Xavier Mertens (Security Consultant)
SIGINT TITLE: pastemon.pl & leakedin.com
SIGINT ABSTRACT:
pastebin.com is a well-known website used primarily by developers to exchange code and technical details. But for a while, this website has been hijacked from its main purpose and is also used by “bad” guys to store plenty of interesting information. From an OSINT (Open Source Intelligence) point of view, pastebin.com became a goldmine and must be monitored! I wrote a tool to scan the website and generate alerts based on regular expressions. What’s interesting to search for? IP addresses, logins, domain names & much more. To increase people awareness about the risks of posting sensitive data to pastebin.com, I also started a blog called leakedin.com where interesting found content is published 24×7.
My talk will present you the tool pastemon.pl and its benefits.
ABOUT XAVIER MERTENS
Xavier Mertens is a Security Consultant and security blogger. His job focuses mainly on “security monitoring” solutions such as log management, SIEM, incident management but also on audits and some pentests. Instead of following vendors, he prefers to find the best solutions to solve security issues. One of his preferred topic at the moment is OSSEC and OSINT. He wrote several blog articles about this software to increase its performance or visibility. In parallel to his daily job and blog, Xavier offers some spare time and resources to initiatives like BruCON (the Belgian security conference) and EuroTrashSecurity.