I have a new course available on Pluralsight. It’s another Red Team Tools course focused course on Spiderfoot. It is part of the Pluralsight Red Team Tools learning path.

While my other courses are a couple hours of content, the Reconnaissance with Spiderfoot course is 38 minutes. It is designed to be a quick introduction and heavily focused on demonstrating how to use Spiderfoot for recon in red team engagements. (Course overview video)

Reconnaissance is the first step when starting a red team project. Information must be gathered for the the target organization, including specific details about its connected devices, network block assignments, domain names and subdomains, and even physical locations for some engagements.

Spiderfoot is an open source intelligence automation platform. It utilizes more than 200 modules to gather information about reconnaissance targets. It uses an active intelligence gathering to directly interact and probe the target’s infrastructure. However, it’s real value is in its passive information gathering using a large variety of online open source intelligence sources.

My course describes how to use Spiderfoot for the reconnaissance phase of a red team operation. There are five separate demos included to show how to use Spiderfoot.

Table of Contents

• Using Spiderfoot for Reconnaissance
• Access the Shodan Web Site
• Starting Spiderfoot
• Initiate a Scan
• Configure Modules
• Use the Command Line Interface
• Use Spiderfoot as a Red Team
• Resources

Please take a look and let me know your thoughts on this new course.