See all David Bombal transcripts on Youtube

It just amazes me because like from a security point of view, you're telling me you're not at home. It's a perfect time to go and rob your house.

You'll see that there are a lot of people that share a lot of very sensitive things. And some of them don't realize that they're sharing sensitive things until we aggregate them and analog.

People like want to overshare. It's interesting that people set that on. Hi everyone, it's David Bombal back with Micah from OSINT Curious. Micah, welcome.

Thanks for having me back, David. It's great to be here.

Yeah, man. Some of the videos we've done with you and the team have done really well, and I'm really looking forward to what we're covering today. A bit of OSINT, is that right?

That's right. We're gonna kind of extend what Lizette, Steven and I were able to do in previous broadcasts so that we can show just different parts of OSINT and some really cool tools and things we can do.

That's great. So for everyone who's watching, if you haven't seen the previous videos, I've linked them below. Some great content was shared, but Michael, you take it away. I'm gonna keep quiet. And as I said, you know, before we started, I'm just here for the ride.

Take me and the audience on a ride and show us what you, you know, what you've got.

All right. Well, David, as always, stop me when I do something that you have questions about, because I know that you ask some really insightful questions here. So let's go ahead and take a look. What I thought we would start out with is doing some geolocation. And the geolocation that we're going to do is a little bit different from the geolocation that we've done in previous YouTube videos for you in that we're going to be looking at social media, people's social media.

And in Oakland, we do that for a number of reasons. First off, maybe we want to find out where a person is. Maybe they're a missing person or maybe we're interested in them as kind of an interesting person for law enforcement. Maybe we're trying to look at what's happening in an area of the world. Maybe there's a protest, a riot, a natural disaster that we want to investigate.

So what I thought we would do is head over to Twitter. Twitter is a very big international social media platform. And as you can see, I'm not signed in or anything. Everything that I do today is 100% free and 100% open without accounts, which is 1 of the best things in OSINT. We have access to all these things.

And do you recommend, I think you used this term previously, a socket account or something, do you recommend, can you explain what that is and why you'd use it? I don't wanna take you on a tangent, but just thought of it now.

Oh, no problem. So within open source intelligence, we many times need to get onto social media platforms that sometimes require us to create a research account or as you call it a sock puppet account. Those accounts are real accounts in the platform, but ones that we control that are not mapped back to our personal details. So on a platform like Facebook or VK, I would create an account there that's a valid account that would not be in Michael Hoffman's name so that I can gain access to the data I need for my customers. Here on Twitter, on Strava, on some of the other sites that we're dealing with, you do not need a research account or a sock puppet to log in to gain access to this data.

The data is just public. So let's take a look. Now, my goal here is to access that geotag data. Geotag data is simply when you have your mobile device and you tweet out something or you post something, you tell it to record your GPS location, or maybe in some platforms you are going to be doing like check-ins. And those check-ins are where you say, hey, I'm at this location, those are recorded along with your posts or tweets or whatever it is on that platform.

With Twitter, they actually have an option for people to opt in to share their geolocation. Also, in your profile on Twitter, you can look for, you can insert in certain details. So if I go to, actually instead of my Twitter, let's go to OSINT Curious just to show you. So OSINT Curious says that it's US based and international focused right here. Now sometimes they'll actually have, the accounts will actually have their real location, real city, and that can be searched on as well.

Let's go ahead and just take a look at how we access geodata on Twitter. It's actually quite simple. First thing to do is get a latitude and longitude. I'm gonna, I'm over here in my Google Maps and I'm gonna pick a place in Singapore. Now the way that the geotagged information works on Twitter is that you essentially put a pin in a map, say at this latitude and longitude, I want this amount of space, I want 1 kilometer radius around this point.

Grab all of the geotagged information from that. So what I'm gonna do is grab a latitude longitude. I'm over here in Singapore, and I've got a latitude and longitude right up here in the URL. And that latitude and longitude I can just plug right into Twitter using a special term. But I kind of want to limit the results.

I don't want all the tweets that are geotagged in Singapore. I just want tweets that are within maybe 3 kilometers or 3 miles of a certain point. So what we can do is use another tool. There are many tools out there that will allow you to pick a point and then draw a radius, a circle of a certain radius on a map. I'm choosing mapdevelopers.com.

