People as the Payload: OSINT Tactics for Identity Tracing, Social Graphing, and Executive Recon
9 Aug 2025
Comprehensive Talk (40 minutes)
People as the Payload: OSINT Tactics for Identity Tracing, Social Graphing, and Executive Recon
Ankit Gupta
Abstract
In today’s threat landscape, people are often the weakest link—and attackers are aware of it. From phishing and impersonation to executive targeting and account compromise, adversaries increasingly use open-source intelligence (OSINT) to build detailed profiles of individuals long before launching an attack.
This session dives into the evolving art of people-focused reconnaissance, demonstrating how seemingly harmless public data can be weaponized into precise social engineering campaigns, identity spoofing, and credential pivoting.
We’ll cover:
Identity tracing techniques using breach data, professional directories, dark web leaks, and forgotten digital breadcrumbs
Building detailed social graphs across platforms like LinkedIn, GitHub, Twitter/X, Facebook, and academic/industry conference rosters
Tools and techniques to identify executive targets, their digital habits, exposed credentials, and behavioral patterns
Mapping corporate org structures and vendor relationships through public filings, social posts, and collaboration tools
How to uncover personal infrastructure (GitHub repos, sandbox environments, demo servers) tied to specific developers or architects
Cross-referencing usernames, email handles, avatars, and metadata to track digital identities across platforms
Using automation to generate identity maps and behavioral timelines using OSINT scripts and browser automation frameworks
You’ll also learn how attackers combine this recon with voice deepfakes, domain typosquatting, and AI-generated emails to execute convincing social engineering attacks—especially against high-value individuals.
While this session is grounded in offensive techniques, it’s highly actionable for blue teams, threat intel analysts, and enterprise security leaders. We’ll walk through real-world case studies where simple recon led to large-scale breaches, compromised business email accounts, and insider attacks.
Takeaways will include:
A checklist for assessing your organization’s exposed human attack surface
Tools and workflows to replicate attacker tactics in your threat modeling and phishing simulations
Guidance on proactive identity protection and executive exposure management
Strategies to anonymize or reduce OSINT footprint without undermining productivity
In an era where people are increasingly the payload—not just the target—understanding how digital identities are discovered, mapped, and exploited is critical to building a truly defensible organization.