The best Social Engineers do a tremendous amount of research before engaging a target. As luck would have it, we get to speak with one of them today! Chris and I talk about the pivotal role of OSINT in preparing for an SE engagement and also get a "peek behind the curtain" in relation to OSINT sources during a Social Engineering "capture the flag" style competition.
Chris Kirsch is the CEO of runZero (www.runzero.com), a cyber asset management company he co-founded with Metasploit creator HD Moore. Chris started his career at an InfoSec startup in Germany and has since worked for PGP, nCipher, Rapid7, and Veracode. He has a passion for OSINT and Social Engineering. In 2017, he earned the Black Badge for winning the Social Engineering capture the flag competition at DEF CON, the world’s largest hacker conference.
If you'd like to learn more about Chris and the organizations he advocates for:
- Defcon 2022 OSINT & vishing research: https://medium.com/@chris.kirsch/top-osint-sources-and-vishing-pretexts-from-def-cons-social-engineering-competition-8e08de4c8ea8
- Winning call from DEF CON SECTF 2017: https://www.youtube.com/watch?v=yhE372sqURU
- External perimeter recon using runZero: https://www.runzero.com/blog/external-scanning/
- Competitive Intelligence talk at Layer 8 Conference: https://www.youtube.com/watch?v=NB-wLadJ3hk
- Facebook Talent Intelligence Collective: https://www.facebook.com/groups/talentintelligencecollective
- National Child Protection Task Force (NCPTF): https://www.ncptf.org/
- Twitter profile: https://twitter.com/chris_kirsch
- Mastodon profile: https://infosec.exchange/@chris_kirsch
- LinkedIn profile: https://www.linkedin.com/in/ckirsch/
- Chris' company: https://www.runzero.com/
Want to learn more about Open Source Intelligence?
Follow us on Twitter: @TraceLabs
Join our Discord server: https://tracelabs.org/discord
Check out the site: https://tracelabs.org
More episodes from "Breadcrumbs by Trace Labs"
Don't miss an episode of “Breadcrumbs by Trace Labs” and subscribe to it in the GetPodcast app.