And if we go in here to Singapore and we zoom in to like the Marina area, we can create a new circle, move it over here, and then we can change the diameter of it or the radius of it so that it just has the area we want. Now picture this, maybe there's a protest or rally. Over in Singapore, they just legalized, I think, gay relations. So a lot of people are out there and happy in the streets and stuff. We can put a point in the map and say within 1 mile of that point, I want you to tell me what's in there.

And we look to see if our targets are in that area. Okay, well here we've got the Marina Bay Sands Hotel. We've got the Boat Quay. All right, this is good. So if that's where we want, then over in the other map, we're going to put our point right there on that area, right here.

We're gonna put it right there. And then we're gonna take this latitude and longitude. Do you have to do all that? It helps, especially if you're trying to get a very tight area. Like David, if there's a building that some people work in and you wanna see if people are tweeting with geolocated content from inside that building, we can specify a building and then a very tight radius circle.

A lot of people don't turn off their geolocation, is that right?

That's right, well actually it's the opposite. To do geolocating, to do geotagging of your tweets, you have to opt in for it. It is off by default. So people would have to opt in. There are certain reasons why people want to do that, which are frankly beyond me.

A lot of people do that. So let's take a look at this. So we go over to the search, we type in geocode colon, paste in that latitude longitude, and then what we need to do is tell it how big of a radius around that. Let's go ahead and hit comma, 1 kilometer. You could also do 1 mile or 5 miles or whatever.

In fact, let's just make sure that we get a good listing here. We're going to do 5 kilometers. And what we see are geo-tagged tweets that are within this area. I'm gonna hit latest here. Again, I don't know what's coming up, but here we have a Singapore strategy session and more.

If there was a protest or a riot or a rally or something else going on, natural disaster in this area, what we might see here are photos from around that area, and it could help us assess the situation. Now some of these things may not be safe for our audience here, but you can see that we are targeting that area. This is actually helpful in certain situations within open-source intelligence. The other thing that people like to do is, well, let's let's follow 1 person and see where they're tweeting. So instead, and so David, if you were going around the world tweeting out with your geo tagged on, your geo tagged on, could we figure out where you go, where you tweet?

To do that, what we're gonna do is we're gonna switch to even a different tool.

It just amazes me that people, I think, I don't know if it's education or if it's just wanting to share, people like wanna overshare. It's interesting that people set that on.

Oh, absolutely. It amazes me, and as we go through this, today's video, you'll see that there are a lot of people that share a lot of very sensitive things. And some of them don't realize that they're sharing sensitive things until we aggregate them and analyze them. OSINT is about gathering, but it's also just as much about analyzing it and figuring out what it means. Here's Steve Wozniak, co-founder of Apple.

Steve likes to geolocate. And you can see right here, he's geolocated his bio to Los Gatos, California. Well, some of his tweets are also geolocated as well. And what we're gonna do is we're gonna use a simple tool called GeoSocial Footprint, and we're gonna type in his name here. And what this tool's gonna do is it's going to grab his most recent tweets, extract the geolocated data, and then plot it in a heat map here.

So forgive the for development purposes only, this just means that the site did not pay Google for access to their maps. But if we look at this, you can see where Steve Wozniak is doing his geolocated tweets from. Right? Well, it gets even better because this is an interactive map, right? So where's a place that people normally use social media?

Where would you say? Where do you use social media, David?

All over the place, but I mean, in cities is often the place where, like I can see Death Valley there, which is interesting.

Yep, Death Valley. But would you say maybe your home and work?

That's a really good point. I would turn my geolocation off. And I'm really scared to tell you anything when you know when I have these videos into these interviews. It's like I'm not telling you anything. But yeah, you're right.

That's a very frequent response to people. So 1 of the things that was near and Steve Wozniak does is he tweets. Actually, he doesn't tweet with his geolocation on. He uses Foursquare and checks into places. Then Foursquare is tied to his Twitter and gets the geolocated content.

But here we go. Remember, Steve Wozniak's bio said he was in Los Gatos, California. Well, if we zoom in on this bright spot right here, guess where it is? Los Gatos, California. And guess what?

If we keep going in, let's just control zoom. Here we have High Street and Cypress Way. There's a very bright dot right there. Let's just go ahead and go back to Google Maps.

