Skip to content

Latest commit

 

History

History
820 lines (635 loc) · 73.3 KB

README.md

File metadata and controls

820 lines (635 loc) · 73.3 KB

The Atypical OSINT Guide

The most unusual OSINT guide you've ever seen. The repository is intended for bored professionals only.

PRs are welcome! Feel free to submit a pull request, with anything from small fixes to translations, docs or tools you'd like to add.

Disclaimer: All information (tools, links, articles, text, images, etc.) is provided for educational purposes only! All information is also based on data from public sources. You are solely responsible for your actions, not the author ❗️

Support Project Mail

Section Link
Introduction: Civil OSINT Explore
Immersive & Gamified Learning: Tricks (a) Explore
Training & Practicing Explore
Choosing a Pathway to Follow... Explore
Immersive & Gamified Learning: Games (b) Explore
Work (A-Z) Explore
External Data Explore
Support Project Explore

Start Here

Check out:

Today I would like to talk about how to become a good OSINT investigator, but to continue the conversation I would like to make a small disclaimer - I will tell you only some aspects because the topic is very vast and I can not describe everything in a single guide, however, I will try to show you the way and how to pass this path. This manual is the culmination of years of work by OSINT professionals. Consider this guidebook to be a compilation of advice and routes!

Keep in mind, this essay is intended to be instructional! Consider your actions carefully or you will be prosecuted or worse! Always keep in mind Ethics & related Laws - like GDPR, etc… You should not romanticize OSINT and on-chain investigations in the same manner that individuals often romanticize hacking and warfare, I highly encourage you!

Last but not least, everything you do is based on the outcomes you need to achieve! You should be able to select reliable and vetted sources instead of using all the tools and links. Through given routes, you ought to be able to construct your own journey! Following that, I will tell you about the ways that I deem safe and recommend to my clients! OSINT professionals have spent decades developing this manual, sharing their expertise in every word. Once again, consider this guidebook to be a compilation of advice and routes.

It is also crucial to note that OSINT is merely another means to learn about the world around you and is not a way to "get paid instantly." Always take a break to recharge! Your health & mind are important!

This information does not make you better or worse. Humanity as a species has a proclivity to adapt to its surroundings, which, as we all know, begins with knowledge, observations, and methodology. Take care of yourself, consider the consequences of your actions, and respect the privacy of others. Do not cross red lines!

Expand

Always think twice before acting, follow the law, and follow the OpSec rules. If you want to help or conduct social investigations but lack experience, please reach out to more experienced people so that you do not harm the victims or those attempting to save them. In my articles, on the other hand, I reveal a different application of OSINT, inspired by due diligence and civil financial intelligence, with a focus on civilian applications. That is my vision, which I hope you will embrace...

May the Force be with you!

Introduction: Civil OSINT

To begin with, I want to say that I will consider OSINT as a set of skills or a mindset, because it can be directly related to doxing, military GEO-INT performed by a security company employee or just media OSINT performed by a VC fund employee in order to find new projects for investment, taking the theory of handshakes as a basis...

...Or even a crypto-forensics specialist investigating a major Web3.0 hack case. In other words, it can be used in all spheres of life because it is only a method of working with, assessing and ranking information - do not ever forget that we are all living in the Information Era.

Expand

All of what I said above you can develop in yourself, but the essence of all directions is the same - the ability to notice valuable information, anomalies, see the differences, carefully analyze the facts and build a logical chain - while being in the flow of information. Start up from checking out your own info and your own data: make an OSINT research against yourself. Collect all data, visualize it, then, erase - with using SERM/ORM techniques.

I would like to give you the first lesson, all resources which I will advise you - I studied by myself earlier:

Mind-Mapping

First, let's break down such a concept as mind-mapping. It is very important to teach how to sort information according to different criteria, I believe you can practice sorting absolutely any information you’d like!

What is Maltego and why use it for OSINT? Maltego is a data mining tool that mines a variety of open-source data resources and uses that data to create graphs for analyzing connections. The graphs allow you to easily make connections between information such as name, email organizational structure, domains, documents, etc. Maltego uses Java so it can run on Windows, Mac, and Linux and is available in many OSINT Linux distros like Buscador or Kali.

