Ethical Hacker and Cyber Security study notes on OSINT
Antonio Feijao study's notes for the Master Ethical Hacking and Cyber Security course - OSINT.
Important
This page and the studies - Working in Progress (WIP)
OSINT - Open-Source Intelligence¶
Notes from the course OSINT - https://academy.tcm-sec.com/courses/1214089/
by
TCM Security,
Twitter.com/thecybermentor,
TheCyberMentor.com,
Twitch.tv/thecybermentor
Topics in this course
- OSINT overview
- Note keeping
- Sock Puppets
- Image and Location OSINT
- Email OSINT
- Password OSINT
- Username OSINT
- People OSINT
- Social Media OSINT
- Website OSINT
- Business OSINT
- Wireless OSINT
- Linux / Lab Building
- Working with Tools
- OSINT Automation
- Course Challenge
- Reporting Writing
Course Discord¶
The Cyber Mentor, ACADEMY-PRIVATE-xxxxx
Important Disclaimer¶
All knowledge to be use at your own responsibility ...
What is OSINT¶
Open-source intelligence is a multi-methods methodology for collecting, analysing and making decisions about data accessible in publicly available sources to be used in an intelligence context.
In the intelligence community, the term "open" refers to overt, publicly available sources.
- Intelligence Life-cycle
- Planning and direction >>
- Collection >>
- Processing and Exploitation >>
- Analysis and Production >>
- Dissemination and Integration >> Planning and direction (..>>...)
Taking effective notes¶
.... multiple option for Windows, Linux and Mac... I am happy with notes on this post :)
Sock Puppets¶
Online face account or identity, sample a fake twitter account...
Should never tie back to you, to your IP...
Your "sock puppets" account should look "real", stories and posts...
... same blog post at jakecreps.com
The Art Of The Sock - https://www.secjuice.com/the-art-of-the-sock-osint-humint/
Twitter - https://twitter.com/ShakiraSecurity
Reddit - My process for setting up anonymous sockpuppet accounts - https://www.reddit.com/r/OSINT/comments/dp70jr/my_process_for_setting_up_anonymous_sockpuppet/
Mint Mobile SIM
cards
Fake Name Generator - https://www.fakenamegenerator.com/
This Person Does not Exist - https://www.thispersondoesnotexist.com/ (refresh the page to see different machine generated fake people photos)
Create virtual credit cards at
Privacy.com - https://privacy.com/join/LADFC - *Referral link. We (TheCyberMentor) each get $5 credit on sign up.
VPNs do not always work... or.. think of a VPN with a location/city of where you are adding as your "fake" address.
Search Engine Operators OSINT¶
Some search Engines
- https://www.google.com/
- https://duckduckgo.com/
- https://bing.com/
- https://yandex.com (Russian search engine)
- https://baidu.com (Asian base...)
Advanced Search
Antonio Feijao AND "Ethical Hacker" site:antoniofeijao.com
Antonio OR Feijao site:antoniofeijao.com
Antonio * study site:antoniofeijao.com
site:tesla.com password filetyppe:docx
site:tesla.com pwd filetyppe:xlsx
"tesla.com" filetyppe:xlsx password
site:tesla.com -www -forums
<--- way to find other sub-domains
antonio feijao -brasil
"antonio feijao" intext:password site:twitter.com
"Antonio Feijao" inurl:post
Google Advanced Search - https://www.google.com/advanced_search ← "it does it for you"
Google Search Guide - http://www.googleguide.com/print/adv_op_ref.pdf
Reverse Image Searching¶
- Search engines
Google Image Search - https://images.google.com ... after the results, you can still use the advanced filters
Yandex - https://yandex.com/images ... very good to find similar pictures...
TinEye - https://tineye.com ...
- Viewing EXIF Data
Exchange Image File
Jeffrey's Image Metadata Viewer - http://exif.regex.info/exif.cgi
Date, Time, GPS data...
- Physical Location OSINT
Google maps satellite view ... how do we get access to XXX...
Check the paths... routes?... security guards... visitor parking?.. street view?... any door, any badge reader?.. smoke area (social engineer?)
How to people dress.. are there security guards?
- Identifying Geographical Locations
(...) WORK-IN-PROGRESS
.