I see you running into VM, right?

I am running into VM, that's right.

Is it just to keep it more secure or make sure it's private or?

It's some to protect me from your audience because I know that you have some very talented people in your audience. And some it's to make sure that whatever I do in here is is compartmentalized. I don't want to when I go. I'm also using a VPN. For instance, when I pull up Google Maps here, you see it pulls up the entire United States instead of this is Micah's neighborhood where he lives.

So some of it's to protect me and some of it's to protect

you. Very wise.

High Street and Cypress way in Los Gatos, California. So all we're doing is we are taking this data, High Street right here in Cypress Way, and we are pulling that up in Google Maps. And if you look right here, we have that kind of wavy area. And if we look over here, here's that wavy area right there. There's a spot.

That spot, if I turn on this, seems to have a very big house at it. Guess whose house that is?

I wonder. Might be Steve's house, maybe.

It might be Steve Wozniak's house with a very nice pool and all. And this is 1 of the things that we do in certain situations is we just see where the data leads us, use online free tools to evaluate the data and analyze it, and then come up with a recommendation. If Steve Wozniak had contracted me and say, hey, figure out the risk of my online presence. 1 of the big things I would say is, you show people everywhere you go when you tweet and do stuff like that. And that might be something that we could get him to change his behavior on so that we don't see all of the places where he eats and travels to.

Michael, it's Foursquare where people check in the whole time, is that right?

That's right. Foursquare is a geolocation-centered type of social media platform.

And people still use that, is it quite popular?

Yeah, let's go a little off script here. And let me show you just an example. There's another tool here called socialbearing.com. And what this allows us to do is for free analyze somebody's Twitter profile. So again, let's just go over here to handle, we'll do Steve Wozniak.

What this is doing is grabbing the most recent 200 tweets from his profile, and then it's going to analyze them for me. Now, I like to go ahead and hit this a couple of time to load like another 200 tweets and another 200 and what we'll be able to see is not only what is Steve Wozniak saying in his tweets, but how is he saying, how is he communicating to Twitter? And you can see all the statistics here about how many impressions he's got. Don't really care about that. What I care is down here.

See his tweets by source? Yeah. Yeah. So 1 of the, the, the things that Steve Wozniak does is 59.8% of the last 600 tweets were percent from the application for square. I mean as an and now as an investigator I'm looking at that going steve was the act doesn't use Twitter as much as he uses Foursquare, and then Foursquare ties to Twitter.

Does that all make sense?

Yeah, I mean, and Foursquare is just used for checking in, like I'm at this hotel or I'm at this place now, is that right?

Yeah, well, let's take a look at it. What we can do on the left is filter out some of these things. So let's look at his geolocated tweets and then if we scroll down what we get are these tweets and you see this via Foursquare. So these are all of his tweets that are tweeted from Foursquare and geolocated. And you can see it says, love many camp songs, startling biome in Death Valley.

So yeah, people are checking in. They're posting some content, sometimes with pictures, and then that is trickling over to Twitter because he's connected those accounts. And that would be a good pivot point for us as OSINT investigators. We started with his Twitter, but now we know about his Foursquare and that he uses that probably more than Twitter.

It just amazes me because like from a security point of view, you're telling me you're not at home. It's a perfect time to go and rob your house.

There actually used to be a site out there called Please Rob Me. And it was a proof of concept site where people literally would watch as people checked into places and they would say, oh, so and so just checked into the Dallas Fort Worth airport or some airport and they're not at home. Go rob them. And it was a spoof site, but it caused a big stir because it was, it brought up these privacy issues. And to be honest, there's a lot of people out there that don't care about privacy.

I was going to ask you, you know, do people, Are people more aware or are you encountering the same problem, which could be a problem or an advantage for you, depending on what you're doing. Are people like, I don't care, I'm just gonna share it to the world?

Yeah, so there are several different, I would say, shades of gray there. There are the very privacy focused, the people that don't care, and then the people that care a little bit, so some of their settings will be changed. I don't know if we talked about this on a previous broadcast, but in open source intelligence, there is an inverse relationship with that and privacy. As you increase your privacy, you decrease what we can find about you via open source intelligence. As you decrease your privacy, we can usually find more or access more.

