Published On Aug 30, 2023
Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/
In this hands-on workshop, DomainTools CISO Daniel Schwalbe will build on the search techniques introduced in the “Threat Hunting using Active and Passive DNS” class and will expand the query complexity to include advanced regular expression patterns, globbing, and searching of “lesser known” Resource Record Types such as SOA and TXT.
Requirements to participate:
– Laptop, Internet access
– Familiarity with basic passive DNS Search concepts, or participation in the previous day’s “Threat Hunting using Active and Passive” workshop
– DNSDB API Key (will be provided day of the event)
– DNSDB Scout Web Edition: https://scout.dnsdb.info/
– dnsdbq install from https://github.com/dnsdb/dnsdbq
– dnsdbflex install from https://github.com/farsightsec/dnsdbflex
Daniel will provide free access to DNSDB, our passive DNS tool, along with command line (dnsdbq and dnsdbflex) and web (DNSDB Scout) tools for the class and for 30-days following the conference so attendees can visualize how the tool will work within their own environments.
DNSDB is a historical passive DNS database that contains Internet history data that goes back to 2010. A DNSDB API Key will be sent to registered attendees prior to the Workshop.
DomainTools, the leader in domain name and DNS-based cyber threat intelligence, has acquired Farsight Security, a leader in DNS intelligence and passive DNS cyber security data solutions. The acquisition comes as a natural extension of both companies’ long-standing partnership to deliver Farsight’s market-leading passive DNS data via the DomainTools Iris investigation platform to assess risk, map attacker infrastructure, and rapidly increase visibility and context on threats. Farsight’s market leading DNS observation data combined with DomainTools best-in-class active DNS data gives customers the earliest and most comprehensive look into threats emerging outside their network.
///Black Hills Infosec Socials
Twitter: / bhinfosecurity
Mastodon: https://infosec.exchange/@blackhillsi...
LinkedIn: / antisyphon-training
Discord: / discord
///Black Hills Infosec Shirts & Hoodies
https://spearphish-general-store.mysh...
///Black Hills Infosec Services
Active SOC: https://www.blackhillsinfosec.com/ser...
Penetration Testing: https://www.blackhillsinfosec.com/ser...
Incident Response: https://www.blackhillsinfosec.com/ser...
///Backdoors & Breaches - Incident Response Card Game
Backdoors & Breaches: https://www.backdoorsandbreaches.com/
Play B&B Online: https://play.backdoorsandbreaches.com/
///Antisyphon Training
Pay What You Can: https://www.antisyphontraining.com/pa...
Live Training: https://www.antisyphontraining.com/co...
On Demand Training: https://www.antisyphontraining.com/on...
Antisyphon Discord: / discord
Antisyphon Mastodon: https://infosec.exchange/@Antisy_Trai...
///Educational Infosec Content
Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/
Wild West Hackin' Fest YouTube: / wildwesthackinfest
Antisyphon Training YouTube: / antisyphontraining
Active Countermeasures YouTube: / activecountermeasures
Threat Hunter Community Discord: / discord