Running Away from Security - Web App Vulnerabilities and OSINT Collide
Offered By: YouTube
Course Description
Overview
Syllabus
Intro
An Experiment
If anyone in the world knew...
Our Data on the Internet
Selling Our Data
It all started with some exercise
The issue is in the Numbers
Look at the page source
Responsible disclosure attempt
Strava Response
But how could I get the data?
Make 800,000+ requests for random activities
What could someone do with it?
OSINT in a Nutshell
Let's meet Sandra K. on Strava
Finding Sandra K.
What about other fitness sites?
Let's meet Janna on fitbit
Garmin's site
There is a Double Standard
Need to belong/be social
This is Trisha on fitbit
Trisha Recap
Putting it all together: Mind Map
Recon-ng: Profiler Module Search 190 sites per username x 3 names = 30secs
These apps aren't just for fitness!
What are these "patrols"?
Nature Preserve Patrol
Soft Drink Anyone?
The unexplainable
What is your OSINT profile?
Protect yourself.
Related Courses
Authentication & Authorization: OAuthUdacity Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Hacking and Patching
University of Colorado System via Coursera Fundamentals of Computer Network Security
University of Colorado System via Coursera