

We will use well-known tools and custom Python scripts to automatize the parsing of source code, analyzing comments for behavior and sentiments, searching for OSINT patterns in code and fingerprinting developers in social networks, among other things. The collected data will be plotted in different visualizations to make the understanding of information easier.

The objective of the talk is to introduce attendees into OSINT tactics they can use to collect and analyze data, use the right tools and automatize tasks with Python scripting. For this example we have targeted developers and their projects.

Come and learn some OSINT tricks you can apply to collect and analyze data!

Speaker Profile

Simon Roses (@simonroses) holds a B.S. from Suffolk University (Boston), Postgraduate in E-Commerce from Harvard University (Boston) and Executive MBA from IE Business School (IE, Madrid).

Currently is the CEO at VULNEX, driving security innovation. Former Microsoft, PriceWaterhouseCoopers and @Stake.

Simon has authored and cooperated in several security Open Source projects like OWASP Pantera and LibExploit. He has also published security advisories in commercial products.

Simon was award with a DARPA Cyber Fast Track (CFT) grand to research on application security.

Frequent speaker at security industry events including BLACKHAT, DEF CON, RSA, HITB, OWASP, SOURCE. DeepSec and Microsoft Security Technets.
CISSP, CEH & CSSLP

Blog: www.simonroses.com

Updated: