Navigating the Currents of Open Source Intelligence: Insights from the Field

Summary:

Micah Hoffman and Griffin Glynn from My OSINT Training join me to talk about the current state of OSINT. Both bring a wealth of knowledge and first meet while working together at the National Child Protection Task Force. They bring a wealth of knowledge and we get into a lot of the ins and outs of OSINT.

Episode Highlights:

  • What is OSINT?

  • What tools are used for OSINT

  • Social media changes?

  • How do APIs play into OSINT?

  • How is AI impacting OSINT?

Guest Information:

Micah Hoffman and Griffin Glynn co-owners of My OSINT Training environment and co-workers at National Child Protection Task Force (NCPTF)

https://twitter.com/myosinttrainer

https://www.linkedin.com/company/my-osint-training

https://www.myosint.training

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What's happening at DerbyCon 2018 - Part 2

In this Hyatt recorded edition of the Exploring Information Security podcast, Micah Hoffman, Josh Huff, and Justin Nordine.

Micah (@WebBreacher), Josh (@baywolf88), and Justin (@jnordine) join me to go over a variety of topics at DerbyCon 2018. The Hyatt was kind enough to provide space near the bar (shout to the amazing Lauren).

In this episode we discuss:

  • Why other industries don’t use OSINT

  • Where to find your niche

  • What are some frustrations of mentorship

  • How apps are impacting our lives

What's happening at DerbyCon 2018 - Part 1

In this Hyatt recorded edition of the Exploring Information Security podcast, Micah Hoffman, Josh Huff, and Justin Nordine join me at DerbyCon 2018.

Micah (@WebBreacher), Josh (@baywolf88), and Justin (@jnordine) join me to go over a variety of topics at DerbyCon 2018. The Hyatt was kind enough to provide space near the bar (shout to the amazing Lauren).

In this episode we discuss:

  • What OSINT classes and projects everyone is working on

  • Why contributing is important

  • What value conferences like DerbyCon provide

  • Why hotels hate accountant conferences

What is advanced OSINT?

In this whiskey fueled edition of the Exploring Information Security podcast, Ryan MacDougall and Colin Hadnagy of Social Engineer join me to discuss advanced OSINT.

This past DerbyCon, I had the opportunity to take the Advanced OSINT with Ryan (@joemontmania) and Colin (@UnmaskedSE). The course was great! It was different from some of the other OSINT courses I’ve taken. They covered very specific techniques and tools. After presenting on those techniques and tools we were given the opportunity to dive in from a free-form standpoint.

If you’d like to take the training, signup for their April 23-24, 2019, training in Denver Colorado.

Also, you can catch Ryan at the First Pacific Hackers Conference, November 9-11, 2018.

In this episode we discuss:

  • What is advanced OSINT

  • What is the mindset needed for OSINT

  • What are some of the tools used for OSINT

  • How to phish an organizationa

What is Hunchly?

In this screenshot edition of the Exploring Information Security podcast, Justin Seitz joins me to discuss Hunchly.

Justin (@jms_dot_py) is the creator of Hunchly. I got to know Hunchly at SANS SEC487 OSINT training earlier this year. It's a fantastic tool that takes screenshot as the web is browsed. This is very useful for investigations involving OSINT. I'm also finding it useful for incident response, particularly for clicking on phishing pages. I sometimes forget to take screenshots as I'm investigating a phishing page. Having Hunchly means, I don't have to worry about taking screenshots. I then use the screenshots for reports and training. It's a really useful tool.

In this episode we discuss:

  • What is Hunchly?
  • How did Hunchly come about?
  • Who should use Hunchly?
  • What is the cost of Hunchly?

More resources:

What is OSINT ORCS YOGA?

In this battlefield edition of the Exploring Information Security podcast, Micah Hoffman joins me to discuss OSINT ORCS YOGA.

Micah (@WebBreacher), is a SANS Instructor and author of the SEC487 OSINT course. He recently had his second class in Denver, Colorado (more dates here). During that class he found people asking about how to navigate the waters of OSINT resources. His solution was to start the OSINT Resource Classification System (ORCS). It's a call for the OSINT community to standardize on how resources are categorized. YOGA or Your OSINT Graphical Analyzer is meant to be a visual aid for people looking to navigate the streets of OSINT resources.

In this episode we discuss:

  • How SANS SEC487 is coming along
  • What is YOGA?
  • What is ORCS?
  • Why is ORCS YOGA important?

What is SANS SEC487? Part 2

In this wide open edition of the Exploring Information Security podcast, Micah Hoffman joins me to discuss SANS SEC487 Open-Source Intelligence Gathering and Analysis.

Micah (@WebBreacher) has spent the last year plus putting together the SANS SEC487 course. The course focuses on Open-Source Intelligence Gather and Analysis (OSINT). I had the pleasure of attending the very first iteration of the course. I had an absolute blast and would recommend the course to anyways (even those outside of infosec). I wrote about the course on my blog.