But like the average person out there, let's say non-technical, and I mean, depending on who's watching this, I mean, you may be watching this just to realize how you're oversharing, but what is the average Joe deal? Is it just like it varies depending on who you're investigating?

It does vary. And it varies not only who we're investigating, but what platforms they're on. Because some platforms are a little bit more security conscious. Well, for instance, Twitter makes you opt in. I know, I know, I have to say this tongue in cheek, but Twitter makes you opt in to do the geotagging.

That's terrific. There's some platforms that just automatically do that. I don't know if you remember back when the Parler app was big or Parley app was big. People put that on their phones, they went places, and they maybe didn't realize that the GPS locations were being tagged. Then during the January 6th insurrection over here in the United States, the people went places, their phones recorded it in the app, and then after Parler was compromised, all of that geolocation data that some people didn't even know was happening when it was released to the internet.

And that was a very big deal. Yeah, so some platforms, really good with privacy, some make you opt in, say, are you really sure you wanna do this? And some are just open and accessible by default.

So I took you on a tangent, so I took you off your flow, but that's brilliant, thanks.

No, no, that's absolutely fine. I'm here to help explain things. Well, let's, you know, I had a flow here set up, but you're right. Let's go ahead and maybe follow this path. Let's move away from Steve Wozniak here and let's move over to something else.

Alcohol. I don't know if you've ever heard of this Untappd.com drinking app.

I don't drink. I don't know if anyone realized I don't drink alcohol. So I don't follow this stuff, but it's good to know about it for people who enjoy their drinks.

That's a very interesting bit of data that you brought up there, because I don't date because I've married and my wife frowns upon that. But I have, I know, right? So I haven't been to like online dating, but for open source intelligence, I may have profiles on online dating sites because that's where my targets are. So many times as OSINT people, we will go into places that, you know, the real Micah Hoffman would not go. So even though you don't drink, I don't use this app, but it's a good data source to show some interesting things.

Mason I

just thought you liked beer. Come on, Micah.

Michael Well, that's the private Micah. That's not public. I might like beer, but I don't like telling the world I just drank this beer at this location with these people at this date and time. That's what I kind of draw the line on. And that's really what Untapped is.

Untapped, you take your mobile device, you take a picture of your beer like this person has. So you sign up for an account on Untappd, then you put it on your mobile device, then when you go out or stay in and you drink a beer, you can take pictures of it. And then as you can see here, we have a person is drinking a certain beer by a certain place at a certain location. We also have the dates and times when this activity was logged. Yeah.

So I initially was introduced to this back in 2015 when 1 of my buddies was tweeting out things like hey I just earned a badge for the most. IPA is drinking singapore whatever I direct message like you realize you're telling me your alcohol, like consumption details? And he says, what's the worst you can do? It's like, oh, okay, challenge accepted, right? That's, To a cyber guy, to an OSINT person, that's like the worst thing you can say.

What I did was I started looking at the site for that open data. What can you see here without an account? And you can see we have check-ins. And that's another thing that we do in OSINT is we look at the data and we realize that this is not necessarily this person drinking all of these beers, it's that they've recorded it. You know that people on the internet lie sometimes?

Yeah.

Yeah. So, some of this, and so they may not have consumed all these beers, et cetera, But this is what their profile says.

Someone really enjoys drinking though, if he was drinking that amount, yeah.

Yeah, yeah, well, the interesting thing here, David, is not the individual data points, but this is something that we were talking about earlier, that aggregating this data gives us a better picture. And so I created a tool called untapped.osint.ninja.

Micah is extremely humble, but Micah, I know you've created a whole bunch of tools. So I'm really interested to see this new tool. So offline, Give us some of the tools and I can put them below so people can see, you don't just use other people's tools, but you create your own and help people in the community. Sorry, I took you off on a tangent there.

No, it's absolutely fine. You're right, sometimes we have these ideas, these scratches, these scratches. Sometimes we have- Pictures of it. Yeah, that we need to scratch and the existing tools out there just don't do it. So maybe we need to create a tool ourselves.

I'm well-versed in Python, and so My original tool to do this analysis of untapped was written in Python. And then 2 people, 2 colleagues of mine, Brandon and Wesley, created this web interface, which makes it so much more accessible. The idea here is that we take the username from this page and we run it through this. So I'm going to type in the username here and hit scrape. What this tool is doing in my browser is it's visiting untapped, querying it, grabbing that data about their friends, about where they're checking in.