Basically, it will parse a large amount of information and search various open-source websites for you and then toss out a pretty looking graph that will help you put the pieces together. Maltego can be used as a resource at any point during the investigation however if your target is a domain it makes sense to start mapping the network with Maltego from the start.

Didn't everyone make cheat sheets at school? It's time to do it again, because in the future it should evolve into a Maltego skill!

A tiny tip - perform power-searching with using different IPs, over different time ranges and via different search engines.

Understanding OSINT Fundamentals, according to VEEXH:

  • a. Grasp the concept of OSINT and its significance in intelligence gathering.
  • b. Familiarize yourself with the types of OSINT sources (e.g., social media, public records, online forums, news outlets).
  • c. Learn the ethical and legal considerations when collecting OSINT.

Developing Technical Skills:

  • a. Acquire proficiency in basic computer and internet usage.
  • b. Learn advanced search techniques using search engines and operators.
  • c. Understand the importance of anonymity and acquire skills in using VPNs, proxies, and the Tor network.
  • d. Familiarize yourself with essential OSINT tools, such as Maltego, Shodan, and Google Dorks.

Mastering OSINT Collection:

  • a. Learn how to identify and prioritize intelligence requirements.
  • b. Develop a systematic approach to collecting data from various sources.
  • c. Hone your skills in social engineering, passive reconnaissance, and online reconnaissance.
  • d. Acquire expertise in geolocation, imagery analysis, and tracking down information on individuals and organizations.

OSINT Analysis and Evaluation:

  • a. Learn various analysis techniques, such as link analysis, timeline analysis, and sentiment analysis.
  • b. Develop critical thinking and cognitive bias awareness.
  • c. Understand the significance of the intelligence cycle and apply it to OSINT analysis.
  • d. Evaluate the credibility and reliability of sources and information.

OSINT Dissemination and Reporting:

  • a. Familiarize yourself with the principles of effective communication.
  • b. Learn how to create intelligence reports, briefs, and visualizations.
  • c. Understand the importance of tailoring your reporting to different audiences.
  • d. Develop the ability to present findings in a clear, concise, and actionable manner.

Continuous Improvement and Networking:

  • a. Stay updated on the latest OSINT trends, tools, and techniques.
  • b. Participate in relevant online communities, forums, and social media groups.
  • c. Attend OSINT conferences, workshops, and webinars.

By following this framework, beginners can systematically develop their OSINT skills and become proficient in open source intelligence collection, analysis, and dissemination. OSINT (Open-source Intelligence) is also a crucial stage of the penetration testing process.

A thorough examination of publicly available information can increase the chances of finding a vulnerable system, gaining valid credentials through password spraying, or gaining a foothold via social engineering.

Immersive & Gamified Learning: Tricks (a)

I can also recommend that you turn to an interesting subculture that is suitable for introverts! I am sure that everyone is interested in various strange phenomena in one way or another. Immerse yourself in a net-stalking environment!

Sometimes ordinary people were able to solve crimes which the police could not solve for years with OSINT and GEOINT alone (I could put in here links to subreddits, movies and news but since you and I are now doing OSINT I advise you to find it on your own).

Expand

Also check out:

The main thing to remember is your health, it is above all, do not let your principles be shaken by what you see. You are an observer! Here well helps to understand the psychology of SCP researchers (when nothing is clear, but the scientific method helps to put everything in its place).

Expand

Keep in mind that in this part of the Global Internet (I mean OSINT in general, not only the Net-stalking), the percentage of people who are actively looking for problems or need to express their emotions is no different from other places!

Science + OSINT:

Practising:

So, follow OpSec rules and don't make too many mistakes. Conduct your activities from a separate, isolated device.

Cognitive bias mitigation & decision-making when doing OSINT:

There are no perfect practitioners-analysts, everyone makes mistakes and gets into difficult ambiguous situations (at least once in their life), all the more in conditions of acutely intensive and chronic work overload. And it is absolutely necessary for a practitioner-analyst to know and understand such situations.

Cognitive vulnerabilities (in the established understanding) are exposures and/or tendencies to defects in thinking: significant cognitive distortions, erroneous beliefs, cognitive biases (biases), or stereotyped patterns of thinking that create the basis for a person's predisposition to cognitive failures and lead to distortions and dysfunctions of thought processes.

