This course focuses on Open-Source Intelligence (OSINT) tactics and techniques designed to help you improve your investigative game. Students should take this course if they are interested in:
- Gaining a better understanding of OSINT techniques
- Improving investigative skill set
- Improving overall research methodology
- Improving personal OPSEC
OSINT is one of the key skills required for both Red and Blue Team jobs - if you want to put these skills in your resume with confidence, this course will help!
Who is this course for?
This course is the key to competent OSINT collection, analysis, and reporting using the most up-to-date tools, techniques and procedures. It is the key component for OSINT Analysts, an essential add-on for cyber security researchers, fraud/cybercrime investigators and anyone who is interested in improving their cybersecurity skill set.
Why take it NOW?
In 2022, open-source intelligence is a key skill that the cyber security field demands. You need to understand OSINT in-depth to be one step ahead, no matter what domain you’re pursuing in cybersecurity.
The study of OSINT techniques, tools and procedures allows you to obtain plenty of information on your targets, from social media handles to email addresses. Using OSINT skills can aid in investigations, cyber risk management, threat hunting, and penetration testing.
Collecting, analyzing, and reporting OSINT demonstrates your abilities as a superior analyst and sets you apart from others.
Why THIS course?
This OSINT course comes with a blend of new OSINT techniques and tools, including website intelligence, data and graph vizualization, as well as deep web and dark web OSINT skills that are currently in high demand.
What tools will you use?
- and others! (TheHarvester, GHDB, etc…)
What skills will you gain?
- Knowledge of Open-Source Intelligence tools and methodologies
- Extracting information from social media profiles (Facebook, Twitter, Instagram and others)
- Gathering information from websites with OSINT tools
- Phishing link analysis
- Corporate profiling used in business intelligence
- OSINT report writing
What will you learn about?
This course lays out the path to understanding differences between active and passive OSINT, and gives you the ability to demonstrate keen analytical skills. Throughout this course, you’ll view and perform labs to understand a wide range of OSINT tools, techniques, procedures and research methods, starting with the OSINT Framework. You will see how to conduct persona-based social media research. You will learn about fraud and cybercrime investigation procedures using OSINT.
Course general information:
DURATION: 18 hours
CPE POINTS: On completion, you get a certificate granting you 18 CPE points.
START ON OCTOBER 7TH
- Accessible even after you finish the course
- No preset deadlines
- Materials are video, labs, and text
- All videos captioned
What will you need?
- A computer with 4-8 GB RAM
- 20 GB Storage
- Internet Connection
- Zeal to Learn
What resources will you receive?
- OSINT report template
- Plugin links
- VM machine
- OSINT tools
- OPSEC tools list
- List of OSINT bookmarks
What should you know before you join?
- No previous OSINT knowledge is required, you will learn everything from scratch.
- Interest, curiosity, and/or experience in the cybersecurity field are strongly encouraged.
YOUR INSTRUCTOR: Lakshit Verma
Introduction to OSINT
In Module Zero, the attendees will get to learn about everything we’re going to cover right from scratch, including OSINT and OPSEC Concepts.
- Introduction to OSINT
- What is Open-Source Intelligence?
- What is Operational Security?
- Understanding OSINT Framework
Setting up the Environment
In Module 1, the attendees will start to learn about everything with a practical approach to setting up labs and VMs to conduct online investigations.
- Creation of sock puppets (practical)
- Getting started with OSINT Framework (installation, configuration, operation)
- Setting up OSINT VM lab (practical)
- Setting up OSINT report (documentation using Note Writers)
- OPSEC setup: installing VPN/TOR with proxy chaining
- Setting up sock puppets with fake emails/DP/disposable phone numbers
- What is API keys, their usage and configuration
- Free API Keys Useful for OSINT
- Canary Tokens & Working of Loggers
- Set up your own OSINT lab and sock puppet accounts (provide a few target scenarios).
In Module 2, the attendees will start finding out about people search-based OSINT investigations with online/offline OSINT tools providing different inputs like email/photo, etc.
- User name OSINT (practical)
- Reverse image search (Google Lens , Google, Bing, Yandex)
- Phone number OSINT: Phoneinfoga (practical)
- GHunt: email OSINT (practical)
- Sherlock framework (practical)
- Public records database (HIBP/Dehashed)
- Crawling for index data on different search engines (Google, Yandex, Bing)
- Google Dorking/Hacking & Google Dorks, GHDB
- Metadata analysis of a photograph
- Email information gathering using GHUNT
- Metadata analysis of a photograph
- Gathering information of email using Maltego
Social Media OSINT
In Module 3, the attendees will dive into social media based OSINT investigations with online/offline OSINT Tools via different analysis methods across text/video-based social media platforms.
- Facebook OSINT (practical)
- Instagram OSINT (practical)
- Twitter OSINT
- YT OSINT (practical)
- Snapchat OSINT (practical)
- Working with geotagging & geolocation GEOINT
- Accessing public records/media/text/files
- Working with Maltego configuration & Usage
- Information gathering using Maltego
Website & Company OSINT
In Module 4, the attendees will learn website-based OSINT investigations with online/offline OSINT tools and company-based searches, also including company emails to data breaches.
- Intelx search engine (Practical)
- Business email identifier Hunter.io
- Corporate OSINT: ZoomInfo
- Httrack website downloader (practical)
- Deleted websites OSINT using Waybackmachine (practical)
- Website footprinting using Spiderfoot (practical)
- Shodan/Censys/Neoltas queries & hunting (practical)
- Github reconnaissance
- OSINT Bug hunting (Github, Recon, Favicon, Metadata)
- Preparing Open Source Intelligence Reports
- Essential plugins for OSINT/browser (OPSEC Plugins)
- Getting archived/cached versions of websites
- Finding emails of employees of a company
- Harvesting email using email harvester (Kali Linux)
MCQ Test: All the material overviewed in this course.
If you have any questions, please contact our eLearning Manager at [email protected].