The OSINT Resource Classification System (ORCS https://orcs.osint.ninja) has a huge goal: to provide a common categorization/classification system for OSINT resources. My hope is that our OSINT and ThreatIntel community can come together and agree on some sort of organization system for OSINT resources so that when you visit one site like http://osintframework.com and look for... Continue Reading →
Introducing OSINT YOGA
I absolutely love all of the public projects where people share their favorite OSINT bookmarks with others. You've most likely seen some of them. [UPDATE] Bruno Mortier (@digintelosint) created an excellent resource of resources page at https://start.me/p/ZME8nR/osint where a bunch of these sites are catalogued. Head over there and check them out! If you haven't... Continue Reading →
Mining for OSINT gold: RIR data via API
This is a guest post by David Mashburn (@d_mashburn, https://www.sans.org/instructors/david-mashburn), Certified SANS Instructor and cyber ninja! OSINT isn't just about doing pre-attack recon. It is often leveraged by defenders as part of the incident response and investigation process. One of the most common applications of OSINT for a defender is to perform lookups on available... Continue Reading →
6 Days of OSINT
SEC487 SANS Institute OSINT course http://www.sans.org/sec487
Custom Searching Google Album Archives
Using a Google CSE (Custom Search Engine) to enhance OSINT investigations.
Dark Web Report + TorGhost + EyeWitness == Goodness
In this post I use a python tool (EyeWitness), TOR, TorGhost, and the Dark Web Reports from Hunchly to automate viewing the Dark Web resources.
Shodan and DOUBLEPULSAR / WannaCry
What is WannaCry? In March 2017, Microsoft issued the MS17-010 bulletin (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx) patching (and warning) of a broad set of vulnerabilities in many of its operating systems from Windows XP to Windows 10 and 2016. This vulnerability could be exploited via the DOUBLEPULSAR attack released by ShadowBrokers and supposedly attributed to the NSA. For more... Continue Reading →
Removing Yourself from the Internet
Helpful guide that provides directions on how to remove private information from public web sites.
The Secrets of LinkedIn
For those of you that have been the targets of SPAM or phishing or perhaps for those of you that are cyber defenders, how many times have you heard "I have no idea how the attacker got my personal email address." I have a secret to share with you. [Come a little closer to the... Continue Reading →