Most of us experience 'gut feelings' we can't explain, such as instantly loving (or hating) a new property when we're househunting or the snap judgments we make on meeting new people. Now researchers say these feelings (or intuitions) - are real and we should take our hunches seriously.

Don't limit yourself to one approach; don't be afraid to try experiments, but keep in mind that the outcomes of such approaches should always be double-checked. They serve more as learning tools than as actual advice for investigators. Visit the following websites:

Also:

According to wondersmith_rae: In classical rhetoric, the “elements of circumstance” created by Aristotle have been used to analyze rhetorical questions for ages. They also apply to modern-day analysis and can be used as a foundation for an investigation. (Who, what, when, where, why, in what way, by what means)

A condensed yet equally valuable version of the elements is called the “5W’s and an H” or Who, What, When, Where, Why, and How. These questions have been used in rhetoric, religious study, police investigations, journalism, and by lawyers since ancient Greece. It is said that an investigation can not be truly complete until all of the Ws and the H can be answered.

Applying the same elements to our OSINT investigations we can ask and answer similar questions. By answering the 5W’s a narrative begins to emerge from our collected data. It is now up to us as analysts to connect the dots in a succinct way. The catch is, that anyone who has done research knows that when information starts to be uncovered it is easy to get stuck in a rabbit hole.

Once you can distinguish the information, sort it out then the next thing you can do is start practicing. As you know, good practice requires good motivation! You only need to know one thing: people think that intelligence is fixed — but it isn’t. Your brain is like a muscle; the more you use it, the more it grows. Education is no longer a one-time event, but a lifelong experience.

Expand

Also check out:

Recent surveys show that over 97% of businesses store data in the Cloud. Learn how to identify potential sources of Cloud data, issue discovery requests, and implement litigation holds, as well as how to preserve, collect, filter, review, and produce Cloud data.

Information relevant to your case is on the Internet, usually hiding in plain sight. Business records, domain name registrations, websites, online user identities, social media posts, photos, and videos are only a search query away. Do you know how to find it? Learn how open source information can impact a broad range of matters and how to effectively identify sources of information and search for open source data.

Training & Practicing

Good training materials:

Here is a very good brain-stretching game will help to train associative thinking - a very important skill for anyone in OSINT:

When I was young we played «5 steps till Ragnarok» - the goal was to find the page about this myth in 5 steps (5 clicks) from any random Wikipedia page! 🙂

Follow top OSINT specialists:

More Resources:

In addition to its traditional function of enabling less miscalculated decisions, the audience of modern intelligence is growing beyond state or corporation leadership, and is expanding to the public. It is no longer a mere warning mechanism, but also a know-how reservoir and improvisation pool to resolve matters in times of unexpected crises.

Tools (AI, ChatGPT, ML, Others):

In recent years, public interest in open-source intelligence gathering and analysis has increased exponentially. As this interest has grown, more and more OSINT investigations have been relying on tools and automation, leaving the analysis process behind. You should consider OSINT a thought process. The "OSINT state of mind" is key for keeping track of your investigative steps, picking the right tools and sources, analyzing the data, and reporting to generate actionable intelligence!

Choosing a Pathway to Follow...

Some will enjoy analyzing images, satellite images, calculating time and place from the angle of shadows from a photo, or measuring mountain peak size in order to perform private detective investigations. Or, let's say, doing OSINT in crypto, for example, in which case your motivation will be money and self-fulfillment... Or searching for rare stories even!

Read my channel if you like this topic... Or someone can even get into AD-INT which is growing day-by-day right now. For GEOINT skills training I suggest checking geoguessr.com & whereami.io.

Just take a look at this awesome Mind-Map:

Explore data terminals:

You may even want to de-anonymize telegram users (read this channel) or, conversely, join counter-OSINT bros. But in doing so, I urge you not to forget the key skills of information retrieval, information analytics, and information application...

