Deep Dive: External Attack Surface Mapping - First Steps (Part 1 of 2)

Event Start: 9 Monate her // Event Information

Deep Dive: External Attack Surface Mapping - First Steps (Part 1 of 2)
Typ
Village-Event
Zeit
17. August 2023 09:30 - 17. August 2023 11:30
Speaker
joohoi, six2dez
Sprache
en
Raum
Milliways Workshop Dome
Host
Milliways
Intent of this workshop is to shed light on the techniques and methodologies around OSINT reconnaissance. Everything that we explore throughout this workshop can be achieved using open source tooling and scaled up effectively. This journey won't be just a scratch of the (attack) surface, but a true deep dive in what is happening behind all of the steps and the reasoning behind it. This is part one of our OSINT recon adventure.

External attack surface mapping is an important capability to have in the toolkit for everyone working on internet security, for both defensive and offensive sides of the coin. With it we can gain a good visibility of what kind of services and information is exposed to the public internet - the results may surprise you. As you know, inventory management is a huge issue for entities large and small, but when you add network security and service configuration to the mix it gets even more difficult.

Intent of this workshop is to shed light on the techniques and methodologies around the subject matter. Everything that we explore throughout this workshop can be achieved using open source tooling and scaled up effectively.

This journey won't be just a scratch of the (attack) surface, but a true deep dive in what is happening behind all of the steps and the reasoning behind it.

Workshop structure: 1. Acquiring target - Crunchbase, ASNlookups, registrar relationships 2. Expanding the scope - asset discovery 3. Diving deeper - port scanning, service discovery

The participants should have a laptop with a Linux based operating system (or virtual machine) with internet connectivity to carry out the hands-on part of the workshop. Testing range for the scope will be provided.

Empfehlungen