This is a guest post by Steve Hall (https://twitter.com/shall_1). Thanks for writing it Steve! Update - 2022-03-171. Micah updated the MindMap file to version 2. Little less cluttered and more focused. It is in the same GitHub location and called "OSINT_Maps2.xmind"2. I've moved from MindMaps to Obsidian for documentation. Check out the blog post https://webbreacher.com/2022/03/15/obsidian/... Continue Reading →
Introducing OSINT YOGA
I absolutely love all of the public projects where people share their favorite OSINT bookmarks with others. You've most likely seen some of them. [UPDATE] Bruno Mortier (@digintelosint) created an excellent resource of resources page at https://start.me/p/ZME8nR/osint where a bunch of these sites are catalogued. Head over there and check them out! If you haven't... Continue Reading →
SEC487: 6 Days of OSINT
SEC487 SANS Institute OSINT course http://www.sans.org/sec487
Dark Web Report + TorGhost + EyeWitness == Goodness
In this post I use a python tool (EyeWitness), TOR, TorGhost, and the Dark Web Reports from Hunchly to automate viewing the Dark Web resources.
Attitude is Everything
A good friend and colleague of mine and I had a conversation today about the video "InterView - Attitude is everything - Film By Nithesh".  WARNING: There is NSFW (Not Safe For Work) language in the video. In the video, an interviewer is looking for a candidate to fill a role. The interesting bit is why... Continue Reading →
Shodan and DOUBLEPULSAR / WannaCry
What is WannaCry? In March 2017, Microsoft issued the MS17-010 bulletin (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx) patching (and warning) of a broad set of vulnerabilities in many of its operating systems from Windows XP to Windows 10 and 2016. This vulnerability could be exploited via the DOUBLEPULSAR attack released by ShadowBrokers and supposedly attributed to the NSA. For more... Continue Reading →
Encrypt your emails
Sending financial, health and other sensitive information over the internet is like sending postcards in the snail mail. From the time you hit send to the time it is received in the other person's mailbox anyone can read your messages. Once in the email-provider mailbox (Gmail, Hotmail, Yahoo, Comcast...) they can read the email and... Continue Reading →
The Dunning-Kruger Effect
Since my Imposter Syndrome Feelings talk at BSidesNOVA (video here:Â https://www.youtube.com/watch?v=Ls-dnpeKRR0) was 25 minutes, I had to remove some content from what I needed to present. One thing I omitted was the Dunning-Kruger Effect. A Summary David Dunning and Justin Kruger conducted a study of college students in 1999. They found that people "tend to hold... Continue Reading →
Imposter Feelings Resources
Imposter feelings and imposter syndrome resources and links.
The Secrets of LinkedIn
For those of you that have been the targets of SPAM or phishing or perhaps for those of you that are cyber defenders, how many times have you heard "I have no idea how the attacker got my personal email address." I have a secret to share with you. [Come a little closer to the... Continue Reading →