🔍

Open Source Intelligence Fundamentals

Jun 25, 2024

View transcript

Open Source Intelligence Fundamentals with Heath Adams

Introduction

  • Instructor: Heath Adams
    • Husband, hacker, teacher, gamer, sports fan, and animal owner
    • CEO at TCM Security
    • Conducts cyber security consulting, risk assessments, and ethical hacking
    • Taught over 200,000 students
    • Social media: LinkedIn, Twitter, Twitch, YouTube

About TCM Security

  • Business website: tcm-sec.com
  • Educational resources: TCM Academy
  • Certifications available

Course Curriculum

Part 1: (First 4.5 hours)

  1. Introduction to OSINT (Open Source Intelligence)
    • Definition and methodologies
  2. Note Keeping
    • Effective techniques for taking and organizing notes
    • Tools: KeepNote, Notion, CherryTree, OneNote, Joplin
    • Screenshot tools: GreenShot for Windows, FlameShot for Linux/Mac
  3. Creation of Sock Puppets
    • Definition: Fake online identities for anonymous research
    • Steps to create sock puppets, tools and techniques
  4. Types of Open Source Intelligence
    • Search Engine OSINT
      • Google, DuckDuckGo, Bing, Yandex
      • Use of search operators (site:, inurl:, intext:, etc.)
    • Image OSINT
      • Reverse image search tools: Google Images, Yandex, TinEye
      • EXIF data: Extracting metadata from images
      • Identifying physical locations from images
    • Email OSINT
      • Discovering email addresses: Hunter.io, Phonebook.cz, Voila Norbert, Clearbit, and verification tools (Email Hippo, EmailChecker)
    • Password OSINT
      • Data breaches and breach databases (DeHashed, Hashes.org, Have I Been Pwned)
      • Techniques for finding and using breached credentials
    • Username OSINT
      • Finding usernames across platforms: Namechk, Name Checkr
    • People OSINT
      • Searching for personal information (phone numbers, addresses, birth dates, resumes)
      • People search engines: White Pages, True People Search, Pipl, WebMii, etc.
    • Social Media OSINT
      • Investigating profiles on Twitter, Facebook, Instagram, LinkedIn, Reddit, TikTok, etc.
      • Utilizing platform features and external tools to gather information

Part 2: (Second 4.5 hours, paid content)

  1. Website OSINT
    • Exploring website data
  2. Business OSINT
    • Investigating business-related information
  3. Wireless OSINT
    • Information gathering from wireless networks
  4. Practical Lab
    • Working with tools on Linux, scripting and automating processes
  5. Report Writing
    • Creating reports based on OSINT investigations
  6. Course Challenge
    • OSINT challenge to apply skills learned
  7. Additional Resources
    • Extra learning materials and resources

Important Ethical Considerations

  • Use OSINT techniques ethically
  • Only research with proper authorization or for self-education
  • Respect privacy and avoid malicious intent
  • Understand the methodologies over specific tools as tools might change

Intelligence Life Cycle

  1. Planning and Direction
    • Identifying who, what, when, where, and why of the investigation
  2. Collection
    • Methodologies for gathering information
  3. Processing and Exploitation
    • Interpreting gathered data
  4. Analysis and Production
    • Analyzing and understanding data points
  5. Dissemination
    • Presenting findings to a client or relevant party
  • Continuous cycle, not always linear

Effective Note Keeping

  • Importance of well-organized notes
  • Tools and techniques for capturing and organizing information
  • Examples of notebooks and note formats

Sock Puppets

  • Creating and using alternate online identities
  • Building credible histories for sock puppet accounts
  • Tools and platforms for creating sock puppets
  • Ethical considerations and potential uses

Search Engine OSINT Techniques

  • Using search operators to refine searches
  • Accessing detailed information through search engines

Image and Location OSINT

  • Reverse image search engines
  • Extracting and interpreting EXIF data
  • Identifying locations from images using geographical clues

Email OSINT

  • Discovering and verifying email addresses
  • Tools and methodologies for email OSINT

Password OSINT

  • Breached credentials databases
  • Techniques to identify and use breached passwords

Username OSINT

  • Cross-referencing usernames across different platforms
  • Tools for username investigation

People OSINT

  • Methods and tools for gathering personal information

Social Media OSINT

  • Investigating profiles across popular social media platforms
  • Utilizing both platform features and external OSINT tools

Full transcript