🤝 Join us on DISCORD 🤝
Name: Andrew Macpherson
Name: Jason Haddix
Recon is an art AND an science. The landscape for methods of finding hosts to attack is constantly changing. Whether you call it "Asset Discovery" or something else, it remains a core part of bounty hunter and red teaming life. Join Jason as he expands on his ever changing recon methodology.
Name: Caleb Madrigal
Sure, WiFi hacking has been around for a while, and everyone knows about tools like airmon-ng, kismet, et al. But what if you just want to view a list of all networks in your area AND see all devices connected to each network? Or maybe you want to know who's hogging all the bandwidth (and maybe deauth them if they use too much)? Or, what if you want to know when a certain someone's cell phone is nearby. Or perhaps you'd like to know if your Airbnb host's IP Camera is uploading video to the cloud?
Name: Dino Covotsos
Thanks to the‚ Äúboom‚Äù in the information security industry combined with the latest buzzwords, more and more large corporate companies are looking for the latest ‚Äúnext gen‚Äù anti-haxor services and technologies. In doing so they often go out publicly on tender and / or issue an RFP/RFQ in order to obtain the best possible solution to meet their requirements and budget (usually cost wins).
Name: Anshuman Bhartiya, Glenn Grant
Bug bounty programs are a hot topic these days. More and more companies are realizing the benefits of running a program, and researchers are jumping at the opportunity to grab some swag and make some extra cash from the bugs they find. Reporting security issues has never been as easy, open, and risk-free as it is right now. Everybody wins!
Name: Marc DaCosta
Government bureaucracy is your friend. The US federal government alone produces tens of thousands of different forms that collect information on everything from the owner and location of every oil well in the country, to the VIN number of every car that's imported, the location and height of every cell phone tower, and much more. While most of this data is locked behind clunky 1990s-era search forms, or in exports of antiquated database formats, the enterprising researcher will find a treasure trove that exists outside the indexes of Google and LexisNexis.
Name: Mauro Caseres
I fought the law and the law lost" is a series of talks that aims to collect vulnerabilities in the field of Argentine Security forces. This chapter focuses on both Federal and Buenos Aires City Police, which according to the Head of Government Horacio Rodr√≠guez Larreta, has the ""most modern technology in the world"".
Name: Micah Hoffman
Your client gives you their requirement, "find the social media accounts of the target person and any friends they may have". Simple enough. You execute your Standard Operating Procedures (you DO have a SOP, right?) and begin running tools, using your sock puppets, scraping web sites, and finding a ton of data. You've got CSVs, text output, images, URLs....OH MY!
Name: Michael Gianarakis & Shubham Shah
When conducting a web application penetration test understanding and extending the attack surface is an exercise that is critical for success. Having a large wordlist of realistic directories, files and domains is assists immensely with this process.
Name: Lloyd Miller
How do you apply open source intelligence techniques to politicians, candidates, and others holding the public trust? It‚Äôs easier than you think. This talk will outline the general principles for investigating public figures, how to take information and data and turn it into a news story even when the story is (often) incomplete, and then review several case studies that demonstrate the effectiveness of combining these techniques.
Name: Master Chen
In 2015, I did a Skytalk called “Automate Your Stalking”. In that talk, I used Twitter to follow my Target’s followers in an effort to monitor the target without following them directly and arousing suspicion. I’m the end, I felt like I released a method that may be dangerous in the hands of the wrong people. Now, “Stalker In A Haystack” is the antidote to my first talk.
Name: Rod Soto and Joseph Zadeh
This presentation shows how data driven techniques can be used to provide vision and establish relationships between users and participants of DarkWeb forums. These relationships can provide clues to uncover and reveal tracks of malicious actors. Things such as chat room transcripts and forum data are used can be used to build graphical relationships. This provides a context where it is possible to use machine learning algorithms to unmask relationships and profile users of these dark forums. Some of the methods used include Machine Learning Algorithms such as Googles PageRank. Once this users are profiled it is possible to predict behaviors, gaining further understanding of actors using these forums to obfuscate and evade attribution.
