BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: CloudRecon - finding ephemeral assets in the cloud\n
    When: Saturday\, Aug 12\, 13:00 - 13:30 PDT\n   Where: Flamingo - Mesqu
 ite - Cloud Village - [1]Map\n   Speakers:Gunnar Andrews\,Jason Haddix\n\n
    SpeakerBio:Gunnar Andrews\n   No BIO available\n   Twitter: [2]@@G0LDEN
 _infosec\n\n   SpeakerBio:Jason Haddix \, CISO and “Hacker in Charge” 
 at BuddoBot\n   Jason Haddix is the CISO and “Hacker in Charge” at Bud
 doBot\, a\n   world-class adversary emulation consultancy. He's had a dist
 inguished\n   15-year career in cybersecurity previously serving as the CI
 SO of\n   Ubisoft\, Head of Trust/Security/Operations at Bugcrowd\, Direct
 or of\n   Penetration Testing at HP\, and Lead Penetration Tester at Redsp
 in. He\n   has also held positions doing mobile penetration testing\,\n   
 network/infrastructure security assessments\, and static analysis.\n   Jas
 on is a hacker and bug hunter to the core\, and he is ranked 51st\n   all-
 time on Bugcrowd's leaderboards. Currently\, he specializes in\n   recon a
 nd web application analysis. Jason has also authored many talks\n   on off
 ensive security methodology\, including speaking at cons such as\;\n   DEF
  CON\, Black Hat\, OWASP\, RSA\, Nullcon\, SANS\, IANS\, BruCon\, Toorcon\
 ,\n   and many more. Jason currently lives in Colorado with his wife and\n
    three children.\n   Twitter: [3]@jhaddix\n\n   Description:\n   CloudRe
 con is a suite of tools for red teamers and bug hunters to find\n   epheme
 ral and development assets in their campaigns and hunts.\n\n   Often\, tar
 get organizations stand up cloud infrastructure that is not\n   tied to th
 eir ASN or related to known infrastructure. Many times these\n   assets ar
 e development sites\, IT product portals\, etc. Sometimes they\n   don't h
 ave domains at all but many still need HTTPs.\n\n   CloudRecon is a suite 
 of tools to scan all the cloud providers and\n   find these hidden gems fo
 r testers\, by inspecting those SSL\n   certificates.\n\n   The tool suite
  is three parts in GO:\n\n     * CloudScrape - A LIVE running too to inspe
 ct the ranges for a\n       keywork in SSL certs OU\, CN\, and SN fields i
 n real time.\n\n     * CertStan - a tool to retrieve the ranges of AWS\, G
 CP\, and Azure\,\n       and download all their certs to your box. So you 
 can have your OWN\n       cert.sh database.\n\n     * CertSniff - a tool t
 o parse and search through the downloaded\n       certs for keywords.\n\n 
   '\n\n   1. #FlamingoThirdFloor\n   2. https://twitter.com/@G0LDEN_infose
 c\n   3. https://twitter.com/jhaddix\n\n\n
DTEND:20230812T203000Z
DTSTART:20230812T200000Z
LOCATION:CLV - Flamingo - Mesquite - Cloud Village
SUMMARY:CloudRecon - finding ephemeral assets in the cloud
END:VEVENT
END:VCALENDAR