OSINT For the Win: Integrating with Social Engineering for Better Pen Testing presented at BSidesKnoxville 2017

by Joe Gray,

Summary : Social engineering attacks remain the most effective way to gain a foothold in a targeted organization. But those attacks are only as good as the information used to create them. This presentation will arm you with the latest open-source intelligence (OSINT) tools and techniques needed for gathering detailed information on your targets, turning your social engineering ops into carefully targeted precision strikes that can greatly improve your results. We'll also cover steps that you can take to reduce your own OSINT exposure, protecting you and your organization. You'll see techniques for phishing, vishing, pretexting, impersonation, and more. Tool demonstrations will include how to make the best use of OSINT Websites and standalone tools such as Social Engineer Toolkit and recon-ng.