Social engineering attacks remain the most effective way to gain a foothold in a targeted organization. But those attacks are only as good as the information used to create them. This presentation will arm you with the latest open- source intelligence (OSINT) tools and techniques needed for gathering detailed information on your targets, turning your social engineering ops into carefully targeted precision strikes that can greatly improve your results. We'll also cover steps that you can take to reduce your own OSINT exposure, protecting you and your organization. You'll see techniques for phishing, vishing, pretexting, impersonation, and more. Tool demonstrations will include how to make the best use of OSINT Websites and standalone tools such as Datasploit and recon-ng.
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is an Enterprise Security Consultant at Sword and Shield Enterprise Security in Knoxville, TN. Joe also maintains his own blog and podcast called Advanced Persistent Security. He is also in the SANS Instructor Development pipeline, teaching SANS Security 504: Hacker Tools, Techniques, Exploits, and Incident Handling. In his spare time, Joe enjoys reading news relevant to information security, attending information security conferences, contributing blogs to various outlets, bass fishing, and flying his drone.