It’s no secret, black hats have been using open sources of information to conduct precise targeting for social engineering and network attacks for years. Penetration testers, often confronted with time constraints, overlook this all important step in the attack process, and fail to show the true, complete threat that their customers face. Even when an honest attempt at reconnaissance is made, the ever-changing nature of search engines and web technologies make automating the reconnaissance process painful to accomplish and maintain. In many cases, it just isn’t done right, which leads to improper reconnaissance and bad intelligence. I have been working to create several quality tools that leverage the power of search engines, social networks, and cloud CRMs to automate the reconnaissance process and increase the integrity of the intelligence gathered before the attack occurs. I’ll be releasing these tools during the talk, and will begin to explore a new reconnaissance concept; conducting physical reconnaissance of a target without ever setting foot on the ground. As a part of this new discussion, I’ll also be releasing an updated version of Pushpin, a social networking proximity geolocation tool.