top of page

Recon Village is back @ DEFCON 32

📍 Las Vegas Convention Center, 🗓️ 9th, 10th and 11th August 2024

Call For Papers: OPENING SOON

Call for Volunteers: OPENING SOON

An Open Space with Talks, Live Demos, Workshops, Discussions, CTFs with a common focus on Reconnaissance.

Talks

We have hosted some great talks in the past from some amazing speakers. Check out the interesting talks around OSINT and Recon.

Read More >

Contests

We host contests like Jeopardy style CTF, Hackathon, etc. and use these as a tool to promote learning and hands on exercises.

Read More >

Tools

Many tools have been presented/launched in the past at Recon Village and we have finally compiled a list of these tools.

Read More >

Recon Village - DEF CON 31 Talks

DEF CON 31 Recon Village  - Berk Can Geyikci - Finding Hidden Gems In Temporary Mail Services

DEF CON 31 Recon Village - Berk Can Geyikci - Finding Hidden Gems In Temporary Mail Services

In today's world, where temporary mail services are widely used, our project aims to monitor these services according to the provided configuration and to discover valuable gems. For this research, we developed a command and control Python tool. This tool is hosted on our private Amazon server. So, what does this tool do? It constantly scans the most popular temporary mail services (yopmail, tempr.email, dispostable, guerrila, maildrop) and indexes the emails delivered to them based on specified keywords. The tool then notifies us via Telegram using the integrated Telegram API. This tool has been running on our server for about a year and has stored, and continues to store, more than 1 million emails. In our research, we analyzed these emails, the types of emails sent through these services, and their potential uses for hackers. We were able to take over accounts containing money from these mail services during our research. Our ongoing investigation has uncovered confidential personal information, account reset emails, hundreds of game accounts, and bitcoin wallet information. Some of these findings will be presented in a censored manner during our presentation. Moreover, we will release the tool on GitHub after the presentation. This tool includes a configuration file that allows it to continuously crawl and monitor emails from specified URLs, and optionally save them. It filters the emails to record based on the keywords in the config file, making this tool highly effective. For instance, I installed this tool and entered keywords such as eBay, password reset, bitcoin, and OTP. This tool saves or notifies you when emails containing these words are delivered to the relevant email services. Additionally, this tool features Telegram API integration, allowing you to receive real-time notifications via Telegram when relevant emails are received. All these aspects are included in our research. During our project presentation, we will demonstrate a live proof of concept and showcase valuable findings we can obtain during the presentation. In the bonus section, we will highlight red team activities we observed while examining these mail services. This part may be quite interesting 🙂 ------------------------------------------------------------------------------------------------------------------------------------------ This talk was recorded at the @ReconVillage - at @DEFCONConference , Hotel Linq, Las Vegas. For more updates and announcements, follow us on Twitter: https://twitter.com/ReconVillage LinkedIn: https://www.linkedin.com/company/reconvillage YouTube: https://youtube.com/reconvillage DEFCON Mastadon: https://defcon.social/@reconvillage Cheers, Recon Village Team.
DEF CON 31 Recon Village - Seyfullah - Mastering OSINT  Advanced Techniques in the Realm of Big Data

DEF CON 31 Recon Village - Seyfullah - Mastering OSINT Advanced Techniques in the Realm of Big Data

In the session titled "Mastering OSINT: Advanced Techniques in the Realm of Big Data," I will provide a deep dive into the intricacies of Open Source Intelligence (OSINT) and Big Data. Leveraging my extensive experience in the field, this presentation will elucidate the techniques, tools, and challenges in deploying OSINT methodologies in the context of Big Data. As an expert with years of practical experience in OSINT and Big Data analysis, I have a rich understanding of the possibilities and complexities that both these fields present. I will share this knowledge and experiences to help others more effectively navigate this exciting yet challenging landscape. The discussion will commence with an introduction to OSINT, including its origins, utility, and implications within the contemporary digital arena. This will lead us to the vast and complex realm of Big Data, where we'll understand its significance, challenges, and the role it plays in improving the efficacy of OSINT. A detailed overview of Google BigQuery will be provided, exploring how this powerful tool can be used for managing and analyzing big data. I will delve into its features, advantages, use-cases, and practical examples demonstrating how it can help in OSINT. I will also discuss other key resources such as CommonCrawl, which provides web crawl data, and Rapid7 Open-Data, a goldmine for security research. I will elucidate how these datasets can be harnessed for comprehensive analysis and deriving actionable intelligence. The section on Passive Search will cover various methods and best practices, with a special focus on how to leverage this technique in the context of Big Data. Finally, I will talk about Internet Search Engines' pivotal role in OSINT and how to extract maximum value from them. What sets this presentation apart is not only the comprehensiveness of the coverage but also the practical, hands-on approach, featuring real-world examples and demonstrative scenarios. It promises to be an enlightening session for anyone interested in advanced OSINT techniques and the potential of Big Data. ------------------------------------------------------------------------------------------------------------------------------------------ This talk was recorded at the @ReconVillage - at @DEFCONConference 31, Hotel Linq, Las Vegas. For more updates and announcements, follow us on Twitter: https://twitter.com/ReconVillage LinkedIn: https://www.linkedin.com/company/reconvillage YouTube: https://youtube.com/reconvillage DEFCON Mastadon: https://defcon.social/@reconvillage Cheers, Recon Village Team.
DEF CON 31 Recon Village - Jason Haddix - Easy EASM The Zero-Dollar Attack Surface Management Tool

DEF CON 31 Recon Village - Jason Haddix - Easy EASM The Zero-Dollar Attack Surface Management Tool