And the interesting thing about that is it's a little bit of a different geolocation, right? Previously, we were talking about Twitter geolocation where latitude and longitude stamped in with the tweets. Here, we actually have locations that are, well, like this Mexican grill here. This, if we click on it, has an address. So we have to do some geocoding there.

Hey, where is this address? Because this person said that they were there. We should get back some really good data here. Here we see that total beers, total unique beers. This was in his profile, the recent activity.

These are the places where this person checked in. Wait, it gets better. These are the beers that the person said that they consumed. Does this heat map look interesting to you?

Well,

1 of my favorite features, David, we can track where people say that they're drinking now. This is only the this is only some of the beers that they've recorded publicly. And this whole process only works if somebody has a public profile on Untappd. But, I mean, looking at this person's profile and the beers that they say that they've consumed in the certain locations, you can see that, well, some of it's down here in Mexico. We've got some Louisiana, but most of it recently looks like it's up here in the Northeast.

And of course, we can drill down.

I love this. This is brilliant.

Well, the interesting thing is that now we can get into the analysis portion right the data gathering portion everybody loves running tools right everybody loves to run their tools to grab the data but where a lot of people fall short is with the analysis so let's go here to Boston or Baston, depending on where you are. All right. And so we can see that this person recorded 7 beers at the Fine Line Taproom right near the Spring Hill Suites in Boston. Right? Here's the Spring Hill Suites.

Here's that. Now, 1 of the things I know about this person, because I've used them in these examples in previous videos and stuff, is that they have a pattern. Watch this. If we come back up here to Venues, And we search by last visit date we just sorted by last visit date so this is the most freak most recent 1 we can usually find that they fly to a place like hampton in north adleboro massachusetts Then they visit a few taverns in Massachusetts. Then they go somewhere else.

And what they do is they check into their hotel and then they have a drink at the bar. And so here we have 4 points by Sheraton and then we have where they went and then the Fairfield Inn. So what we're doing is through the aggregation of this data about this person, we are tracking where they are. If you wanted to serve them a subpoena, you wanted to find out what they're doing, you literally could watch their untapped, see where they're checking in, and then you can go visit that hotel, wait for them to come back or do some other stuff here. Yeah.

Well, the tool does other things too. Let me just zip down to the bottom. If that's not enough, it analyzes the hours of the day.

At least he's not drinking all the time during the day. That's good.

Right. Or like the morning hours. You know, I've done this analysis across many people, and sometimes you're like, wait a second, this person's drinking 9, 10, 11 o'clock in the morning. That's that might be an interesting data point. And this is localized to their phone too, so it doesn't matter what time zone they move to.

Then here at the bottom we have some analysis, and that's the interesting thing, David, is that So we have this, what's the worst you can do? It's just me posting a beer in aggregation and with additional analysis, we now not only know what beer you're drinking and where, but we know where you frequent, We know where you're staying at a hotel. We know what days in the week and hours of the day you may be drinking. This is all really important stuff and can be a big factor in some of the investigations that many OSINT investigators do.

My scary thought is like more and more data, like medical data, stuff like this, is being shared online or by apps. You mentioned like Strava in the previous video. I find it amazing that people are sharing not just like check-ins at a hotel, but they're sharing stuff that can affect medical, which can affect your job prospects, it can affect so much in your life.

Oh, absolutely. 1 of the things that I won't show, but that I'll tell you is that some of the social media platforms collect that data, not intentionally necessarily not, well, they might collect it intentionally, but they also collect, they allow people to post pictures. I've done demos on certain social media platforms where you literally can type in words that would appear in somebody's hospital bill. So you know, you might have laboratory results, you might have invoice, you might have a bed or whatever. You put that in the search field, and then you look at photos on that site, and you will come up with people that have taken pictures of their hospital bills and posted them.

All of their data is there. It's absolutely incredible.

And it's public, right?

Yeah, well, it's public with air quotes because some of these platforms require you to have that sock puppet or research account that we talked about. You know, some some platforms like Twitter and and untapped are mostly open. Some of them you require you're required to get that account to get in. And then everything might be open.

