Finding Fraudsters Who Hide Behind Cloudflare

Channel:
United States SANS Cyber Defense
Subscribers:
23,600
Published on ● Video Link: https://www.youtube.com/watch?v=UBZBL65Dv1w


Duration: 44:00
3,704 views
102

Fraudsters and other threat actors use services like Cloudflare to hide their web infrastructure and make it hard for OSINT investigators to identify the IP addresses and services that they use.

This talk walks through several different OSINT techniques for identifying IP addresses and hosting arrangements hidden behind Cloudflare and how to verify these results.

The content of the presentation ranges from intermediate to advanced in terms of difficulty. Learn about:
DNS records
Subdomains
SSL certificates
Shodan/Censys
Some command line tools

The talk uses multiple real-life examples of how these techniques can be used to unmask fraudsters.

About the Speaker
Steven Harris is an open source intelligence (OSINT) specialist at QOMPLX, a data analytics and cyber security company, where he uses his expertise to identify security and business risks that his clients face and then helps them reduce their risk exposure. With a background as a detective, as crimes such as ransomware became more prominent Steven specialized in cybercrime. In his career, he received several commendations for catching groups of cybercriminals and improving the way that law enforcement respond to security vulnerability disclosures. He believes that open source investigation skills combine well with cyber security and considers it a great privilege to work in this field.

View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
#OSINTSummit #OSINT



Other Videos By SANS Cyber Defense


2022-05-25What are the key takeaways & benefits of taking SEC586?
2022-05-23Blockchain Investigations 101: An Intro to Ethereum
2022-05-22Glass Bottom OSINT
2022-05-21What is SEC586 author Josh Johnson's favorite part of the course to teach
2022-05-20Protecting High-Value Individuals: An OSINT Workflow
2022-05-18Advanced Open-Source Intelligence (OSINT) Gathering and Analysis: A SEC587 Demo
2022-05-17What to expect from the SEC586 labs
2022-05-15Lessons Learned from Ten Years of OSINT Automation
2022-05-14An In-Depth Overview of Resources, Tactics, and Tools for Gathering Intelligence Outside the US
2022-05-13How SEC586 can help you and your organization's security posture
2022-05-12Finding Fraudsters Who Hide Behind Cloudflare
2022-05-11Dark Web: The Other Side
2022-05-10I Know You: Contact Exploitation in SOCMINT Investigations
2022-05-09What skills do SEC586 students walk away with
2022-05-05Who should take SEC586 Blue Team Operations: Defensive PowerShell?
2022-05-01Why use PowerShell to automate?
2022-04-28Lifting the Fog: Investigating Cryptocurrency with OSINT
2022-04-27What problems does SEC586 solve for students?
2022-04-22Using Machine Learning to Reduce the Alert Fatigue
2022-04-04Join us for the Free SANS OSINT Summit 2022!
2022-03-18Setting Up and Managing Python Virtual Environments


Tags:
steven harris
steven harris osint
steven harris sans institute
cloudfare
osint
osint investigations
cloudfare investigations
dns records
osint tools
osint techniques
steve harris osint
cloudflare osint techniques
using cloudflare in osint investigations
cloudflare osint
cloudflare ip addresses
ip address osint