Expand

I'll highlight some basic advice for you - evaluate information according to different criteria, always know your "base settings" - it's good for the mental health, the things you find shouldn't ruin your foundations! Practice it, do it in your daily life, apply OSINT where it seems un-obvious like mentioned below:

Immersive & Gamified Learning: Games (b)

Join communities, of course and chat, chat! Below I've only mentioned English-speaking communities but there are also local ones, do some research on your own. I’m 100% sure in you! You will succeed! Do you like to hang out with friends? If so, then try playing Dozor or Encounter (or any NightGame based on codebreaking or geolocation or Escapology or Lock-Picking) together!

Check out:

OSINT-Games:

Carefully study these resources and come back to them as you journey through the world of the hornets, don't forget the roots. This article does not answer questions, but rather raises some rhetorical questions to encourage you to think about something!

Expand

Since this is an atypical guide, I think it's worthwhile to offer you a list of TV shows and movies that I think involve OSINT in one way or another:

References:

Open Source Intelligence, commonly referred to as OSINT, is the collection, collation, and analysis of publicly available information. OSINT is a tradecraft developed in the national security sector that has now expanded through a range of sectors, including law enforcement, journalism, corporate security, academic research, and the legal sector. OSINT can also be used to support charitable causes!

OSINT Bookshelf:

Zettelkasten Method:

Work: A-Z

I would see it as learning a foreign language. Okay, you have learned it and come to a country where it is spoken to live. But everyone there knows this language... So it's important to know something else in addition. Typically, it is necessary to have writing skills, interact well with people, or be a lawyer. With all said, different approaches require different skills and mind-sets!

Keep in mind that OSINT is NOT a "sort of a front-running/tailgating or scalping but in real life"!

Expand

Work:

External Data

More tools (random) to use in work:

Specific (to be updated):

According to GoldenOwl: As the battle against disinformation intensifies, OSINT practitioners must be vigilant in protecting themselves from manipulation. By adopting a critical mindset, diversifying information sources, verifying social media information, utilizing fact-checking tools, staying updated on disinformation techniques, collaborating with trusted communities, educating others, maintaining ethical standards, and cross-checking information, OSINTers can fortify themselves against manipulation and uphold the integrity of their research.

Awesome articles (external):

As practice shows, modern armed conflicts require new approaches to organizing the collection and analysis of open data, which we operate within the framework of OSINT. Be careful with it and think twice before acting.

Some outstanding tools:

Remember, Your task for this final step is to make a plan for maintaining and improving your OSINT skills. Choose some resources for continuous learning, find some challenges to participate in, and consider joining an OSINT community. Lastly, review your ethical guidelines to ensure you are always working responsibly and respectfully. - Ron Kaminsky

In-Depth (external):

According to Alessandra Adina: The intelligence cycle represents the process of developing raw information into actionable intelligence. This process can enable decision-makers to take appropriate actions based on their findings. While different organisations use variations on different intelligence cycles, a popular one is a five-step cycle: Planning, Gathering, Analyzing, Dissemination, and Feedback.

More specific resources (external):

According to Alessandra Adina: A term you may come across in the realm of OSINT is ‘grey literature.’ These are internal documents not intended for public use, but unfortunately, they can easily end up in places where they are searchable. Examples include technical reports, newsletters, invoices, business proposals, or requests for proposals.

Understanding the value of your organisation’s information, potential attack vectors, and who might be targeted in phishing attacks or other types of social engineering is essential. OSINT can aid you in assessing these risks and planning appropriate defences.

Telegram + Discord: Security, OSINT, SOCMINT:

According to Ron Kaminsky: OSINT has revolutionized the world of investigations, empowering individuals and organizations to uncover valuable information, solve complex problems, and make informed decisions. The ability to harness the vast amount of data available in open sources has opened up new possibilities and transformed the investigative landscape. By utilizing OSINT tools effectively, investigators can save time, gather comprehensive information, and uncover connections that may have otherwise remained hidden. The techniques and methodologies explored in this guide provide a roadmap for conducting thorough and successful OSINT investigations.

Check out my articles:

Support Project

Support is very important to me, with it I can spend less time at work and do what I love - educating DeFi & Crypto users 💖

If you want to support my work, please consider donating me to the address:

You can also send me a donation to the address from this repository!

Check out as well:

Thank you! 🙏