This document discusses penetration testing and related topics like intelligence gathering and ethical hacking. It provides an overview of the speaker's background and experience in areas like penetration testing, exploit development, and CTF competitions. The speaker outlines their process for intelligence gathering on targets starting from open source information and extending to profiles of employees, connected companies and partners, emails, social media, and other online accounts in order to identify vulnerabilities or breaches. More information is provided on additional techniques and tools, as well as recommendations for further resources on topics like OSINT and penetration testing.
6. 6
x01 – what I do
Penetration testing is...
https://suntechnologies.com/service/security-testing/
7. 7
x01 – what I do
Penetration testing is...
https://suntechnologies.com/service/security-testing/
8. 8
x02 – Intelligence Gathering
Intelligence recon --> Open-source Intelligence --> OSINT
Public sources to get info from people, companies, usernames, etc.
Passive (semi)
12. 12
x04 – My process
From company to:
Partners
Others companies
Files
Apps
Employees
Dev? IT?
Email
Social network
Hobbies
Family
Birthdate, etc.
Breach
13. 13
x04 – My process
From company to:
Partners
Others companies
Files
Apps
Employees
Dev? IT?
Email
Social network
Hobbies
Family
Birthdate, etc.
Breach
23. 23
x04 – My process
From company to:
Partners
Others companies
Files
Apps
Employees
Dev? IT?
Email
Social network
Hobbies
Family
Birthdate, etc.
Breach
24. 24
x04 – My process
From company to:
Partners
Others companies
Files
Apps
Employees
Dev? IT?
Email
Social network
Hobbies
Family
Birthdate, etc.
Breach
27. 27
x04 – My process
From company to:
Partners
Others companies
Files
Apps
Employees
Dev? IT?
Email
Social network
Hobbies
Family
Birthdate, etc.
Breach
28. 28
x04 – My process
From company to:
Partners
Others companies
Files
Apps
Employees
Dev? IT?
Email
Social network
Hobbies
Family
Birthdate, etc.
Breach
37. 37
x07 – Pendings
AI and sock puppets
ChatGPT
I‘ve been pwn
Wifi APs location
ATV passwd
Tools like Shodan, Maltego, SF, etc.
...
38. 38
x08 – More info at
https://www.youtube.com/@Mr.RedSmasher
https://www.youtube.com/@OSINTDojo
https://www.tracelabs.org/
https://medium.com/the-first-digit/osint-how-to-find-information-on-
anyone-5029a3c7fd56