Yeah, but I mean, I think that's a very low barrier to entry.

It is. It is. And that's 1 of the question marks in open source intelligence. It's like, what is your and your company's and your country's definition of open? Is open just anything you can access for free without an account.

If you create an account on the system and still can access it without further access controls, is that open? And that's a big variable in certain investigations. So 1 of the things that we have talked about previously is exercise. You know, you and I talked in the beginning of this, this episode about people that just want to share, want to put their data out there. And and there's good reasons for that sometimes there.

You know, You want to compete with other people. You want to share for safety reasons. Say, this is where I am in case something goes wrong. And there's some platforms out there that allow you to do that in a safe way and some that allow you to do it in a more public way. 1 of the ones that I've been working on or doing demos on for years is Strava, the exercise app.

And here's just an example. I'm at Google. Here I've typed in the Google dork or the Google query site colon Strava.com to focus Google on only results coming from Strava's website, then I put John and Commute in quotes saying that those have to be in the results that are coming back. And see, we've got 575 results, We've got some segments, we've got athletes. And I'm just gonna go ahead and right-click and open a few of these.

Let's see what we got. Again, this data is somebody's data that they've been posting. I've not logged into Strava. You can see up here in the upper right, I'm not logged in at all. And what we're getting is people's rides, description of their rides.

Here's an afternoon ride. Here's a morning commute. Now David, when you commute, You usually commute from home to work or work to home. So what we've got in this Strava ride right here is an endpoint that is probably a home and an endpoint that is probably work. And we can get in there and get the details.

Some of this data on Strava is more, is well protected and some is not the thing I want to show you in your audience is maybe. That there's always different layers to the data we can look at this and go wow you know I could probably zoom in on Google Maps to this area in a certain place and maybe figure out what these spots are here. But we don't have to. We can go more technical here and right click on the page, view page source. Coming back over here we see this 4.2 miles.

Let's just go ahead and copy that and do a find for 4.2. We have this big long list of content here and you see here like morning commute. Wowza, it is a great day to be alive and on a bike and over here we says morning commute. Wowza, it's a great day to be alive. We found the entry for this effort.

What we can do is copy this. I'm going to select it all, copy it, and then put it into 1 of my favorite tools. Have you ever heard of CyberChef? No. Oh, David, you and your audience are going to love CyberChef.

It's a JavaScript.

You need to assume that I know nothing, because that's the right way to assume it.

So CyberChef is a JavaScript-based free tool that does all of the things that a cybersecurity person and OSINT investigator might want to do. For instance, here I can paste in all of that input here. Now I know that this is going to be, eventually be in the JSON data format. And I know that I need to remove from this quote over here, go all the way to the bottom, and do the same. I need to expose that end curly brace there.

Now, what CyberChef does is it converts things. It encodes, it decodes, and it can do, well, things like a recipe. When you have a recipe with food, you do 1 thing, then you do the next, then you do next. And we create a recipe. Same thing here.

I'm noticing that we have ampersand quote semicolon. That is an HTML entity. And so I can come over here to the operations and type HTML entity, and it says, oh, from HTML entity. It tells you over here, ampersand amp semicolon becomes ampersand. That's what I want to do here.

I'm just going to drag that over here and look at the output. All of those ampersand quotes turned into actual quotes. That's really cool. Now, I know that this is in a JSON format, and I want to make it prettier. I go to JSON Beautify, and I add that I say, do the HTML entity, then JSON Beautify.

Now, look at the data over here. It's very readable and there's all of the data that we might need to look into this profile more. We have logos, we have URLs, challenge IDs, and as we scroll down, here are recent activities. Here's the evening ride Jarvis bike delivery. Afternoon ride and I guess the morning commute while is right there with details about it so the new thing about cyber the new thing about osin is that there's always deeper that you can go if you have the skills to do it.

And so you always have to keep learning and growing and exploring.

So, I mean, there's a lot of free tools out there. I mean, you've shown tools that are available, just anyone can use. And you've had to create certain tools, right, for yourself because they don't take you where you want to

go? Absolutely. My tools are over on GitHub, and all of my tools including the untapped scraper, that tool that's the Python tool that feeds into the untapped tool that we saw right here, what's my name, which is a username enumeration tools right here. And it's all free for all of the people to use.

