By this time I had a few years of penetration testing under my belt and had amassed some stories of attack chains. The idea of mind maps and methodologies for maximizing impact on an assessment was starting to form. Oscar Salazar and I presented some of these stories for our local OWASP chapter:
We continued to enhance Search Diggity suite of tools. At this point Brad Sickles, who I met when he sat next to me and hung a terrible towel in his cube at HP—had helped formalize the UI and helped scale the techniques for performing OSINT on more than one domain at a time, and get results in an manageable way. We presented our latest capabilities that notably involved searching for leaks and data dumps on other's websites and domains beyond the ones your organization is responsible for securing: