This is a short post to point you to the new Impactful Videos page here on the site. I'm collecting a bunch of videos that really help people understand the dangers of sharing information online. This Impactful Videos page has some of those videos. Head over there now to watch and learn. But Why Do... Continue Reading →
"We are all different." seems like a simple, easy to understand statement, right? Each of us is different and, in the OSINT world, we leverage those differences to generate creative methods to investigate our subjects and in processing the data we collect. Different is good. Embrace it. And yet, there are times when we forget... Continue Reading →
This short, resource-filled blog post is a companion to a SANS Institute live stream from 2 June 2021. About the speakers: Micah Hoffman (@WebBreacher) is the author of the SANS SEC487 OSINT (Open-Source Intelligence) course: https://sans.org/sec487Chris Crowley (@CCrowMontance) is the author of the SOC (Security Operations Center) Class: https://soc-class.com/ Abstract Whether you are an analyst... Continue Reading →
This is a guest post by Steve Hall (https://twitter.com/shall_1). Thanks for writing it Steve! Update - 2022-03-171. Micah updated the MindMap file to version 2. Little less cluttered and more focused. It is in the same GitHub location and called "OSINT_Maps2.xmind"2. I've moved from MindMaps to Obsidian for documentation. Check out the blog post https://webbreacher.com/2022/03/15/obsidian/... Continue Reading →
I absolutely love all of the public projects where people share their favorite OSINT bookmarks with others. You've most likely seen some of them. [UPDATE] Bruno Mortier (@digintelosint) created an excellent resource of resources page at https://start.me/p/ZME8nR/osint where a bunch of these sites are catalogued. Head over there and check them out! If you haven't... Continue Reading →
SEC487 SANS Institute OSINT course http://www.sans.org/sec487
In this post I use a python tool (EyeWitness), TOR, TorGhost, and the Dark Web Reports from Hunchly to automate viewing the Dark Web resources.
What is WannaCry? In March 2017, Microsoft issued the MS17-010 bulletin (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx) patching (and warning) of a broad set of vulnerabilities in many of its operating systems from Windows XP to Windows 10 and 2016. This vulnerability could be exploited via the DOUBLEPULSAR attack released by ShadowBrokers and supposedly attributed to the NSA. For more... Continue Reading →
Sending financial, health and other sensitive information over the internet is like sending postcards in the snail mail. From the time you hit send to the time it is received in the other person's mailbox anyone can read your messages. Once in the email-provider mailbox (Gmail, Hotmail, Yahoo, Comcast...) they can read the email and... Continue Reading →
Imposter feelings and imposter syndrome resources and links.