Skip to main content

Discovery: OSINT Fundamentals

 

Ohhhhh sint.



This will not be my only post about OSINT, so it very much fundamentals. I got into it via two paths, Trace Labs (which I will mention below) and romance scammers in terms of business email compromises.

Below are a mixture of resources that I've used to solidify OSINT Fundamentals as a multimodal learner.

A read through of this blog can be found at the bottom of this page. 

Visual:

The OSINT Framework  for starts, a literal map of many things OSINT. 

Next, a tool called YOGA via Micah Hoffman. His DEFCON talk is below (yes we're blending with Aural already, I know) & I really respect it, especially the idea that people sometimes get in the weeds on the findings and forget to make a great recipe instead. He says that YOGA is supposed to help OSINTers figure out what is next, which is pretty cool. 


I do consider the 2 resources above as fundamental stuff. The OSINT Framework is well known in the industry so if you understand the logical collection of data shown there, you'll be far ahead. Then, knowing how to organize and report on data is also something that is a fundamental skill, if you could benefit from YOGA, use it!


Aural:


Listen, Heath Adams (TCM Security) put the whole OSINT course on YouTube for free, it's a banger. TADAAAA

Go through that, if you don't have the fundamentals down hit me up.


Read/Write:

There are MANY places to read about OSINT methodologies. You could read blogs from big name players like SentinelOne or keep up with OSINT Curious (OSINT Curious Project). 

Then, as you begin to use tools, don't forget to read the notes in the help section of the tools you are using. <- toP 25 OsInt ProJects!.!

I'm intentionally leaving this section pretty simple. If you read through these links above and get the tools installed and read through them (while taking some notes or blogging on them) you will be in a really good spot on understanding the fundamentals.


Kinesthetic: 

A creative mind can find very many ways to practice OSINT. I'm just going to provide 4 but I would love to hear your ideas too.

1. OSINT Yourself
Seriously, go to town & build out a profile on yourself. Hey, while you are at it, take that stuff down! The lovely Yael Grauer keeps the Big Ass Data Broker Opt-Out List updated, refer to that to make the job quick(er) (Grab a beverage for a several hour event, just heads up).


"Accelerate the reunification of missing persons while training members in the tradecraft of OSINT." 
I've judged and done a number of these, they can be very rewarding and can be devastating, please research and have caution if you are triggered easily. 


3. #OSINTChallenge on Twitter. 
This hashtag will not only let you practice your OSINT geolocation skills but will show you exactly who to connect with in the community if you are looking to follow more OSINT content. 


4. TryHackMe
THM by far has the most interactive training on OSINT that I have found. Check out the screenshot from today of OSINT modules.




That's it for this post, please shoot any comments or thoughts out to me on the LinkedIn post

Thank you for stopping by, please come again!


Audio of this blog post:




Disclaimer:  Understanding that this industry is already filled with educational content, the writer of this blog intends for this series to be utilized by professionals who are looking to find resources for said topics. The content within these resources should be learned and used with caution and common sense, taking note to understand the applicable laws of the reader's location. This is a personal blog of which any opinions or ideas expressed are of the owner/writer and not of any association they are affiliated with. To reach the writer of this blog, please find them on LinkedIn. When sharing this content with your own community it is requested that credit be given.

Popular posts from this blog

Enumeration: Introduction

  Enumeration: Introduction Hey everyone! It's incredible to hear back from so many of you already. 4 blog posts in, I can already feel the love.  I did go back this week and add a disclaimer to all posts. First, I wanted to ensure that folks are being careful with using the skills within the resources. Second, I just wanted to explain that this entire series is really about learning topics thoroughly, however you need to learn. As someone who is a multimodal learner, I'm actually using the resources in these posts to understand these topics as fully as I can. Let's get into enumeration. Taking directly from the company RedTeam Security , "Enumeration is the method that a penetration tester uses to identify information about in-scope assets. A pen tester will use an automated process to identify all active IP addresses within the scope and some limited information about those devices, such as type and operating system version. This information is then used for further...
Read more

Enumeration: NetBios

  Enumeration: NetBios If you come across this post but you're unsure about what NetBIOS actually is, take a moment to step back and go through this article (and the Professor Messor video inside) from Networkencyclopedia.com.  Okay cool, so we're on the same page now!  As we go through the resources for NetBIOS enumeration keep the following items in your mind - we're looking for them: system names usernames domains  printers available shares There are a ton of great tools out there to do NetBIOS enumeration. Just some of the few I found include:  nbtstat (Windows) winfo  (Windows) winfingerprint  (windows) nbtscan (Linux) smb-nat  (Linux) Hyena  (I have not used this yet but it came recommended) smbclient (Linux) - this page is overwhelming to my visual senses, ha, if there is a cleaner one, use it! nmap smbmap crackmapexec   Autorecon  (have not used this yet, it honestly looks awesome) msfconsole burp (web) many others,...
Read more

Introduction: Understanding Multimodal Learning

  What is up my friends! If you follow me on the social platforms, you know I'm in the Neurodiverse space . My flavor affects how I learn and, somewhat, how I experience this world. I looked into learning styles in college where I first discovered that I am a multimodal learner. Simply, multimodal learners might be able to learn something through just one of the 4 ( Visual , Aural , Read/write , Kinesthetic ) but they might not and may need a mix several types to learn thoroughly.  I've struggled and continue to struggle with picking up certain concepts and methodologies when it comes to learning offensive security. The purpose of this blog is twofold: learn this stuff & give my resources/process to others that learn like me.  Each post will be separated into resources that reflect the 4 types of learning mentioned above.  I may make videos myself or record, I might link my notes from Notion. I will largely utilize platforms like TryHackMe or HacktheBox for ...
Read more