OSINT Workshop
Summary
The goal of the SANS ICS Summit 2025 OSINT Workshop was to provide examples of quick online information gathering for industrial and automation control environments. The outputs of these OSINT reviews is intended to feed additional details into high-level risk assessments, detailed vulnerability assessments, and penetration testing.
This workshop was intentionally passive in nature. The lack of an approved target requires passive information gathering. During an assessment the information gathering can be much more active. There are additional techniques for interacting with the target’s external attack surface. This may even extend to services provided by the target’s partners, such as cloud services and end points.
Improve This Workshop
Be sure to help improve the tasks in this workshop. Go out to the ICS Summit 2025 - OSINT Workshop GitHub and submit issues and recommendations for industrial and automation control resources and information gathering tricks. Our goal is to continue this workshop at future SANS ICS, ICS Village, and other industry gatherings.
OSINT Table Top
Feel free to use this for an OSINT Table Top at your organization. Be sure to let us know your thoughts and improvements.