Thursday, July 15, 2010

Open Source Intelligence Gathering for Pentesting

For the pleasure of Argentinian women, and the joy of all the geeks, the charismatic presence of Chema Alonso will join us again this year offering one of the most interesting training of ekoparty!!


Check here for more information.


TITTLE:
Open Source Intelligence Gathering for Pentesting

DESCRIPTION:
Before a penetration test, the collection of prior information could establish the difference between success and failure. This training is a training that grab the available information sources and information can be inferred through them, besides all the security breaches caused by members of the company. At the end of training students will be able to prepare an intelligence report about an organization to start building a pentesting plan

CONTENT
:
- Open Intelligence Gathering
o Goals
o Resources
o Phases
- Footprinting
o Public Data Infrastructure Gathering
* Organization Identification
* Internet Presence: InterNIC, Whois, DNS, etc..
* Service Providers
* State Records
* Published Services
o People Public Data Gathering
* People Identification
* Social tracing
* Maltego
- Fingerpinting
o Service Figerprinting
o OS fingerprinting
o Google/Bing/DNS fingerprinting
o Thrashing services
o Metadata fingerprinting
* Document exploration
* Document recognition
o Network mapping with FOCA
* Hand tunning
- Protection against data leaks
o DLP Techniques

DURATION: 1 day

MATERIALS:
All the submitters will receive a version of FOCA Pro.

TRAINER: Chema Alonso

Chema Alonso is Computer Engineering from the Universidad Rey Juan Carlos of Madrid where he is finishing his doctoral thesis on Web application security. He has been awarded the title of Most Valuable Professional by Microsoft in the area of computer security since 2004, a distinction that today, only three people have in Spain. It is usual writer on computer security technology magazines and speaker at national conferences such as the Microsoft Security Tour, Masters, or Technet Security Day @ Secure IT also participated in international conferences such as Blackhat, Defcon, ToorCon or ShmooCon among others. He works as a security consultant in computer 64 and writes a blog on computer security entitled "Un informático del lado del mal."

4 comments:

  1. commission express reviews I really like and appreciate your blog post.Much thanks again. Want more.

    ReplyDelete
  2. Melbourne Motorcycle Accident Attorney Sinclair Law - Leading Florida Law Firm Attorney Brad Sinclair Represents Personal Injury, Car Accident, Motorcycle Accident Victims in Melbourne.

    ReplyDelete