Easy EASM is just that... the easiest to set-up tool to give your organization visibility into its external facing assets. The industry is dominated by "Attack Surface Management," but OG bug bounty hunters and red teamers know the truth. External ASM was born out of the bug bounty scene. With ten lines of setup or less, using open source tools, and one button deployment, Easy EASM will give your organization a complete view of your online assets. Easy EASM scans you daily and alerts you via Slack or Discord on newly found assets! Easy EASM also spits out an Excel skeleton for a Risk Register or Asset Database! This isn't rocket science.. but it's USEFUL. Grab Easy EASM and feel confident you know what's facing attackers on the internet. Easy EASM uses a collection of tools tied together to perform recon on a target or set of targets. Utilizing Amass, Subfinder, Chaos, Notify, r7 Sonar, eyewitness, and Cloud Certs. It will run daily and track all assets discovered for your targets. With a Discord or Slack key, you'll get this output to chat every morning if any new assets have appeared. You can choose the "fast" or "comprehensive" deployment, which adds additional methods to the discovery (brute force, permutation discovery, screenshots, and tech profiling). BUT... literally, all the user does is one-click deploy and add a Slack or Discord token. Then they start receiving bacon... I mean recon... I mean EASM data. ------------------------------------------------------------------------------------------------------------------------------------------ This talk was recorded at the @ReconVillage - at @DEFCONConference 31 , Hotel Linq, Las Vegas. For more updates and announcements, follow us on Twitter: https://twitter.com/ReconVillage LinkedIn: https://www.linkedin.com/company/reconvillage YouTube: https://youtube.com/reconvillage DEFCON Mastadon: https://defcon.social/@reconvillage Cheers, Recon Village Team.
DEF CON 31 Recon Village - Vitor Ventura - Getting Ahead of The Bad Guys with Internet Scanning Data

DEF CON 31 Recon Village - Vitor Ventura - Getting Ahead of The Bad Guys with Internet Scanning Data

Detecting adversaries ahead of time is the holy grail to any defender. In this presentation we propose the usage of internet scanning services as a hunting ground of adversaries. Services like Shodan and BinaryEdge provide a great source of adversarial indicators, allowing defenders to get ahead of the risk. While this is not possible all the time many defenders try to get ahead by collecting information from several sources, some open some through private feeds. In this presentation we will demonstrate how these services can be used to find unknown adversarial infrastructure. We will illustrate how this can be done hunting for ip addresses serving payloads that match the MZ header. This allows the identification of attack framework hosting sites serving executable payloads directly, Metasploit is a good example of such frameworks. The technique does not end with the MZ header, other patterns can be searched which contribute to a better mapping of the Internet threat landscape. The presentation will continue to explain how this data can be processed in order to be transformed into something useful for defenders and threat researchers. During our research we also found different results, from funny stuff without any harm to powershell scripts or even source to be compiled locally. This method has been used to triage logs on incident response cases where we wanted to see if CobalStrike had been used. By supplying a list of recent CS servers delivering payloads we were able to identify the initial attack vector and corresponding patient zero of that incident. The presentation will finish with the presentation of other use cases, for this kind of data analysis. ------------------------------------------------------------------------------------------------------------------------------------------ This talk was recorded at the @ReconVillage - at @DEFCONConference 31, Hotel Linq, Las Vegas. For more updates and announcements, follow us on Twitter: https://twitter.com/ReconVillage LinkedIn: https://www.linkedin.com/company/reconvillage YouTube: https://youtube.com/reconvillage DEFCON Mastadon: https://defcon.social/@reconvillage Cheers, Recon Village Team.
DEF CON 31 Recon Village - Nick Ascoli - Leakonomics 101 The Last Year in Data Leaks

DEF CON 31 Recon Village - Nick Ascoli - Leakonomics 101 The Last Year in Data Leaks

Data leaks have become an omnipresent concern in our digital landscape, demanding an understanding of their anatomy and the evolving trends that shape this realm. Join us at the Recon Village as we embark on a journey through the past year's data leaks, exploring their causes, consequences, and impact on organizations and the criminal underworld. We will dissect the anatomy of data leaks, examining vectors such as misconfigured cloud resources, insider threats, third-party vulns, and cybercrime group in-fighting. Through real-world case studies of the last year, including the Luxottica leak, the Toyota incident, the RAID forums leak, we will identify the common patterns and vulnerabilities that pave the way for breaches. Understanding the fallout from these breaches is crucial. We will analyze the consequences beyond financial and reputational damage, including the impact on customers and the broader ecosystem. No discussion of data leaks would be complete without exploring the criminal underworld. We will talk about where stolen data is sold and exchanged, drawing insights from recent posts on various cybercrime forums. Lastly, we will provide a panoramic view of the trends observed in the past year's data leaks. The increasing volume of cloud-based attacks, the persistence of legacy vulnerabilities, and the evolving tactics employed by cybercriminals will be explored. By understanding these trends, organizations can proactively adapt their security measures to counter emerging threats. Join us in this captivating talk as we navigate through Leakonomics 101: The Last Year in Data Leaks. ------------------------------------------------------------------------------------------------------------------------------------------ This talk was recorded at the @ReconVillage - at @DEFCONConference 31, Hotel Linq, Las Vegas. For more updates and announcements, follow us on Twitter: https://twitter.com/ReconVillage LinkedIn: https://www.linkedin.com/company/reconvillage YouTube: https://youtube.com/reconvillage DEFCON Mastadon: https://defcon.social/@reconvillage Cheers, Recon Village Team.