In this episode we discuss:

  • What's the most exciting aspect of the course?

  • Why operational security is important

  • Why disinformation is useful

What is SANS SEC487? Part 1

In this wide open edition of the Exploring Information Security podcast, Micah Hoffman joins me to discuss SANS SEC487 Open-Source Intelligence Gathering and Analysis.

Micah (@WebBreacher) has spent the last year plus putting together the SANS SEC487 course. The course focuses on Open-Source Intelligence Gather and Analysis (OSINT). I had the pleasure of attending the very first iteration of the course. I had an absolute blast and would recommend the course to anyways (even those outside of infosec). I wrote about the course on my blog.

In this episode we discuss:

  • What is SANS SEC487?

  • Who should attend the course?

  • What was the origin of the course?

  • How the beta went.

What's happening in OSINT?

In this open edition of the Exploring Information Security podcast, I sit down with Micah Hoffman, Kerby Plessas, and Josh Huff to discuss Open Source INTelligence (OSINT).

Micah Hoffman (@WebBreacher) is a SANS instructor who will be teaching a brand new SANS course, SANS487: Open-Source Intelligence Gathering and Analysis.

Kirby Plessas (@kirbstr) runs her own training company Plessas Experts Network, Inc. There is an online training portal that you can use to learn more about OSINT.

Josh Huff (@baywolf88) is a Digital Forensics Private Investigator and OSINT addict. He runs the Learn All The Things website.

This is a new format for the podcast that I am trying out. It's a lot like the conference episodes I do: It's longer; I allow swearing; and there is no format or direction. I asked for OSINT questions on Twitter and got some pretty good ones back for people to answer. I can turn this into a live show that would allow for people watching to interact with the guests on the show. I need feedback on whether or not this of interest to people. Hit me up on Twitter (@TimothyDeBlock) or email (timothy[.]deblock[@]gmail[.]com)

In this episode we discuss:

  • Why it's important to automate OSINT

  • What tools are available for OSINT

  • Where does OSINT end and breaking the law begin?

  • Where can OSINT be used in an organization

  • How to get into OSINT

  • and much much more

More Resources:

What is the OSINT Framework?

In this knowledge filled episode of the Exploring Information Security podcast, Justin Nordine joins me to discuss the OSINT Framework.

Justin (@jnordine) is the creator of the OSINT Framework. The page is a spider web of tools and other OSINT resources that you can get lost in for days. It's a fabulous tool for those just getting in or those who use OSINT on a daily basis. He created it as a way to keep up with all the OSINT resources out there.

In this episode we discuss

  • How he got started in OSINT
  • What is the OSINT Framework?
  • How should the framework be used?
  • What he has in store for future iterations

What can an OSINT creeper learn?

In this creepy edition of the Exploring Information Security podcast, Josh Huff and I discuss what you can learn being an OSINT creeper.

Josh (@baywolf88) is one of the up and coming professionals in the Open Source Intelligence (OSINT) discipline. By day, he's a forensic analyst at an investigation firm. By night, he's an information gathering OSINT creeper. He's been studying OSINT heavily the last year and is here to share his experience and lessons learned.

Josh's talks is available here.

In this episode we discuss:

  • What is an OSINT creeper?
  • What is the methodology of an OSINT creeping?
  • What are the lessons learned?
  • How to get started OSINT creeping

What is OSINT - Part 2

In this don't give a beep episode of the Exploring Information Security Podcast, I find out what OSINT is from OSINT master Tazz.

My first interaction with Tazz (@GRC_Ninja), was at CircleCityCon. I quickly became aware that if I got out of line at the conference Tazz was very likely to be the one to put me in my place. I also ran into her at DerbyCon where she kept people in line while waiting for talks to start. She also happens to be a speaker and this past year presented, "ZOMG Its OSINT Heaven" at BSides Las Vegas. Which is how I became aware that Tazz knew her stuff when it came to OSINT. She also writes about OSINT on her blog osint.fail. All of these interactions prompted me to have her on for a discussion on what is OSINT.

In part 2 we discuss:

  • Why OSINT is important
  • The skills needed to perform OSINT
  • The tools used for OSINT

More Resources:

What is OSINT? - Part 1

In this don't give a beep episode of the Exploring Information Security Podcast, I find out what OSINT is from OSINT master Tazz.

My first interaction with Tazz (@GRC_Ninja), was at CircleCityCon. I quickly became aware that if I got out of line at the conference Tazz was very likely to be the one to put me in my place. I also ran into her at DerbyCon where she kept people in line while waiting for talks to start. She also happens to be a speaker and this past year presented, "ZOMG Its OSINT Heaven" at BSides Las Vegas. Which is how I became aware that Tazz knew her stuff when it came to OSINT. She also writes about OSINT on her blog osint.fail. All of these interactions prompted me to have her on for a discussion on what is OSINT.

In part 1 we discuss:

  • What is OSINT
  • The methodology for OSINT