Mike, that was brilliant. I always get this question and I always like to wrap up with this. If I'm interested in this field, where do I go? I'm assuming OSINT Curious is a great place to start, right?

I am a little bit biased, but I'd say yes, I was in Greece is the best place. And actually, I get usually 2 to 3 requests a day on different social media in different places. That asked me that exact question, how do I get into open source intelligence? Or what are your recommendations? What tools should I learn?

Should I learn Kali Linux or whatever? My response is always the same. It is join a community. Don't just listen to me, who's over here in the United States that deals with certain types of things. You might be in a different part of the world you might have different goals are different thoughts on the world I am different interests so what I usually say is joining a discord slack or some other type of community I was curious has a discord at I am dead and dot osin curio dot us slash discord it's free we got almost 8000 people in there and the from all over the world and they're very supportive.

So a new person joining, asking me, Hey, what do you suggest is going to be a lot less productive than them going to our Discord and going and joining the How Do I Get Into OSINT channel and look at all the wonderful responses from our experienced investigators.

Mike, Can you go to the OSINT Curious website and just show us like some of the, like getting started stuff or, you know, like we said, if I'm new, I mean, I can go to Discord. Is there any like places I can start here, people I can follow, you know, how do I get started?

Absolutely. 1 of The simplest things to do is just go to osyncurio.us or osyncurious, and all the things that you need are here. The link to our Discord server is right over here. That'll take you over there. You create a free account, and you have instant access to our community.

We have blog posts, and here's some other ones. These are free blog posts that are written by people that do open source intelligence and that you can trust. And then up here, we have our 10 minute tips and live streams and other things like videos right right these are 10 minute videos that are skills based videos I'm steven harris nix intel made the wonderful resource right here I am curious resources that's just a Google doc but it organizes our content so if you wanna learn linux basics you click over here and then here's our 10 minute tip videos that take you off to our free youtube page just really easy to access which everything in control over people, over our users. You mentioned who do I follow? Well, we have this About Us channel, our About Us page, and down here we have the members and their Twitter handles.

I would strongly suggest following these people and even the people that used to be a part of our project but maybe have moved on to bigger and better things, they are also on this page.

I just want to make this clear, Ocencurious isn't a corporation, is it?

That's right, we're a US-based non-profit.

I think that's important to highlight. So for everyone who's watching, you're not trying to sell something. You're just trying to help the community.

Yeah, Ocencurious is all about building community, strengthening community, and teaching that community for free. All of our products are free. We do live streams. We have a video library going back to 2018 with thousands of hours of live streams and skills-based learning that, like I said, are all free. We are supported

100%

by patrons using the Patreon patron site over here on our page. We also have some sponsors that have been amazing to help us out. And then just people like you and other people that have allowed us to promote ourselves on the show and get new followers.

Yeah, I mean, that's brilliant. So I mean, for everyone who's watching, I suggest, you know, go and sign up. It's all free, so make the most of it. What books, any recommended books, any recommended like courses? Because some people like a structured learning path.

Is there like anything that you'd recommend?

There is. And it is a little bit selfish of myself.

No, no, feel free to promote, because it doesn't matter. It's like, how do I get started?

Okay, so my biggest suggestion right now is MyoSint training. It is a training site that I've created and it has, it is all about affordable learning with all of the great details that you would need. Everything from cyber threat intelligence and OSINT to the school and skills and stuff. So, you know, using OSINT command line tools, we're just getting ready to put a whole bunch of new core content on there about how do we do open source intelligence using different tools and different techniques. Heck, I've even got a class here on how to use CyberChef more, like what we just did today.

So this is 1 place that I suggest. There are also some really, really talented people out there that do open source intelligence that share openly, people like Sin Windy and his OSINTdojo.com site and other people. So you don't need to pay a huge amount of money to learn in the field. And it, OSINT is unlike cyber in a lot of ways. We aren't all about the certifications like cyber is.

You can take some courses on things that you wanna do. You can grow your skills and then you can get a job or volunteer those skills in certain areas.

So can you just go back to your site? It's not plugging, I mean, people can take this as they like. So just for everyone watching, I don't get a kickback for doing this. There's no like affiliate link or anything. So this is just me trying to give you options.

