Open Source Intelligence (OSINT)

Date: 2022-10-12

Difficulty: Beginner

Delivered By: Bilaal Rashid

Overview

Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context.

It’s important to know your target extremely well before you start an attack. You can find very interesting information that could possibly lead to an easier point of ingress.

'Doxxing' is the act of performing open-source intelligence on a target to create a dossier of compromising material that will be published.

The term "open" refers to overt, publicly available sources as opposed to covert, clandestine sources. An open resource could be an email address that is publicised, whereas a closed resource is getting an email from a database dump (don't buy a database dump, it's a tad sus).

What and Where to Look

Look for any information that could be weaponized (pictures of badges, email addresses, IP addresses, DNS information etc). Have a look at company and staff social media, the company website, newspapers, online publications, blogs, etc.

Prerequisites

There are no prerequisites required to take part in this session. All you need it a web browser and a curious mind.

Challenges

SecureATea are an exciting (and fake) start-up that launched in 2019 with a revolutionary idea. They've got machine learning, blockchain, an ICO, all on 5G. Now they're back for 2022: but hopefully they're a bit more secure this time.

The aim of the session is to use OSINT to find useful information about SecureATea's website. You do not need to send any goofy requests to the website, all you need is a browser and to explore what is online.

The session can be attempted at: https://osint.sucss.org/

Further OSINT Work

Trace Labs uses OSINT to help find people who have gone missing. They are there to help investigate missing person cases, as well as educate individuals on OSINT techniques.

Useful Resources for Session

• CyberChef

• AES Encryption/Decryption

• Subdomain Finder

• Web EXIF & Metadata Viewer

• git-diff

• robots.txt

Useful OSINT Resources

• OSInt Framework - A website that collates many different resources to perform open-source intelligence.

• Shodan - A search engine to find specific types of computers connected to the Internet.

• Google 'Dorks' - You can use advanced operators in Google in order to locate security holes in configurations and code that websites are using.