Performing OSINT Gathering on Corporate Targets

Open Source Intelligence (OSINT) gathering is a critical component of penetration testing. This course will teach you how to gather various forms of corporate OSINT, including physical, logical, org chart, electronic, infrastructure, and financial.
Course info
Rating
(10)
Level
Intermediate
Updated
Jan 9, 2017
Duration
5h 12m
Table of contents
Course Overview
Preparing to Perform Corporate OSINT
Gathering Physical OSINT
Gathering Logical OSINT
Constructing an Org Chart
Gathering Electronic OSINT
Identifying Infrastructure Assets
Gathering Financial OSINT
Putting It All Together
Description
Course info
Rating
(10)
Level
Intermediate
Updated
Jan 9, 2017
Duration
5h 12m
Description

While many organizations are focusing their resources on implementing internal security controls, few turn their attention to the open source intelligence (OSINT) that attackers exploit in an effort to circumvent those controls. In this course, Performing OSINT Gathering on Corporate Targets, you'll learn foundational knowledge of gathering various forms of corporate OSINT as part of a penetration test. First, you'll explore tools and techniques for collecting OSINT. Next, you'll discover how to analyze that OSINT, separating the useful information from the noise. Finally, you'll learn how to organize your findings and prepare the subsequent phases of the penetration test. When you're finished with this course, you'll have the skills and knowledge of corporate OSINT gathering needed to conduct an effective, worthwhile penetration test.

About the author
About the author

By day, Jerod is a Security Solutions Architect with One Identity. By night, he's a husband, father, writer, filmmaker, martial artist, musician, gamer, and social media junkie.

More from the author
Performing OSINT Gathering on Employee Targets
Intermediate
3h 58m
Nov 27, 2018
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello, I'm Jared Brennen and welcome to my course on Performing OSINT Gathering on Corporate Targets. I've been a risk management consultant, penetration tester, and all-around info sect geek for longer than I care to admit. And I want to share with you some of the knowledge that I've gained in that time. Many organizations focus their resources on implementing internal security controls, but few of them turn their attention to the Open Source Intelligence, or OSINT, that attackers can exploit in an effort to circumvent those security controls. In this course, you'll learn how to gather various forms of corporate OSINT as part of a penetration test. We'll cover a number of tools and techniques for collecting this OSINT. We'll also discuss how to analyze this OSINT, separating the useful information from the noise. And you'll begin to develop methods for organizing your findings and preparing for the subsequent phases of the penetration test. Once we've covered the corporate OSINT gathering process in detail, we'll even walk through an actual corporate OSINT gathering exercise together. When you're finished with this course, you'll know how to gather, analyze, and organize corporate OSINT, so that you can apply those skills toward conducting an effective, worthwhile penetration test. Before beginning the course, you should be familiar with the penetration testing execution standard, at least at a high level. From here, you should feel comfortable diving into additional information security courses on topics like penetration testing and ethical hacking. I hope you'll join me on this journey to enhance your pen testing skills, with the Performing OSINT Gathering on Corporate Targets course here at Pluralsight.