Michael, which is the first course that you'd recommend I start with? And all those courses, because there's quite a few courses.

There are a bunch of courses here. My thought would be that people buy the all course subscription bundle. 1 price, you get access to everything, all of the OSINT courses. So you don't have to worry about, and it's for 1 year. We're just about to add more courses, so you get those for free.

If you wanted to start out just intro to OSINT, what I would say is just wait probably about a month or so. We're gonna be making an OSINT immersion course that will be posted up here that will take you beginning to end. How do I get into OSINT? How do I do all the things in OSINT?

Mike, I mean, the $500 for a lot of people is a lot of money. So I think the good thing there is you're showing that if you wanna invest in your education or your company can pay for you, you could go and get that. But for someone who hasn't got the funds, let's say they're just starting out, YouTube, I mean, you've got a lot of content on YouTube, a lot of content on your website, right?

Absolutely, and the idea behind training is, I think what you said earlier, somebody else has organized things together methodically, maybe provided you exercises to reinforce those skills, but that's really what you're paying for. You're paying for their time creating that course. If you don't have those funds, that's absolutely fine. Open source intelligence, like cyber, is something that you can self-teach. Go to the OSINT Curious community, our Discord.

There are channels on all the different social media platforms and all the different techniques. You could literally just spend time in there asking people questions and trying out tools. Or, like you said, go to our YouTube, watch hashtag OSINT on Twitter and go to r slash OSINT on Reddit and look at what people are posting there. It's just more of a choose your own adventure at that point instead of a methodical course that you would go through. But yeah, you don't have to invest in your education in order to learn OSUN.

I love that the way the world's going though. So I mean, it's, there's, as they would say in the UK, different courses for different courses. You know, there's different sort of ways to go. If I'm just starting out, I can get a lot of free information, but if I work for a company, I want them to pay and get me through the content as quickly as I can so I get new skills. 1 thing we didn't cover is books.

Have you got any recommended books?

I do not right now. I'm not a book person.

Micah, he has a nasty question. Do you have any top 3 tools that I should know in OSINT?

I love and hate when people ask me about tools because OSINT is not about the tools. Tools are a way to achieve our goals. But if David, if you're gonna twist my arm here, I will say 1 of my favorite tools is a tool for documentation. It's Obsidian. I don't know if you've ever

heard of it. I've heard of it. Go on. But just explain for the audience.

Sure. Obsidian is a free tool if you're using it personally, very low cost tool if you're using it professionally in a company, and what it does is it helps you organize your content. For me, since all of these different pieces of open source intelligence are linked, It allows me to display those links in a meaningful way, not like tools that are doing link analysis like Multigo or some other tools like that, but it allows me to say, hey, I've got this person here and they are connected to that person and this group and that company and then pivot to those other pages and record and document. And if you want, I'm happy to come back another day and talk about Obsidian. I've created YouTube videos and classes about it as I do.

So your audience can get the learning for free or paid as well. My other tools would be my what'smyname.app tool. Myself and Chris Poulter made it. I love it because it's 1 of those force multipliers I just have a username like. Fuzzy bunny 123 and I put it in the tool and using just my web browser it'll search over 400 different websites and show you where there might be profiles.

And then I think my third tool would probably be a VPN to keep me safe.

I like that. Any favorite VPNs? We're not we're not plugging any company because we're not getting paid. But is it you have a favorite?

So what I usually recommend is that people evaluate what their needs are. I have ones that work well for me. I use ProtonVPN and NordVPN, but those might not work for people where they need to be. Because in open source intelligence, we not only use VPNs to protect our data, you buy it through the encryption, but we use it to project presence. So if I need to do open source intelligence in South America, but I'm hitting those sites from my United States IP address, I'm going to get different results than if I'm showing up as a local IP.

So lots of different options there.

That's great. Mike, any closing thoughts? I just really wanna thank you for what you've shared today. And the fact that you're involved in OSINT curious, I mean, you're 1 of the founders, right?

That's right. I'm 1 of the original 6 or 7 people that founded it, yeah.

Yeah, so thanks so much for sharing all that with the community. Any closing thoughts before we wrap up?

No, I just really appreciate you having me back on and letting me talk about OSINT to your audience.

That's brilliant. Mark, all the best. Thanks.

Thank you. You