SlideShare ist ein Scribd-Unternehmen logo

Weaponizing Corporate Intel: This Time, It's Personal!

ā€¢Als PPTX, PDF herunterladenā€¢
ā€¢
Beau Bullock
Beau Bullock

Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front. Often times testers only resort to using publicly available tools which can overlook critical assets. In this presentation, we will begin by examining some commonly overlooked methods to discover external resources. Next, we will show how to discover employees of a target organization and quickly locate their social media accounts. Finally, we will strategically identify and weaponize personal information about the employees to target the organization directly using new attack techniques. Attendees will learn an external defense evasion method, a new process to gain credentialed access, and be the first to receive a newly released tool! While the approach is designed to assist offensive security professionals, the presentation will be informative for technical and non-technical audiences; demonstrating the importance of security-awareness for everyone.

Internet
1 von 44
Ā© Black Hills Information Security @BHInfoSecurity Weaponizing Corporate Intel Beau Bullock (@dafthack) Mike Felch (@ustayready) This Time, Itā€™s Personal!
Ā© Black Hills Information Security @BHInfoSecurity Overview ā€¢ This is an OSINT / Recon talk! We are going to cover stuff you might already know as well as some brand new techniques! ā€¢ Going from zero knowledge of an organization to stalker status ā€¢ External resource targeting (w/ less attribution) ā€¢ Internal employee targeting (at a personal level) ā€¢ Advanced password stuffing attacks ā€¢ Out-of-Band Phishing
Ā© Black Hills Information Security @BHInfoSecurity About Us ā€¢ Mike Felch - @ustayready ā€¢ Pentest / Red team at BHIS ā€¢ Involved w/ OWASP Orlando ā€¢ Host of Tradecraft Security Weekly ā€¢ Host of CoinSec Podcast ā€¢ Beau Bullock - @dafthack ā€¢ Pentest / Red team at BHIS ā€¢ Host of Tradecraft Security Weekly ā€¢ Host of CoinSec Podcast ā€¢ Avid OWA enthusiast
Ā© Black Hills Information Security @BHInfoSecurity Attack Surface Recon External Host Discovery
Ā© Black Hills Information Security @BHInfoSecurity Scratching the Surface ā€¢ 1st step in any operation = Recon ā€¢ Build a solid target list ā€¢ Gain understanding around technologies used ā€¢ Can you determine what is used for: ā€¢ Remote access ā€¢ Email access ā€¢ Security products
Ā© Black Hills Information Security @BHInfoSecurity TLDs and Subdomains ā€¢ Utilize search engines and ā€œdorkingā€ ā€¢ Google ā€¢ Bing ā€¢ Baidu ā€¢ DuckDuckGo ā€¢ Recon-NG Modules ā€¢ recon/domains-hosts/bing_domain_api ā€¢ recon/domains-hosts/google_site_web
Ā© Black Hills Information Security @BHInfoSecurity Netblocks ā€¢ ASN / Netblock Discovery ā€¢ https://bgp.he.net ā€¢ https://mxtoolbox.com/arin.aspx ā€¢ Regional Internet Registry Search ā€¢ https://whois.arin.net ā€¢ Also AFRNIC, APNIC, LACNIC, and RIPE ā€¢ Recon-NG Module ā€¢ recon/companies-multi/whois_miner
Ā© Black Hills Information Security @BHInfoSecurity TLDs and Subdomains ā€¢ Subdomain Discovery ā€¢ shodan.io - recon/domains-hosts/shodan_hostname ā€¢ censys.io - recon/netblocks-ports/censysio ā€¢ dnsdumpster.com ā€¢ hackertarget.com - recon/domains-hosts/hackertarget ā€¢ threatcrowd.org - recon/domains-hosts/threatcrowd ā€¢ Subdomain bruteforcing - recon/domains-hosts/brute_hosts
Ā© Black Hills Information Security @BHInfoSecurity TLDs and Subdomains ā€¢ Additional TLD and Subdomain Discovery ā€¢ crt.sh ā€¢ Search netblocks on shodan.io ā€¢ Rinse and repeat with new TLDs and netblocks ā€¢ Recon-NG Modules ā€¢ recon/domains-hosts/certificate_transparency ā€¢ recon/netblocks-hosts/shodan_net
Ā© Black Hills Information Security @BHInfoSecurity Cloud Services ā€¢ Microsoft Services ā€¢ O365 - Go to outlook.office365.com and try authenticating with test@targetdomainname.com ā€¢ SharePoint - Check companyname.sharepoint.com ā€¢ Find Skype4Business - lyncdiscover.targetdomaindomain.com
Ā© Black Hills Information Security @BHInfoSecurity Cloud Services ā€¢ Google ā€¢ Try authenticating with a valid company email address at Gmail ā€¢ Box.com ā€¢ Try https://companyname.account.box.com ā€¢ Amazon AWS ā€¢ Look to see where web resources are being loaded. Potentially pointing to S3 buckets.
Ā© Black Hills Information Security @BHInfoSecurity Portal to Pwnage Discovering Login Forms and Other Interesting Files