Name: Jacob Wilkin
Performing intelligence gathering on targets is a time consuming process, it typically starts by attempting to find a persons online presence on a variety of social media sites. What if it could be automated and done on a mass scale with hundreds or thousands of targets?
Name: Mbis0n Shadoru
Many significant breaches have resulted from adversaries knowing who to target, how to target them and where to target them. Most corporations are not effectively using the largest collection of targeting data that is available on the public internet and fail to build and refine data driven threat models using the information that our adversaries are using against us. Targeted User Analytics and Human Honeypots is a research project I am working on to identify and model targeting methods with the hope of tipping the scales in our favor to defend our networks, users and critical systems.
Name: Ethan Gregory Dodge
It’s always been suspected that the Mormon Church is worth billions of dollars and has a sizable amount of investments in the United States stock market. However their finances are almost entirely opaque. In May 2018, MormonLeaks released a compilation of information connecting the dots between the Mormon Church and $32 billion.
Name: Mark Klink
OpenPiMap is the ultimate home/prosumer network utility in order to detect, analyze, and respond to malicious network traffic on a small home or office network. Get an interactive and dynamic interface to detect and respond to botnets, hackers, and script kiddies on a platform that is powered by just 5v and costs less than $10. Everyday any point of presence on the internet can be faced with thousands of scans, exploit attempts, or malicious probes with almost no signature or notification to the end user. OpenPiMap offers the ability to detect and respond to malicious network traffic that would normally be ignored by traditional anti-virus or consumer firewalls.
Name: Jennifer Roderick
I’m not a programmer. I’m not a hacker‚Ä¶in the traditional sense. But yet I was born in 1983, so surely that makes me a perfect fit for the DEF CON theme this year. Not enough? Ok, well how about the fact that I’m currently using open source tools, techniques and methodologies to combat modern slavery, wildlife trafficking, terrorism and just about every serious organized crime the world is currently battling from a desk in the middle of the London financial district. Interested in hearing from a different viewpoint and perspective, then this is your talk. While you might not walk away with a new tool for your toolbox, you will gain an understanding into how the smallest contribution can end up the most profound and how combining open source resources can take on much bigger problems that you’ve maybe never considered.
Name: Olivia Thet and Nicolas Kseib
In this presentation, we will demonstrate how to build a machine learning model that uses a merged dataset combining cyber related contextual information with Bitcoin (BTC) transaction data. The model can be used by both private and public sectors security professionals, working in the cryptocurrency field, to deny business for certain BTC addresses or, build legal cases to return illegally stolen coins.
Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG), or paying to utilize transforms (Maltego) to get data mining results. Using some basic python webscraping of PII paywall sites to compile passive information on a target on a ramen noodle budget. The modules will allow queries for phone/email/screen names/real names/addresses/IP/Hostname/breach credentials etc..
When a security professional who is running a SANS training course challenges you to 'Socially engineer the answer to the CTF' out of him, you have a choice: choose something to make him laugh and garner clues to aid you in owning the network and walking away with a CTF coin, or, take it as a personal challenge and a call to own your instructor.
Name: Micah Hoffman
If you have ever performed reconnaissance on a target or conducted an OSINT investigation you know that there are a huge number of places to gather OSINT data. One of the biggest challenges is in taking the next steps with that data once you have it. How do you take what you have and transform use it to get more? For instance, if you found email addresses, where do you search to find other data about those accounts? We have excellent resources such as http://osintframework.com and https://bit.ly/technisette that are huge lists of well-organized bookmarks which can be overwhelming. That is why I created YOGA.
Name: William Suthers
When attacking modern internal networks, intelligence is everything. Understanding the environment you are operating in can be the difference between successfully penetrating your target environment or missing targets of opportunity due to a lack of understanding about the target environment.
Name: Bharath Kumar and Madhu
Reconnaissance is about gathering information. The information gathered is only as good as the insights and actionable decisions that we can gain from it. A lot of research is focused on finding OSINT data but little is done towards converting the data into insights and actionable decisions. Visualisation is an easy and efficient way to gain insights from any the data gleaned.
©2022. Recon Village. All Rights Reserved.