Technological advances are a driving force for internet democratization. Everyday millions of devices are connected for a wide variety of purposes. From keeping track of exercise routines, to allowing international forces to receive real-time communication about the launch of an attack on an important target. Right now, petabytes of public data, from every device, can be potentially transformed into exploitable information.
Taking advantage of this scenario, projects like Shodan, ZoomEye or Spyse were created. They collect information about software and hardware connected to the internet, exposing extensive vulnerabilities over open industrial control systems, IoT devices, web servers among other systems. However, all these tools don’t allow custom scans to be performed with unique in-house plugins. How can such massive scans be performed in-house? For example, how can all the devices that are vulnerable to a certain attack in a specific country be listed?
This training will cover how to perform optimized massive scans, process data results and create rich information from it.