Ā© Black Hills Information Security @BHInfoSecurity Active Portal Discovery ā€¢ Actively scan to locate web services ā€¢ Portscan domain list on common web ports (80, 443, 2381, 8080, 8443, 10000, etc.) ā€¢ Could manually review results navigating to each service with a browserā€¦ ā€¢ Orā€¦
Ā© Black Hills Information Security @BHInfoSecurity Active Portal Discovery ā€¢ Screenshot webapps with EyeWitness by Chris Truncer ā€¢ https://github.com/FortyNorthSecurity/EyeWit ness ā€¢ Quickly analyze many portals ā€¢ Groups common web responses ā€¢ I like to make a secondary list of interesting web servers as I go through the results
Ā© Black Hills Information Security @BHInfoSecurity Interesting File/Dir Discovery ā€¢ Directory/File bruteforcing at scale with Brute-Fruit ā€¢ Module in Find-Fruit PowerShell script ā€¢ https://github.com/rvrsh3ll/Misc-Powershell- Scripts/blob/master/Find-Fruit.ps1 ā€¢ Use file list + web server list ā€¢ Discover interesting portals and pages
Ā© Black Hills Information Security @BHInfoSecurity BruteFruit Demo
Ā© Black Hills Information Security @BHInfoSecurity Remotely Gathering Internal Domain Information ā€œThe more you know!ā€
Ā© Black Hills Information Security @BHInfoSecurity Info Disclosure FTW ā€¢ Information disclosure vulns = Low ā€¦in most cases ā€¢ But they are Critical to an attackers methodology ā€¢ In order to successfully perform password attacks we need to be confident about two things: ā€¢ Username format ā€¢ Probability most users can authenticate
Ā© Black Hills Information Security @BHInfoSecurity Discovering Username Schema ā€¢ User Enumeration Vulns ā€¢ Some applications will let you know a username is valid or not on login ā€¢ Microsoft OWA response time vuln ā€¢ MailSniper Invoke- UsernameHarvestOWA module
Ā© Black Hills Information Security @BHInfoSecurity Discovering Username Schema ā€¢ Metadata attached to files (PDF, DOCX, XLSX, etc.) ā€¢ PowerMeta ā€“ Search for publicly available files hosted by a company, then extract metadata from each file ā€¢ https://github.com/dafthack/PowerMeta
Ā© Black Hills Information Security @BHInfoSecurity One Problem ā€¢ Servers can detect IP activity ā€¢ Servers will block requests ā€¢ How can we avoid detection? ā€¢ Would be nice to rotate IPs! ā€¢ SOCKS? ProxyCannon? CredKing? ā€¢ All have limits or are expensive ļŒ ā€¢ Hmmmā€¦
Ā© Black Hills Information Security @BHInfoSecurity Introducing FireProx
Ā© Black Hills Information Security @BHInfoSecurity FireProx ā€¢ Rotates IP with every request! ļŠ ā€¢ Leverages AWS API Gateway ā€¢ HTTP Pass-through proxy ā€¢ Point FireProx at URL and go! ā€¢ Scrape, Spray, or Crawl ā€¢ Avoid CAPTCHA and WAF restrictions ā€¢ Downside: X-Forwarded-For sent ļŒ
Ā© Black Hills Information Security @BHInfoSecurity FireProx Demo
Ā© Black Hills Information Security @BHInfoSecurity So farā€¦ ā€¢ Weā€™ve found great hosts and portals ā€¢ Weā€™ve identified running services ā€¢ Weā€™ve got target servers in sight ā€¢ ā€¦ we just need to find employees ā€¢ ā€¦ but can we change our attacks?
Ā© Black Hills Information Security @BHInfoSecurity Introducing Social Trust Attacks
Ā© Black Hills Information Security @BHInfoSecurity Social Trust Attacks ā€¢ Breaching organizations w/ employee personal data ā€¢ Employees arenā€™t trained on personalized attacks ļŒ ā€¢ New type of spear-phishing/SE ā€¢ New type of password attacks ā€¢ What ifā€¦ ā€¢ We get personal information of employees? ā€¢ We get personal relationships of employees? ā€¢ We get personal emails of employees?
Ā© Black Hills Information Security @BHInfoSecurity Discover Employees ā€¢ Nothing new hereā€¦ except more data ā€¢ LinkedIn scraping company employees ā€¢ Profile URLs from Google/Bing/etc ā€¢ site:linkedin.com/in/ ā€œcompany nameā€ ā€¢ Grab: ā€¢ first name & last name ā€¢ city & state
Ā© Black Hills Information Security @BHInfoSecurity Email Formatting ā€¢ Hunter.io is great for learning format ā€¢ RocketReach.co is good too ā€¢ Combine names into company format ā€¢ EmailAddressMangler on GitHub ā€¢ ā€¦ now we have company email!
Ā© Black Hills Information Security @BHInfoSecurity Need moar data!@# ā€¢ Can we get PII/personal emails of employees? ā€¢ Can we learn their relationships? ā€¢ People Data Brokers give us everything! ā€¢ They buy, sell, trade, and give our data at scale ā€¢ They collect and aggregate our public data ā€¢ i.e. https://www.truepeoplesearch.com/ ā€¢ Query people sites using name & location ā€¢ Now we have PII, personal emails, & relationships
