Practical Open-Source Intelligence (OSINT)
This course not only covers critical OSINT tools and techniques, it also provides real-world examples of how they have been used to solve a problem or further an investigation. Hands-on labs based on actual scenarios provide students with the opportunity to practice the skills they learn and understand how those skills can help in their research.(Online Classes available)
Course Key Learnings:
- Perform a variety of OSINT investigations while practicing good OPSEC
- Create sock puppet accounts
- Locate information on the internet, including some hard-to-find and deleted information
- Locate individuals online and examine their online presence
- Understand and effectively search the dark web
- Create an accurate report of the online infrastructure for cyber defense, merger and acquisition analysis, pen testing, and other critical areas for an organization.
- Use methods that can often reveal who owns a website as well as the other websites that they own or operate
- Understand the different types of breach data available and how they can be used for offensive and defensive purposes
- Effectively gather and utilize social media data
- Understand and use facial recognition and facial comparison engines
- Quickly and easily triage large datasets to learn what they contain
- Identify malicious documents and documents designed to give away your location
BUSINESS TAKEAWAYS:
This course will help your organization:
- Improve the effectiveness, efficiency, and success of OSINT investigations
- Build an OSINT team that can perform a variety of OSINT investigations while practicing good OPSEC
- Create accurate reporting of your organization’s online infrastructure
- Understand how breach data can be used for offensive and defensive purposes
Course Content
Module1: OSINT and OPSEC Fundamentals
Overview
Before diving into tools and techniques to find, gather, and process information, the course starts with a discussion of how to undertake these activities as safely and effectively as possible. This section begins with an overview of the OSINT process and tips on avoiding analytical pitfalls. We then move into Operational Security or OPSEC. This isn’t just a list of browser plugins and VPN providers: we’ll look at what truly matters when managing attribution. Most of us don’t have unlimited budgets and can’t achieve “perfect OPSEC
Exercises
- Managing Your Attribution
- Dealing with Potential Malware
- Canary Tokens
- Hunchly
- Obsidian
- [Optional] Linux Command Line Practice
Topics
- The OSINT Process
- Avoiding Analytical Pitfalls
- OPSEC
- Dealing with Potential Malware
- Canary Tokens
- Creating Accounts
- Hunchly
- Effective Note Taking
- Report Writing
- Introduction to Linux
Module2: Essential OSINT Skills
Overview
Section Two presents a range of fundamental skills that all OSINT practitioners should have, regardless of the industry they work in. We’ll start with a brief overview of curated lists of OSINT resources and quickly move into understanding the fundamentals of how the web works and utilizing search engines effectively. We’ll cover methods to find other sites owned and operated by the same individuals, how to see content that the site owners may not want you to see, and, as always, the OPSEC implications and how to do undertake these tasks safely. We’ll also cover the why and how of setting up persistent monitoring alerts.
Exercises
- Search
- Instant Data Scraper
- Metadata
- Reverse Image Search
- Facial Recognition
- Translation
- [Optional] Day 2 Capstone
Topics
- OSINT Link and Bookmark Collections
- Web Fundamentals and Search Engines
- Web Archives and Proxy Sites
- Collecting and Processing Web Data
- Metadata
- Mapping
- Image Analysis and Reverse Image Searches
- Facial Recognition
- Translations
Module3:: Investigating People
Overview
Section Three of the course focuses on investigating individuals or groups. We’ll start by discussing privacy and then get into techniques to research usernames and email addresses across popular sites to discover an individuals accounts. The section then covers how to determine if email addresses are potentially tied to fraud and the places where the individual(s) connected to the email addresses may have been.
Exercises
- Researching Usernames
- Keybase
- Twitter Bot Analysis
Topics
- Privacy
- Usernames
- Email Addresses
- Addresses and Phone Numbers
- Introduction to Social Media
- Other Social Media Sites
- Geolocation
- Trends, Sentiment, and Bots
Module4: Investigating Websites and Infrastructure
Overview
Section Four covers investigating websites, IP addresses, and other infrastructure, including the cloud. For students who don’t consider themselves tech savvy, we’ll take the time to explain what the elements are and how they work, and well provide numerous real-world examples of how these elements have helped in investigations. This course section is critical even for analysts who don’t focus on technical topics because understanding how these technical elements work reduces the likelihood of falling down rabbit holes during their research.
Exercises
- IP Address Research
- WHOIS
- DNS
- Amass and Eyewitness
- Censys and Shodan
- Buckets of Fun
Topics
- IP Addresses
- Common Ports
- WHOIS
- DNS
- Certificate Transparency
- Email Headers
- Subdomains
- Technology-Focused Search Engines
- Cyber Threat Intelligence
- Cloud
Module5:Automation, the Dark Web, and Large Data Sets
Overview
Section Five is a fun mix of topics ranging from researching businesses and transitions to covering wireless for OSINT, including using Wi-Fi names to enrich digital forensics data and research locations. We’ll also explore different types of breach data and how it can be used for various OSINT and cyber defender purposes.
Exercises
- Business
- Wireless
- Bulk Data Triage
- Tor and PGP
- Breach Data
Topics
- Researching Businesses
- Wireless
- Breach Data
- Dealing with Large Datasets
- Dark Web
- Cryptocurrency
- Automation
- Path Forward
International Student Fee: 950 US$
Job Interview Preparation (Soft Skills Questions & Answers)
- Tough Open-Ended Job Interview Questions
- What to Wear for Best Job Interview Attire
- Job Interview Question- What are You Passionate About?
- How to Prepare for a Job Promotion Interview
Your FREE eLEARNING Courses (Click Here)
Internships, Freelance and Full-Time Work opportunities
- Join Internships and Referral Program (click for details)
- Work as Freelancer or Full-Time Employee (click for details)
Flexible Class Options
- Week End Classes For Professionals SAT | SUN
- Corporate Group Trainings Available
- Online Classes – Live Virtual Class (L.V.C), Online Training
Related Courses
Open-Source Intelligence Techniques (OSINT) Course
Blue Team Fundamentals: Security Operations and Analysis
Advanced Security Essentials – Enterprise Defender
Securing Windows and PowerShell Automation
Automating Information Security with Python
Security Automation with PowerShell
vc_row_inner]