Offensive OSINT - Introduction

I've been fascinated about cyber security, especially Open Source Intelligence, for a long time and I made many research in this field. Some of them were presented on my Medium blog https://medium.com/@woj_ciech. They cover variety of cyber security topics: Leaks, Industrial Control Systems, Malware, Social Media or Darknet but one common thing for all of them are Open Source Intelligence.

During my professional carrier and personal projects, I came across many different and interesting OSINT cases I couldn't write about due to lack of time or enough content and examples. I decided to combine all past and future research into kind of series of Offensive OSINT tutorials.

The articles won't be just bunch of links and description how to use a website instead, explanation how to build the scripts, tools and conduct technical investigations. There are many OSINT categories and I want to present majority of them on a specific investigations. The whole "course" will cover topics like:

  • Source code analysis & deobfuscation
Offensive OSINT s01e02 - Deobfuscation & Source code analysis + uncovering CP distribution network
In this episode, we will take a look on obfuscated javascript code which isactively used in CP campaign, from at least 2018, and on whole distributionprocess that’s also obfuscated by pretending legit files. As a source code analysis example, I will present very brief analysis of knowncoinminer …
  • Disinformation & bots
Offensive OSINT s01e03 - Looking for election related disinformation on Polish service wykop.pl
In this episode, we will take a look on disinformation campaign in polish socialmedia platform - wykop.pl. It’s very similar to widely known Reddit, withoutsubreddits, but with tags and micro blog instead. I will present techniques togather information about users, upvotes/downvotes and content. …
  • Identifying threat actors
  • Money Laundering
  • Extended bug bounty recon
  • Finding Rabbit holes to investigate
  • Hunting leaks from different sources
  • Corporate espionage
Offensive OSINT s01e05 - OSINT & Corporate espionage. Tentacles of Mindgeek part 1.
In this episode we will take a look on corporate structure of Mindgeek - leadingcompany in content delivery, SEO, advertisement, hosting and general techinnovation. They operate worldwide and websites owned by them generate hundredsof millions visits per day and more bandwidth than Twitter, Amazo…
  • Industrial Control Systems and critical infrastructure
Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia
This is the second part of my investigation into critical infrastructure aroundthe world. This article should have been a presentation on ICS Conference inSingapore, however due to Coronavirus it will be a virtual event. I’m notinterested in participating and I have left with quite good material …
  • Darknet investigations
  • Basic malware analysis

It was designed for Security Analyst, Threat Hunters and OSINT researchers and will show offensive site of Open Source Intelligence. First article will present preparation and setting up monitoring for Bluekeep in any organization.

Offensive OSINT s01e01 - OSINT & RDP
This is the first part of Offensive OSINT tutorials which covers preparation(technical and mindset), and presents how to set up a monitoring for Bluekeepvulnerability in hospitals using Shodan and Elasticsearch database. IntroductionThese tutorials will give you insight of OSINT techniques used …

Basic Linux terminal, Python skill and analytical mind are required for each investigation, however everything will be explained including snippets of code. If you have an idea about any new topic, contact me.

Wojciech (@the_wojciech) | Twitter
De nieuwste Tweets van Wojciech (@the_wojciech): “I’ve made a GUI for LeakLooker, read write-up here #osint #cybersecurity #privacy #leak #hackinghttps://t.co/QvjSLat0lI”

Please subscribe for early access, new awesome things and more.