Ā© Black Hills Information Security @BHInfoSecurity People Sites.. Opt Out (or abuse)! ā€¢ http://www.peoplefinders.com/ ā€¢ http://www.whitepages.com/ ā€¢ http://www.spokeo.com/ ā€¢ http://www.instantcheckmate.com/ ā€¢ http://www.intelius.com/ ā€¢ http://www.peoplesmart.com/ ā€¢ http://www.mylife.com/ ā€¢ http://www.peekyou.com/ ā€¢ http://www.pipl.com/ ā€¢ http://www.radaris.com/ ā€¢ http://www.411.com/ ā€¢ http://www.switchboard.com/ ā€¢ http://www.peeplo.com/ ā€¢ http://www.zabasearch.com/ ā€¢ http://www.anywho.com/ ā€¢ https://truepeoplesearch.com/ ā€¢ https://www.fastpeoplesearch.com/ SCREENSHOT THIS ļŠ
Ā© Black Hills Information Security @BHInfoSecurity Thereā€™s way more ļŒ ā€¢ People Data ā€¢ Business Data ā€¢ Census Data ā€¢ Criminal Data ā€¢ Debt Data ā€¢ Domain Data ā€¢ Eviction Data ā€¢ Foreclosure Data ā€¢ Property Data ā€¢ Phone Data ā€¢ Work Data ā€¢ Marriage Data ā€¢ Divorce Data
Ā© Black Hills Information Security @BHInfoSecurity Personal Password Attacks
Ā© Black Hills Information Security @BHInfoSecurity Personal Passwords Reconciled ā€¢ Using personal emails search breach database ā€¢ i.e. Collection #1 - #5 ā€¢ Get passwords for personal emails ā€¢ Reconcile passwords to corporate accounts ā€¢ Use personal passwords on corporate portals ā€¢ Password reuse problems is a huge problem!
Ā© Black Hills Information Security @BHInfoSecurity Personal Passwords Reconciled
Ā© Black Hills Information Security @BHInfoSecurity Attack Path 1. Find portals 2. Scrape employee name/location 3. Format corporate emails 4. Scrape people sites 5. Get personal passwords 6. Reconcile accounts 7. Use personal passwords w/ corporate email on portals PROFIT!
Ā© Black Hills Information Security @BHInfoSecurity How to Prepare & Prevent QUIT RE-USING PASSWORDS!
Ā© Black Hills Information Security @BHInfoSecurity Social Trust Attacks
Ā© Black Hills Information Security @BHInfoSecurity Social Trust Attacks ā€¢ Incorporate personal info in phish ā€¢ Leverage known relationships ā€¢ Doppel ganging as known contact ā€¢ Can come from non-corp domain ā€¢ High quality personalization!
Ā© Black Hills Information Security @BHInfoSecurity Personal Data Prepared ā€¢ The amount of data is staggering ā€¢ Sites retrieve more data then UI shows ā€¢ All names, aliases, previous names and dates ā€¢ Date of birth / Age ā€¢ Living vs Deceased ā€¢ Current & Previous Addresses w/ Dates & Geo ā€¢ Current & Previous Phones w/ Dates & Telco/Geo ā€¢ Neighbors & Neighborhood Info ā€¢ Email Addresses ā€¢ Relatives & Relative Type w/ DOB ā€¢ Associates w/ DOB ā€¢ Voter Records ā€¢ Employment History
Ā© Black Hills Information Security @BHInfoSecurity Fast People Search
Ā© Black Hills Information Security @BHInfoSecurity Exaggeratedā€¦ Personalized Phish Hey <first name>! How have you been? Itā€™s <associate first name> from <previous city>. I havenā€™t talked to you since you lived over on <previous street name>! I tried calling <previous phone number> but it said it was disconnected. Hope you donā€™t mind me emailing you at work. I was trying to reach out to see if you heard the news about <mutual associate name>? I couldnā€™t believe it when I heard the news and then I read the news article <phishing link> and was convinced it was true. Anyhow, I hope you are well. Feel free to email me when you get some time. - <associate first name> <associate last name>
Ā© Black Hills Information Security @BHInfoSecurity How to Prepare & Prevent ā€¢ Reduce your digital footprint ā€¢ Watch for personal emails @ work ā€¢ Start opting out everywhere ā€¢ Vermont data brokers search ā€¢ https://www.vtsosonline.com/online/BusinessInquire/ ā€¢ Become an EU resident! ā€¢ Estonia eResident program ā€¢ https://e-resident.gov.ee/ ā€¢ GDPR Erasure clauses
Ā© Black Hills Information Security @BHInfoSecurity Questions ā€¢ Black Hills Information Security ā€¢ http://www.blackhillsinfosec.com ā€¢ @BHInfoSecurity ā€¢ Beau Bullock @dafthack ā€¢ Mike Felch @ustayready Mikeā€™s journey reducing data (leaving Google services) ā€¢ https://www.blackhillsinfosec.com/how-to-purge-google-and-start-over-part-1/ ā€¢ https://www.blackhillsinfosec.com/how-to-purge-google-and-start-over-part-2/

