Jeff Foley

Jeff Foley

Senior Security Engineering Officer at Citi

Jeff Foley’s industry experience has been focused on information security research & development in order to build and assess next generation solutions. He is the Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation flagship project that performs in-depth attack surface mapping and asset discovery. Jeff is also an Adjunct Lecturer teaching Penetration Testing at the SUNY (State University of New York) Polytechnic Institute. Previously, he was the US Manager for Penetration Testing & Red Teaming at National Grid, a multinational electricity and gas utility company. Prior to this, Jeff served as a Principal Investigator of offensive cyber warfare research & development at Northrop Grumman Corporation, an American global aerospace and defense technology company. In his spare time, he enjoys experimenting with new blends of coffee, automating security tasks, and giving back to the information security community.

Presentation Abstract

Workshop on OWASP Amass / New Features Walkthrough

Attack surface mapping is an important task for red teams and blue teams. The OWASP Amass Project allows information security professionals to bring automation to their asset discovery processes. While Amass is a powerful tool, there can be a learning curve before obtaining its full value. This course is going to provide a quick introduction to Amass, and then dive into the new features of the tool.

You will learn:

  • Basic usage of OWASP Amass
  • Strategies for discovering additional assets
  • How Amass handles the DNS resolution process
  • Exporting and sharing enumeration findings