UPDATE: You can now download my slide deck from SlideShare. Next week I will be speaking at the 7th Annual Ohio Information Security Summit on “Enterprise Open Source Intelligence Gathering”. Here is the talk abstract: What does the Internet say about your company? Do you know what is being posted by your employees, customers, or […]
Enterprise Open Source Intelligence Gathering – Part 1 Social Networks Read More »
The video from the talk Kevin Johnson and I did at DEFCON 17 called “Social Zombies: Your Friends Want To Eat Your Brains” is now up on Vimeo. If you missed us at DEFCON Kevin and I will be presenting an updated version at OWASP AppSec DC in November.
Social Zombies: Your Friends Want To Eat Your Brains Video from DEFCON Posted Read More »
Yes, you are reading the title of this post correctly! Massive Zombie attacks at DefCon this year…bring your shotgun (we are kidding of course, please do not bring firearms to DefCon…you will make the goons very unhappy)! Seriously though, Kevin Johnson and I will be presenting “Social Zombies: Your Friends Want to Eat Your Brains”
Social Zombies Invade Las Vegas! Read More »
Here are the links for the tools from my talk titled “New School Man-In-The-Middle” that was given at the North East Ohio Information Security Forum (NEOISF). I will update this post with a link to the slide deck on SlideShare by the end of the week. Thanks to everyone for coming out! Old School! Wireshark
Links from my NEOISF Talk: New School Man-In-The-Middle Read More »
Of course you do! If you don’t know who Chris Nickerson is…then you should. Chris is the founder of Lares Consulting, was on the Tiger Team TV show and also a frequent speaker at security conferences who talks about tiger team/red team operations. He also talks about how social engineering is more important then ever
Want to learn more about Social Engineering? Read More »
I’m here in DC getting ready for ShmooCon which starts tomorrow. I had some time to blog before things get crazy later tonight when everyone starts to arrive for the con. UPDATE: Ummm…someone *may* have hacked the Windows kiosks at the hotel…saw Ubuntu loading on one and Howard the Duck playing on another…probably shouldn’t use
What to attend at ShmooCon 2009 Read More »
If you are interested in using Twitter for information gathering/mining about potential targets for a penetration test or for “other” research…I highly recommend the very comprehensive article that Lenny Zeltser from SANS put together. Twitter is really becoming a great tool for not just marketing yourself or your business but also to find out detailed
Twitter for Information Gathering Read More »
Just a quick blog post about the latest release of Maltego that was just announced. This is great! You can now create custom transforms that will integrate directly with Maltego! This is something that many of us have requested and it’s finally here. From first glance it looks like you can code them in any
Maltego 2.0.2 Released with Local Transforms! Read More »
Looks like the fine folks over at Paterva have released version 2.01 of Maltego. If you don’t know what Maltego is…look here. Check out some of the changes and new features. From the announcement: Features: * Copy and paste to/from graphs * Copy and paste to/from text * Above can also function as “import” *
Maltego 2.01 Released Read More »
Last Wednesday I gave a presentation to the Northeast Ohio Information Security Forum on Maltego which is a fantastic tool for information gathering. The presentation focused on a high level overview of the application and how it can be used for all types of security related work including security assessments, investigations and helping find public
Information Gathering with Maltego Read More »