Empfohlen

Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)Beau Bullock
Ā 
Travelocalypse: It's Dangerous Business, Hacker, Going Out Your Front Door
Travelocalypse: It's Dangerous Business, Hacker, Going Out Your Front DoorTravelocalypse: It's Dangerous Business, Hacker, Going Out Your Front Door
Travelocalypse: It's Dangerous Business, Hacker, Going Out Your Front DoorBeau Bullock
Ā 
Getting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureGetting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureBeau Bullock
Ā 
OK Google, How Do I Red Team GSuite?
OK Google, How Do I Red Team GSuite?OK Google, How Do I Red Team GSuite?
OK Google, How Do I Red Team GSuite?Beau Bullock
Ā 
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...Beau Bullock
Ā 
Security vulnerabilities decomposition
Security vulnerabilities decompositionSecurity vulnerabilities decomposition
Security vulnerabilities decompositionKaty Anton
Ā 
Red Team Apocalypse
Red Team ApocalypseRed Team Apocalypse
Red Team ApocalypseBeau Bullock
Ā 
A Google Event You Won't Forget
A Google Event You Won't ForgetA Google Event You Won't Forget
A Google Event You Won't ForgetBeau Bullock
Ā 

Empfohlen

Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)Beau Bullock
Ā 
Travelocalypse: It's Dangerous Business, Hacker, Going Out Your Front Door
Travelocalypse: It's Dangerous Business, Hacker, Going Out Your Front DoorTravelocalypse: It's Dangerous Business, Hacker, Going Out Your Front Door
Travelocalypse: It's Dangerous Business, Hacker, Going Out Your Front DoorBeau Bullock
Ā 
Getting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureGetting Started in Pentesting the Cloud: Azure
Getting Started in Pentesting the Cloud: AzureBeau Bullock
Ā 
OK Google, How Do I Red Team GSuite?
OK Google, How Do I Red Team GSuite?OK Google, How Do I Red Team GSuite?
OK Google, How Do I Red Team GSuite?Beau Bullock
Ā 
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft ā€œf...Beau Bullock
Ā 
Security vulnerabilities decomposition
Security vulnerabilities decompositionSecurity vulnerabilities decomposition
Security vulnerabilities decompositionKaty Anton
Ā 
Red Team Apocalypse
Red Team ApocalypseRed Team Apocalypse
Red Team ApocalypseBeau Bullock
Ā 
A Google Event You Won't Forget
A Google Event You Won't ForgetA Google Event You Won't Forget
A Google Event You Won't ForgetBeau Bullock
Ā 
Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t Happen
Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t HappenShopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t Happen
Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t HappenGreg Castle
Ā 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsA Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsBeau Bullock
Ā 
OAuth 2.0 Security Reinforced
OAuth 2.0 Security ReinforcedOAuth 2.0 Security Reinforced
OAuth 2.0 Security ReinforcedTorsten Lodderstedt
Ā 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Security Conference
Ā 
How to Build Your Own Physical Pentesting Go-bag
How to Build Your Own Physical Pentesting Go-bagHow to Build Your Own Physical Pentesting Go-bag
How to Build Your Own Physical Pentesting Go-bagBeau Bullock
Ā 
Fade from Whitehat... to Black
Fade from Whitehat... to BlackFade from Whitehat... to Black
Fade from Whitehat... to BlackBeau Bullock
Ā 
Troopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouTroopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouDouglas Bienstock
Ā 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudBen Johnson
Ā 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema
Ā 
Mobile Application Scan and Testing
Mobile Application Scan and TestingMobile Application Scan and Testing
Mobile Application Scan and TestingBlueinfy Solutions
Ā 
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFOWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFBrian Huff
Ā 
Security Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up SecuritySecurity Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up SecurityChristopher Grayson
Ā 
The Power of Social Login
The Power of Social LoginThe Power of Social Login
The Power of Social LoginMichele Leroux Bustamante
Ā 
Devbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityDevbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityMichael Coates
Ā 
How an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsHow an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsSecurity Innovation
Ā 
Top 10 Threats to Cloud Security
Top 10 Threats to Cloud SecurityTop 10 Threats to Cloud Security
Top 10 Threats to Cloud SecuritySBWebinars
Ā 
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris GoosenO365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris GoosenNCCOMMS
Ā 
presentation
presentationpresentation
presentationaaron bishop
Ā 
Secure Web Services
Secure Web ServicesSecure Web Services
Secure Web ServicesRob Daigneau
Ā 
Joe Gelb: Taxonomy and Delivery
Joe Gelb: Taxonomy and DeliveryJoe Gelb: Taxonomy and Delivery
Joe Gelb: Taxonomy and DeliveryJack Molisani
Ā 
Red Team Tactics for Cracking the GSuite Perimeter
Red Team Tactics for Cracking the GSuite PerimeterRed Team Tactics for Cracking the GSuite Perimeter
Red Team Tactics for Cracking the GSuite PerimeterMike Felch
Ā 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?Precisely
Ā 

Weitere Ƥhnliche Inhalte

Was ist angesagt?

Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t Happen
Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t HappenShopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t Happen
Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t HappenGreg Castle
Ā 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsA Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsBeau Bullock
Ā 
OAuth 2.0 Security Reinforced
OAuth 2.0 Security ReinforcedOAuth 2.0 Security Reinforced
OAuth 2.0 Security ReinforcedTorsten Lodderstedt
Ā 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Security Conference
Ā 
How to Build Your Own Physical Pentesting Go-bag
How to Build Your Own Physical Pentesting Go-bagHow to Build Your Own Physical Pentesting Go-bag
How to Build Your Own Physical Pentesting Go-bagBeau Bullock
Ā 
Fade from Whitehat... to Black
Fade from Whitehat... to BlackFade from Whitehat... to Black
Fade from Whitehat... to BlackBeau Bullock
Ā 
Troopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouTroopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouDouglas Bienstock
Ā 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudBen Johnson
Ā 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema
Ā 
Mobile Application Scan and Testing
Mobile Application Scan and TestingMobile Application Scan and Testing
Mobile Application Scan and TestingBlueinfy Solutions
Ā 
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFOWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFBrian Huff
Ā 
Security Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up SecuritySecurity Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up SecurityChristopher Grayson
Ā 
Devbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityDevbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityMichael Coates
Ā 
How an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsHow an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsSecurity Innovation
Ā 
Top 10 Threats to Cloud Security
Top 10 Threats to Cloud SecurityTop 10 Threats to Cloud Security
Top 10 Threats to Cloud SecuritySBWebinars
Ā 
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris GoosenO365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris GoosenNCCOMMS
Ā 
presentation
presentationpresentation
presentationaaron bishop
Ā 
Secure Web Services
Secure Web ServicesSecure Web Services
Secure Web ServicesRob Daigneau
Ā 
Joe Gelb: Taxonomy and Delivery
Joe Gelb: Taxonomy and DeliveryJoe Gelb: Taxonomy and Delivery
Joe Gelb: Taxonomy and DeliveryJack Molisani
Ā 

Was ist angesagt? (20)

Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t Happen
Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t HappenShopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t Happen
Shopifyā€™s $25k Bug Report, and the Cluster Takeover That Didnā€™t Happen
Ā 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsA Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
Ā 
OAuth 2.0 Security Reinforced
OAuth 2.0 Security ReinforcedOAuth 2.0 Security Reinforced
OAuth 2.0 Security Reinforced
Ā 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
Ā 
How to Build Your Own Physical Pentesting Go-bag
How to Build Your Own Physical Pentesting Go-bagHow to Build Your Own Physical Pentesting Go-bag
How to Build Your Own Physical Pentesting Go-bag
Ā 
Fade from Whitehat... to Black
Fade from Whitehat... to BlackFade from Whitehat... to Black
Fade from Whitehat... to Black
Ā 
Troopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouTroopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can You
Ā 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the Cloud
Ā 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
Ā 
Mobile Application Scan and Testing
Mobile Application Scan and TestingMobile Application Scan and Testing
Mobile Application Scan and Testing
Ā 
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFOWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
Ā 
Security Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up SecuritySecurity Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up Security
Ā 
The Power of Social Login
The Power of Social LoginThe Power of Social Login
The Power of Social Login
Ā 
Devbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityDevbeat Conference - Developer First Security
Devbeat Conference - Developer First Security
Ā 
How an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software SystemsHow an Attacker "Audits" Your Software Systems
How an Attacker "Audits" Your Software Systems
Ā 
Top 10 Threats to Cloud Security
Top 10 Threats to Cloud SecurityTop 10 Threats to Cloud Security
Top 10 Threats to Cloud Security
Ā 
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris GoosenO365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
Ā 
presentation
presentationpresentation
presentation
Ā 
Secure Web Services
Secure Web ServicesSecure Web Services
Secure Web Services
Ā 
Joe Gelb: Taxonomy and Delivery
Joe Gelb: Taxonomy and DeliveryJoe Gelb: Taxonomy and Delivery
Joe Gelb: Taxonomy and Delivery
Ā 

Ƅhnlich wie Weaponizing Corporate Intel: This Time, It's Personal!

Red Team Tactics for Cracking the GSuite Perimeter
Red Team Tactics for Cracking the GSuite PerimeterRed Team Tactics for Cracking the GSuite Perimeter
Red Team Tactics for Cracking the GSuite PerimeterMike Felch
Ā 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?Precisely
Ā 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
Ā 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
Ā 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control DBmaestro - Database DevOps
Ā 
Plain talk about security public - ms1
Plain talk about security public - ms1Plain talk about security public - ms1
Plain talk about security public - ms1Mike Stone
Ā 
You Are The Weakest Link: Attacking Organizations Through the Human Element
You Are The Weakest Link: Attacking Organizations Through the Human ElementYou Are The Weakest Link: Attacking Organizations Through the Human Element
You Are The Weakest Link: Attacking Organizations Through the Human ElementSavannah Lazzara
Ā 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityEric Kavanagh
Ā 
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Blueinfy Solutions
Ā 
iOS Application Security Testing
iOS Application Security TestingiOS Application Security Testing
iOS Application Security TestingBlueinfy Solutions
Ā 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag501 Commons
Ā 
Security for Enterprise Search : SearchBlox
Security for Enterprise Search : SearchBloxSecurity for Enterprise Search : SearchBlox
Security for Enterprise Search : SearchBloxTimo Selvaraj
Ā 
So whats in a password
So whats in a passwordSo whats in a password
So whats in a passwordRob Gillen
Ā 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldShannon Lietz
Ā 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputSilas Cutler
Ā 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19TechSoup
Ā 
Modern Web Security
Modern Web SecurityModern Web Security
Modern Web SecurityBill Condo
Ā 
Danger! Danger! Your Mobile Applications Are Not Secure
Danger! Danger! Your Mobile Applications Are Not SecureDanger! Danger! Your Mobile Applications Are Not Secure
Danger! Danger! Your Mobile Applications Are Not SecureTechWell
Ā 
Trust in a Digital World
Trust in a Digital WorldTrust in a Digital World
Trust in a Digital Worlditnewsafrica
Ā 

Ƅhnlich wie Weaponizing Corporate Intel: This Time, It's Personal! (20)

Red Team Tactics for Cracking the GSuite Perimeter
Red Team Tactics for Cracking the GSuite PerimeterRed Team Tactics for Cracking the GSuite Perimeter
Red Team Tactics for Cracking the GSuite Perimeter
Ā 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?
Ā 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
Ā 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
Ā 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control
Ā 
Plain talk about security public - ms1
Plain talk about security public - ms1Plain talk about security public - ms1
Plain talk about security public - ms1
Ā 
You Are The Weakest Link: Attacking Organizations Through the Human Element
You Are The Weakest Link: Attacking Organizations Through the Human ElementYou Are The Weakest Link: Attacking Organizations Through the Human Element
You Are The Weakest Link: Attacking Organizations Through the Human Element
Ā 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and Security
Ā 
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013
Ā 
iOS Application Security Testing
iOS Application Security TestingiOS Application Security Testing
iOS Application Security Testing
Ā 
Android attacks
Android attacksAndroid attacks
Android attacks
Ā 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag
Ā 
Security for Enterprise Search : SearchBlox
Security for Enterprise Search : SearchBloxSecurity for Enterprise Search : SearchBlox
Security for Enterprise Search : SearchBlox
Ā 
So whats in a password
So whats in a passwordSo whats in a password
So whats in a password
Ā 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps World
Ā 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutput
Ā 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Ā 
Modern Web Security
Modern Web SecurityModern Web Security
Modern Web Security
Ā 
Danger! Danger! Your Mobile Applications Are Not Secure
Danger! Danger! Your Mobile Applications Are Not SecureDanger! Danger! Your Mobile Applications Are Not Secure
Danger! Danger! Your Mobile Applications Are Not Secure
Ā 
Trust in a Digital World
Trust in a Digital WorldTrust in a Digital World
Trust in a Digital World
Ā 

Mehr von Beau Bullock

Getting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract AuditingGetting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract AuditingBeau Bullock
Ā 
Red Team Apocalypse - BSides Peru (En espaƱol)
Red Team Apocalypse - BSides Peru (En espaƱol)Red Team Apocalypse - BSides Peru (En espaƱol)
Red Team Apocalypse - BSides Peru (En espaƱol)Beau Bullock
Ā 
Pwning the Enterprise With PowerShell
Pwning the Enterprise With PowerShellPwning the Enterprise With PowerShell
Pwning the Enterprise With PowerShellBeau Bullock
Ā 
Pentest Apocalypse - SANSFIRE 2016 Edition
Pentest Apocalypse - SANSFIRE 2016 EditionPentest Apocalypse - SANSFIRE 2016 Edition
Pentest Apocalypse - SANSFIRE 2016 EditionBeau Bullock
Ā 
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beau Bullock
Ā 
Pentest Apocalypse
Pentest ApocalypsePentest Apocalypse
Pentest ApocalypseBeau Bullock
Ā 

