OSINT Workshop
Original Abstract
The following is the original abstract for this workshop. It did morph slightly during development. We are trying to include everything in this abstract and will improve incrementally as the project moves forward.
This workshop will provide students with hands-on experience in conducting Open-Source Intelligence (OSINT) specifically for Industrial Control Systems (ICS) and Operational Technology (OT) environments. Unlike traditional OSINT techniques that focus on general corporate or IT infrastructure, this session will dive into identifying critical ICS/OT-related details, such as utility power grids, pipelines, airports, data centers, and industrial service providers. Participants will learn how to analyze publicly available information to map out potential targets, identify remote access methods, fingerprint VPNs, and locate data leaks that may contain sensitive information. Using only online resources attendees will explore real-world techniques to gather intelligence on external IP ranges, cloud storage exposures, vendor partnerships, and industry-specific risks.
By leveraging sources such as industry mapping websites, vendor press releases, regulatory filings, and RFP documents, students will develop a structured OSINT methodology tailored to ICS/OT environments. The workshop will cover how to correlate power, telecom, and internet infrastructure, investigate AI-generated leaks, and apply OSINT techniques to understand their current OSINT exposure. Attendees will also gain insight into organizing findings into actionable intelligence for vulnerability assessments and penetration tests. Whether you’re a security consultant, ICS administrator, or OT defender, this session will equip you with the skills needed to enhance your reconnaissance capabilities in industrial environments.