[Owasp-boston] Boston OWASP - Vinnie Liu's more exciting description of tonight's talk
Jim.Weiler at starwoodhotels.com
Mon May 3 13:53:50 EDT 2010
Vinnie thought his initial topic description was boring, so he sent this
one later - See you tonight.
During World War II the CIA created a special information intelligence
unit to collect and exploit information from openly available sources.
One classic example of the team's success was the ability to determine
whether bridges leading into Paris had been successfully bombed based on
increasing orange prices. Since then the methods through which open
source intelligence (OSINT) can be obtained has surged in number and
diversity. The internet has proven to be one of these information
wellsprings. The sheer volume and detail of the information available
is a treasure to anyone who can properly filter the noise for the
signal. For a time, search engines were the tool of choice for
filtering this information, but current search engine hacking techniques
fail miserably when anything useful needs to be accomplished.
This presentation begins with a quick history of internet-based OSINT
and a survey of the most effective OSINT sources available today (e.g.
Google, Shodan). After discussing the limitations of current methods
(e.g. Google Hacking), you might want to put a helmet on - so you don't
make a mess when we blow your mind. Because the focus of this
presentation will be on hitherto unreleased search engine hacking
techniques that are insanely effective against both Google and Bing.
Full of real-world demonstrations, this lively talk will encourage
audience participation and open dialogue. We'll also be sharing two new
tools, GoogleDiggity and BingDiggity, which take advantage these search
Time-permitting, we will also discuss how to prevent, detect, and
respond to these attacks.
Jim Weiler CISSP CSSLP
Starwood Hotels and Resorts
Sr. Mgr. Information Security Risk Assessment
Office - 781 356 0067
Cell - 781 654 6048
This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged.
The information is intended only for the use of the individual(s) or entity named above. If you are not the intended recipient, be
aware that any disclosure, copying or distribution or use of the contents of this information is prohibited. If you have received
this electronic transmission in error, please notify the sender immediately by replying to the address listed in the "From:" field.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-boston