Mehr von Beau Bullock (6)

Getting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract AuditingGetting Started in Blockchain Security and Smart Contract Auditing
Getting Started in Blockchain Security and Smart Contract Auditing
Ā 
Red Team Apocalypse - BSides Peru (En espaƱol)
Red Team Apocalypse - BSides Peru (En espaƱol)Red Team Apocalypse - BSides Peru (En espaƱol)
Red Team Apocalypse - BSides Peru (En espaƱol)
Ā 
Pwning the Enterprise With PowerShell
Pwning the Enterprise With PowerShellPwning the Enterprise With PowerShell
Pwning the Enterprise With PowerShell
Ā 
Pentest Apocalypse - SANSFIRE 2016 Edition
Pentest Apocalypse - SANSFIRE 2016 EditionPentest Apocalypse - SANSFIRE 2016 Edition
Pentest Apocalypse - SANSFIRE 2016 Edition
Ā 
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Ā 
Pentest Apocalypse
Pentest ApocalypsePentest Apocalypse
Pentest Apocalypse
Ā 

KĆ¼rzlich hochgeladen

ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...
ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...
ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...Diya Sharma
Ā 
Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.soniya singh
Ā 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
Ā 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
Ā 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
Ā 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
Ā 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
Ā 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...SUHANI PANDEY
Ā 
Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
Ā 
Busty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort Service
Busty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort ServiceBusty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort Service
Busty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort ServiceDelhi Call girls
Ā 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
Ā 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
Ā 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
Ā 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
Ā 
Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
Ā 
Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...Sheetaleventcompany
Ā 

KĆ¼rzlich hochgeladen (20)

ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...
ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...
ā‚¹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] šŸ”|97111...
Ā 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
Ā 
Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Ā 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Ā 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
Ā 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Ā 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Ā 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ā 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Ā 
Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Sukhdev Vihar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Defence Colony Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Ā 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Ā 
Busty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort Service
Busty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort ServiceBusty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort Service
Busty Desiāš”Call Girls in Vasundhara Ghaziabad >ą¼’8448380779 Escort Service
Ā 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Ā 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
Ā 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Ā 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Ā 
Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Ā 
Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ā¤ļø 7710465962 Independent Call Girls In C...
Ā 

Weaponizing Corporate Intel: This Time, It's Personal!

