Play all

Intro

What is VoightKampff

Joshs Bio

Agenda

Background

Email Addresses

Email Reputation API

Defining Reputation

High Reputation

Why now

Phishing Defense

Examples

compromised email addresses

technical details

inputs

data breaches

whois

DNS

Reputation SMTP

MX Record Lookup

Invalid Email

Warnings

Domain Reputation

Frontend Stack

Profiles

Information Disclosure

Lastfm

PayPal

Gravatar

Web Crawling

Experiment

Building the Graph

Building a Twitter Profile

Nodes Connected

Cryptographic Hash Functions

Perceptual Hash Functions

Gravatar Profile

Similarities

Connections between disparate graphs

Reporting

Community

Phishing

Blacklisting

Scoring

Data

Reputation Distribution

Russian OpenBSD

Abuse

South Korea

countermeasures

TLDR

Key Requests

Slack Ping

Future Stuff

Breach Data

Live Demo

Questions

Description:

Explore the world of email address reputation and its role in identifying spear-phishing and fraud in this conference talk from Shmoocon 2020. Dive into the concept of EmailRep, a system that uses OSINT techniques, crawlers, and data from various sources to predict the risk associated with email addresses. Learn about the technical architecture, implementation, and how both blue and red teams can utilize this tool. Discover the importance of internet history in differentiating legitimate email addresses from attacker personas, and understand the potential shortcomings of this approach. Gain insights into the various data points used, including social media profiles, Github activity, LinkedIn accounts, and credential dumps. Follow along as the speaker demonstrates live queries of EmailRep and discusses its free availability through emailrep.io or API.

Voight-Kampff for Email Addresses

0xdade

Add to list

#Conference Talks #ShmooCon #Information Security (InfoSec) #Cybersecurity #Computer Science #Fraud Detection #Offensive Security #Spear Phishing