Finding Threat Actor Infrastructure With SSL Certificates

Channel:
United States SANS Cyber Defense
Subscribers:
23,700
Published on ● Video Link: https://www.youtube.com/watch?v=MM9gKmpBOVs


Duration: 0:00
61 views
7

The presentation will focus on practical tips and case studies. Attendees of all skill levels will understand how to use new tools and techniques to help them with their work. Some topics are basic, some are more advanced.
Each tip/tool in the talk will focus on a recent real-world use case and accessible tooling. Most of the examples will relate to cyber crime or hostile nation state info ops (nothing sensitive or critical will be covered).
The talk will cover:

SSL certificates 101 (briefly)
How to attribute infrastructure with SSL certificates
Finding hidden infrastructure with crt.sh
Using sslyze to verify and find infrastructure behind Cloudflare
Needle in a haystack: using Zgrab2 to find SSL certificates and hidden infrastructure across the whole web.

View upcoming Summits: http://www.sans.org/u/DuS

SANS Open-Source Intelligence Summit 2025
Finding Threat Actor Infrastructure With SSL Certificates
Steven Harris, SANS Certified Instructor



Other Videos By SANS Cyber Defense


2025-03-12Matt Edmondson's Freestyle AI talk
2025-03-12Beyond Google Lens: How Real Estate Sites Can Assist Geolocation Efforts
2025-03-12Creating Social Network Graphs Using GEPHI
2025-03-12Social Media Discussion with the @OSINTMillennial
2025-03-12Fireside Chat with Jason Barrett
2025-03-12Navigating the Balance Between Public Information and Internal Threat Protection
2025-03-12Hunt Them Where They Play
2025-03-12Ads as Intel: Exploring ADINT's Capability to Pinpoint Personal Locations
2025-03-12Crowdsourced Intelligence: The Role of the OSINT Community in Global Investigations
2025-03-12Shadow Hunting: Advanced OSINT Skills to Navigate the Breach Data Labyrinth
2025-03-11Finding Threat Actor Infrastructure With SSL Certificates
2025-02-09Unlock Advanced OSINT: Inside the Revamped SEC587 Course
2024-11-04Supply Chain Security Incident Response: Strategies for Responding to Emerging Threats
2024-10-31MAVIS: Machine Assisted Vulnerability Identification System
2024-10-30Mastering the Journal
2024-10-29Hybrid Fortresses: How A Defensible Security Architecture Raises the Bar Against Modern Attacks
2024-10-28APT Takedown: The 2024 Blueprint for Cyber Victory
2024-10-25Encrypted DNS Developments
2024-10-24Edge Out Your Next BEC Adversary: Investigation and Prevention Strategies Using OSINT
2024-10-23CYA by Using CIA...Correctly for a Change
2024-10-22Stand out from the crowd! Using PowerShell to automate your daily tasks