  • 1. Ā© Black Hills Information Security @BHInfoSecurity Weaponizing Corporate Intel Beau Bullock (@dafthack) Mike Felch (@ustayready) This Time, Itā€™s Personal!
  • 2. Ā© Black Hills Information Security @BHInfoSecurity Overview ā€¢ This is an OSINT / Recon talk! We are going to cover stuff you might already know as well as some brand new techniques! ā€¢ Going from zero knowledge of an organization to stalker status ā€¢ External resource targeting (w/ less attribution) ā€¢ Internal employee targeting (at a personal level) ā€¢ Advanced password stuffing attacks ā€¢ Out-of-Band Phishing
  • 3. Ā© Black Hills Information Security @BHInfoSecurity About Us ā€¢ Mike Felch - @ustayready ā€¢ Pentest / Red team at BHIS ā€¢ Involved w/ OWASP Orlando ā€¢ Host of Tradecraft Security Weekly ā€¢ Host of CoinSec Podcast ā€¢ Beau Bullock - @dafthack ā€¢ Pentest / Red team at BHIS ā€¢ Host of Tradecraft Security Weekly ā€¢ Host of CoinSec Podcast ā€¢ Avid OWA enthusiast
  • 4. Ā© Black Hills Information Security @BHInfoSecurity Attack Surface Recon External Host Discovery
  • 5. Ā© Black Hills Information Security @BHInfoSecurity Scratching the Surface ā€¢ 1st step in any operation = Recon ā€¢ Build a solid target list ā€¢ Gain understanding around technologies used ā€¢ Can you determine what is used for: ā€¢ Remote access ā€¢ Email access ā€¢ Security products
  • 6. Ā© Black Hills Information Security @BHInfoSecurity TLDs and Subdomains ā€¢ Utilize search engines and ā€œdorkingā€ ā€¢ Google ā€¢ Bing ā€¢ Baidu ā€¢ DuckDuckGo ā€¢ Recon-NG Modules ā€¢ recon/domains-hosts/bing_domain_api ā€¢ recon/domains-hosts/google_site_web
  • 7. Ā© Black Hills Information Security @BHInfoSecurity Netblocks ā€¢ ASN / Netblock Discovery ā€¢ https://bgp.he.net ā€¢ https://mxtoolbox.com/arin.aspx ā€¢ Regional Internet Registry Search ā€¢ https://whois.arin.net ā€¢ Also AFRNIC, APNIC, LACNIC, and RIPE ā€¢ Recon-NG Module ā€¢ recon/companies-multi/whois_miner
  • 8. Ā© Black Hills Information Security @BHInfoSecurity TLDs and Subdomains ā€¢ Subdomain Discovery ā€¢ shodan.io - recon/domains-hosts/shodan_hostname ā€¢ censys.io - recon/netblocks-ports/censysio ā€¢ dnsdumpster.com ā€¢ hackertarget.com - recon/domains-hosts/hackertarget ā€¢ threatcrowd.org - recon/domains-hosts/threatcrowd ā€¢ Subdomain bruteforcing - recon/domains-hosts/brute_hosts
  • 9. Ā© Black Hills Information Security @BHInfoSecurity TLDs and Subdomains ā€¢ Additional TLD and Subdomain Discovery ā€¢ crt.sh ā€¢ Search netblocks on shodan.io ā€¢ Rinse and repeat with new TLDs and netblocks ā€¢ Recon-NG Modules ā€¢ recon/domains-hosts/certificate_transparency ā€¢ recon/netblocks-hosts/shodan_net
  • 10. Ā© Black Hills Information Security @BHInfoSecurity Cloud Services ā€¢ Microsoft Services ā€¢ O365 - Go to outlook.office365.com and try authenticating with test@targetdomainname.com ā€¢ SharePoint - Check companyname.sharepoint.com ā€¢ Find Skype4Business - lyncdiscover.targetdomaindomain.com
  • 11. Ā© Black Hills Information Security @BHInfoSecurity Cloud Services ā€¢ Google ā€¢ Try authenticating with a valid company email address at Gmail ā€¢ Box.com ā€¢ Try https://companyname.account.box.com ā€¢ Amazon AWS ā€¢ Look to see where web resources are being loaded. Potentially pointing to S3 buckets.
  • 12. Ā© Black Hills Information Security @BHInfoSecurity Portal to Pwnage Discovering Login Forms and Other Interesting Files
  • 13. Ā© Black Hills Information Security @BHInfoSecurity Active Portal Discovery ā€¢ Actively scan to locate web services ā€¢ Portscan domain list on common web ports (80, 443, 2381, 8080, 8443, 10000, etc.) ā€¢ Could manually review results navigating to each service with a browserā€¦ ā€¢ Orā€¦
  • 14. Ā© Black Hills Information Security @BHInfoSecurity Active Portal Discovery ā€¢ Screenshot webapps with EyeWitness by Chris Truncer ā€¢ https://github.com/FortyNorthSecurity/EyeWit ness ā€¢ Quickly analyze many portals ā€¢ Groups common web responses ā€¢ I like to make a secondary list of interesting web servers as I go through the results
  • 15. Ā© Black Hills Information Security @BHInfoSecurity Interesting File/Dir Discovery ā€¢ Directory/File bruteforcing at scale with Brute-Fruit ā€¢ Module in Find-Fruit PowerShell script ā€¢ https://github.com/rvrsh3ll/Misc-Powershell- Scripts/blob/master/Find-Fruit.ps1 ā€¢ Use file list + web server list ā€¢ Discover interesting portals and pages
  • 16. Ā© Black Hills Information Security @BHInfoSecurity BruteFruit Demo
  • 17. Ā© Black Hills Information Security @BHInfoSecurity Remotely Gathering Internal Domain Information ā€œThe more you know!ā€
  • 18. Ā© Black Hills Information Security @BHInfoSecurity Info Disclosure FTW ā€¢ Information disclosure vulns = Low ā€¦in most cases ā€¢ But they are Critical to an attackers methodology ā€¢ In order to successfully perform password attacks we need to be confident about two things: ā€¢ Username format ā€¢ Probability most users can authenticate
  • 19. Ā© Black Hills Information Security @BHInfoSecurity Discovering Username Schema ā€¢ User Enumeration Vulns ā€¢ Some applications will let you know a username is valid or not on login ā€¢ Microsoft OWA response time vuln ā€¢ MailSniper Invoke- UsernameHarvestOWA module
  • 20. Ā© Black Hills Information Security @BHInfoSecurity Discovering Username Schema ā€¢ Metadata attached to files (PDF, DOCX, XLSX, etc.) ā€¢ PowerMeta ā€“ Search for publicly available files hosted by a company, then extract metadata from each file ā€¢ https://github.com/dafthack/PowerMeta
  • 21. Ā© Black Hills Information Security @BHInfoSecurity One Problem ā€¢ Servers can detect IP activity ā€¢ Servers will block requests ā€¢ How can we avoid detection? ā€¢ Would be nice to rotate IPs! ā€¢ SOCKS? ProxyCannon? CredKing? ā€¢ All have limits or are expensive ļŒ ā€¢ Hmmmā€¦
  • 22. Ā© Black Hills Information Security @BHInfoSecurity Introducing FireProx
  • 23. Ā© Black Hills Information Security @BHInfoSecurity FireProx ā€¢ Rotates IP with every request! ļŠ ā€¢ Leverages AWS API Gateway ā€¢ HTTP Pass-through proxy ā€¢ Point FireProx at URL and go! ā€¢ Scrape, Spray, or Crawl ā€¢ Avoid CAPTCHA and WAF restrictions ā€¢ Downside: X-Forwarded-For sent ļŒ
