Git'ing Users for OSINT: Analysis of All GitHub Users | SANS@MIC Talk

Channel:
United States SANS Institute
Subscribers:
64,000
Published on ● Video Link: https://www.youtube.com/watch?v=u2jQkeVcIV4


Duration: 52:47
1,358 views
26

Within the world of OSINT, many people solely focus on what data they can retrieve from a web browser. Others, like me, know the power and potential of using Application Programming Interfaces (APIs) to harvest huge amounts of data from platforms and incredible speeds. In this case, in 2019, by making thousands of API requests to github.com using the official GitHub API, I retrieved over 38,000,000 user profiles from their systems.

Speaker Bio

Micah Hoffman has been active in the information technology field since 1998, working with federal government, commercial, and internal customers to discover and quantify cybersecurity weaknesses within their organizations. As a highly active member of the cybersecurity and OSINT communities, Micah uses his real-world Open-Source Intelligence (OSINT), penetration testing, and incident response experience to provide customized solutions to his customers and comprehensive instruction to his students.

Over the years, Micah has conducted cyber-related tasks like penetration testing, OSINT investigations, APT hunting, and risk assessments for government, internal, and commercial customers. Micah's SANS coursework, cybersecurity expertise, and inherent love of teaching eventually pulled him toward an instructional role, and he's been a SANS Certified Instructor since 2013. He's the author of the SANS course SEC487: Open Source Intelligence Gathering and Analysis, and also teaches both SEC542: Web App Penetration Testing and Ethical Hacking and SEC567: Social Engineering for Penetration Testers.


About SANS
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.



Other Videos By SANS Institute


2020-08-07SANS Class Prep - Downloading your course materials
2020-08-07SANS Class Prep - Systems Requirements
2020-08-07SANS Class Prep Intro - What to complete prior to class
2020-07-30SANS OnDemand Interactive Live Lab Environment Demo: Local & Remote Lab Demonstrations
2020-07-2810 Visibility Gaps Every CISO Must Fill | SANS@MIC Talk
2020-07-28No SQL Injection in MongoDB Applications | SANS@MIC Talk
2020-07-27How to Present Cyber Security Risk to Senior Leadership | SANS Webcast
2020-07-27How to work in ways that will make your boss take notice! | SANS Webcast
2020-07-23Get Involved! Use Your OSINT Powers for Good! | SANS@MIC Talk
2020-07-21smbtimeline - An automated timeline for SMB Traffic | SANS@MIC Talk
2020-07-17Git'ing Users for OSINT: Analysis of All GitHub Users | SANS@MIC Talk
2020-07-16What Do I Need to Know About CVE-2020-5902; the F5 Networks BigIP RCE Vulnerability
2020-07-16What You Need to Know About the Windows DNS Vulnerability - CVE-2020-1350
2020-07-14Course Preview: Successful Infosec Consulting, Getting Clients Deep Dive | SANS@MIC Talk
2020-07-09Checkm8, Checkra1n and the new "golden age" for iOS Forensics | SANS@MIC Talk
2020-07-09Welcome to SANS Community CTF - Services Challenges
2020-07-07The 14 Absolute Truths of Security | SANS@MIC Talk
2020-07-01Defending Lift and Shift Cloud Applications | SANS@MIC Talk
2020-06-30#LevelUpLabs | SANS@MIC Talk
2020-06-30Leveraging Organizational Change to Build a Strong Security Culture
2020-06-26SEC510: Multicloud Security Assessment and Defense | SANS@MIC Talk


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training
OSINT
open-source intelligence
GitHub