  • 24. Ā© Black Hills Information Security @BHInfoSecurity FireProx Demo
  • 25. Ā© Black Hills Information Security @BHInfoSecurity So farā€¦ ā€¢ Weā€™ve found great hosts and portals ā€¢ Weā€™ve identified running services ā€¢ Weā€™ve got target servers in sight ā€¢ ā€¦ we just need to find employees ā€¢ ā€¦ but can we change our attacks?
  • 26. Ā© Black Hills Information Security @BHInfoSecurity Introducing Social Trust Attacks
  • 27. Ā© Black Hills Information Security @BHInfoSecurity Social Trust Attacks ā€¢ Breaching organizations w/ employee personal data ā€¢ Employees arenā€™t trained on personalized attacks ļŒ ā€¢ New type of spear-phishing/SE ā€¢ New type of password attacks ā€¢ What ifā€¦ ā€¢ We get personal information of employees? ā€¢ We get personal relationships of employees? ā€¢ We get personal emails of employees?
  • 28. Ā© Black Hills Information Security @BHInfoSecurity Discover Employees ā€¢ Nothing new hereā€¦ except more data ā€¢ LinkedIn scraping company employees ā€¢ Profile URLs from Google/Bing/etc ā€¢ site:linkedin.com/in/ ā€œcompany nameā€ ā€¢ Grab: ā€¢ first name & last name ā€¢ city & state
  • 29. Ā© Black Hills Information Security @BHInfoSecurity Email Formatting ā€¢ Hunter.io is great for learning format ā€¢ RocketReach.co is good too ā€¢ Combine names into company format ā€¢ EmailAddressMangler on GitHub ā€¢ ā€¦ now we have company email!
  • 30. Ā© Black Hills Information Security @BHInfoSecurity Need moar data!@# ā€¢ Can we get PII/personal emails of employees? ā€¢ Can we learn their relationships? ā€¢ People Data Brokers give us everything! ā€¢ They buy, sell, trade, and give our data at scale ā€¢ They collect and aggregate our public data ā€¢ i.e. https://www.truepeoplesearch.com/ ā€¢ Query people sites using name & location ā€¢ Now we have PII, personal emails, & relationships
  • 31. Ā© Black Hills Information Security @BHInfoSecurity People Sites.. Opt Out (or abuse)! ā€¢ http://www.peoplefinders.com/ ā€¢ http://www.whitepages.com/ ā€¢ http://www.spokeo.com/ ā€¢ http://www.instantcheckmate.com/ ā€¢ http://www.intelius.com/ ā€¢ http://www.peoplesmart.com/ ā€¢ http://www.mylife.com/ ā€¢ http://www.peekyou.com/ ā€¢ http://www.pipl.com/ ā€¢ http://www.radaris.com/ ā€¢ http://www.411.com/ ā€¢ http://www.switchboard.com/ ā€¢ http://www.peeplo.com/ ā€¢ http://www.zabasearch.com/ ā€¢ http://www.anywho.com/ ā€¢ https://truepeoplesearch.com/ ā€¢ https://www.fastpeoplesearch.com/ SCREENSHOT THIS ļŠ
  • 32. Ā© Black Hills Information Security @BHInfoSecurity Thereā€™s way more ļŒ ā€¢ People Data ā€¢ Business Data ā€¢ Census Data ā€¢ Criminal Data ā€¢ Debt Data ā€¢ Domain Data ā€¢ Eviction Data ā€¢ Foreclosure Data ā€¢ Property Data ā€¢ Phone Data ā€¢ Work Data ā€¢ Marriage Data ā€¢ Divorce Data
  • 33. Ā© Black Hills Information Security @BHInfoSecurity Personal Password Attacks
  • 34. Ā© Black Hills Information Security @BHInfoSecurity Personal Passwords Reconciled ā€¢ Using personal emails search breach database ā€¢ i.e. Collection #1 - #5 ā€¢ Get passwords for personal emails ā€¢ Reconcile passwords to corporate accounts ā€¢ Use personal passwords on corporate portals ā€¢ Password reuse problems is a huge problem!
  • 35. Ā© Black Hills Information Security @BHInfoSecurity Personal Passwords Reconciled
  • 36. Ā© Black Hills Information Security @BHInfoSecurity Attack Path 1. Find portals 2. Scrape employee name/location 3. Format corporate emails 4. Scrape people sites 5. Get personal passwords 6. Reconcile accounts 7. Use personal passwords w/ corporate email on portals PROFIT!
  • 37. Ā© Black Hills Information Security @BHInfoSecurity How to Prepare & Prevent QUIT RE-USING PASSWORDS!
  • 38. Ā© Black Hills Information Security @BHInfoSecurity Social Trust Attacks
  • 39. Ā© Black Hills Information Security @BHInfoSecurity Social Trust Attacks ā€¢ Incorporate personal info in phish ā€¢ Leverage known relationships ā€¢ Doppel ganging as known contact ā€¢ Can come from non-corp domain ā€¢ High quality personalization!
  • 40. Ā© Black Hills Information Security @BHInfoSecurity Personal Data Prepared ā€¢ The amount of data is staggering ā€¢ Sites retrieve more data then UI shows ā€¢ All names, aliases, previous names and dates ā€¢ Date of birth / Age ā€¢ Living vs Deceased ā€¢ Current & Previous Addresses w/ Dates & Geo ā€¢ Current & Previous Phones w/ Dates & Telco/Geo ā€¢ Neighbors & Neighborhood Info ā€¢ Email Addresses ā€¢ Relatives & Relative Type w/ DOB ā€¢ Associates w/ DOB ā€¢ Voter Records ā€¢ Employment History
  • 41. Ā© Black Hills Information Security @BHInfoSecurity Fast People Search
  • 42. Ā© Black Hills Information Security @BHInfoSecurity Exaggeratedā€¦ Personalized Phish Hey <first name>! How have you been? Itā€™s <associate first name> from <previous city>. I havenā€™t talked to you since you lived over on <previous street name>! I tried calling <previous phone number> but it said it was disconnected. Hope you donā€™t mind me emailing you at work. I was trying to reach out to see if you heard the news about <mutual associate name>? I couldnā€™t believe it when I heard the news and then I read the news article <phishing link> and was convinced it was true. Anyhow, I hope you are well. Feel free to email me when you get some time. - <associate first name> <associate last name>
  • 43. Ā© Black Hills Information Security @BHInfoSecurity How to Prepare & Prevent ā€¢ Reduce your digital footprint ā€¢ Watch for personal emails @ work ā€¢ Start opting out everywhere ā€¢ Vermont data brokers search ā€¢ https://www.vtsosonline.com/online/BusinessInquire/ ā€¢ Become an EU resident! ā€¢ Estonia eResident program ā€¢ https://e-resident.gov.ee/ ā€¢ GDPR Erasure clauses
  • 44. Ā© Black Hills Information Security @BHInfoSecurity Questions ā€¢ Black Hills Information Security ā€¢ http://www.blackhillsinfosec.com ā€¢ @BHInfoSecurity ā€¢ Beau Bullock @dafthack ā€¢ Mike Felch @ustayready Mikeā€™s journey reducing data (leaving Google services) ā€¢ https://www.blackhillsinfosec.com/how-to-purge-google-and-start-over-part-1/ ā€¢ https://www.blackhillsinfosec.com/how-to-purge-google-and-start-over-part-2/