What are OSINT tools?

OSINT tools are software platforms or techniques used to gather and analyze open-source information.

What is the purpose of OSINT methodologies?

OSINT methodologies ensure systematic, ethical, and accurate intelligence gathering.

What are some examples of OSINT tools?

Examples include Google Dorking, Maltego, and various social media intelligence platforms.

What is the intelligence cycle?

The intelligence cycle includes planning, data collection, processing, analysis, dissemination, and feedback.

What are the strengths of OSINT tools?

Strengths include rapid data retrieval, automated analysis, and expanded data sources.

What are the weaknesses of OSINT methodologies?

Weaknesses can include being time-consuming and requiring manual verification.

How can I improve my OSINT investigations?

By combining tools with structured methodologies and practicing critical thinking.

What is the importance of critical thinking in OSINT?

Critical thinking helps determine the relevance and application of the information gathered.

What resources can I use for OSINT methodologies?

Resources include articles, blogs, books, and online communities focused on OSINT.

How can I categorize OSINT tools?

OSINT tools can be categorized by purpose, such as information gathering, social media intelligence, and data analysis.

OSINT Tools vs. Methodology by Alex Lozano

00:43:43

https://www.youtube.com/watch?v=dTwFAd8JDHE

Résumé

TLDRIn this session, Alex Lano discusses the essential aspects of OSINT tools and methodologies. He defines OSINT tools as software platforms used for gathering and analyzing open-source information, emphasizing their role in automating data collection and enhancing efficiency. Lano categorizes various OSINT tools and highlights their strengths, such as rapid data retrieval, while also addressing weaknesses like the potential for false positives. He introduces OSINT methodologies as structured processes that ensure ethical and accurate intelligence gathering, outlining the intelligence cycle and its importance in investigations. The session concludes with a call for critical thinking in using tools and the integration of methodologies to enhance OSINT investigations.

A retenir

🔍 OSINT tools automate data collection and enhance efficiency.
📊 Methodologies ensure systematic and ethical intelligence gathering.
⚖️ Critical thinking is essential for effective OSINT investigations.
🛠️ Tools can be categorized by purpose and use case.
📚 Resources for OSINT include articles, blogs, and books.
🌀 The intelligence cycle includes planning, data collection, and analysis.
⚠️ Tools have strengths and weaknesses that must be understood.
💡 Combining tools with methodologies improves investigation outcomes.
🌐 Advanced platforms integrate multiple OSINT tools for better analysis.
📈 Continuous learning and adaptation are key in the OSINT field.

Chronologie

00:00:00 - 00:05:00
The speaker expresses gratitude to the audience and the organizing team of the conference, introducing the session on OSINT tools and methodologies. They outline the session's structure, which includes definitions, purposes, strengths, weaknesses, and classifications of OSINT tools and methodologies, along with resources for investigations.
00:05:00 - 00:10:00
The speaker defines OSINT tools as software platforms or techniques for gathering and analyzing open-source information, emphasizing their goal of automating data collection and improving analysis. They mention various tools and their use cases, highlighting the importance of reliability and accuracy in data collection.
00:10:00 - 00:15:00
The strengths of OSINT tools include rapid data retrieval and automated analysis, while weaknesses involve the potential for false positives and the need for user expertise. The speaker contrasts this with OSINT methodologies, which ensure ethical compliance and structured workflows but can be time-consuming and require manual verification.
00:15:00 - 00:20:00
The speaker categorizes OSINT tools based on their purposes, such as search and information gathering, social media intelligence, and dark web tools. They emphasize the importance of understanding the different categories to effectively utilize the tools in investigations.
00:20:00 - 00:25:00
The speaker discusses the difference between individual OSINT tools and advanced platforms, noting that tools are designed for specific tasks while advanced platforms integrate multiple tools for automation and collaboration. They highlight the benefits of using advanced platforms for data collection and analysis.
00:25:00 - 00:30:00
The speaker shares collections of OSINT tools and resources, emphasizing the importance of having access to a variety of tools organized by categories. They provide examples of popular collections and frameworks that can aid investigators in their work.
00:30:00 - 00:35:00
The speaker introduces OSINT methodologies, focusing on the intelligence cycle, which includes planning, data collection, processing, analysis, and dissemination. They stress the importance of following this cycle to ensure thorough and effective investigations.
00:35:00 - 00:43:43
The speaker concludes by reiterating the importance of both OSINT tools and methodologies, emphasizing that critical thinking and proper methodology are essential for effective investigations. They encourage the audience to think deeply about their investigative needs and the tools they choose to use.

Afficher plus

Carte mentale

Vidéo Q&R

What are OSINT tools?
OSINT tools are software platforms or techniques used to gather and analyze open-source information.
What is the purpose of OSINT methodologies?
OSINT methodologies ensure systematic, ethical, and accurate intelligence gathering.
What are some examples of OSINT tools?
Examples include Google Dorking, Maltego, and various social media intelligence platforms.
What is the intelligence cycle?
The intelligence cycle includes planning, data collection, processing, analysis, dissemination, and feedback.
What are the strengths of OSINT tools?
Strengths include rapid data retrieval, automated analysis, and expanded data sources.
What are the weaknesses of OSINT methodologies?
Weaknesses can include being time-consuming and requiring manual verification.
How can I improve my OSINT investigations?
By combining tools with structured methodologies and practicing critical thinking.
What is the importance of critical thinking in OSINT?
Critical thinking helps determine the relevance and application of the information gathered.
What resources can I use for OSINT methodologies?
Resources include articles, blogs, books, and online communities focused on OSINT.
How can I categorize OSINT tools?
OSINT tools can be categorized by purpose, such as information gathering, social media intelligence, and data analysis.

Voir plus de résumés vidéo

Accédez instantanément à des résumés vidéo gratuits sur YouTube grâce à l'IA !

Sous-titres

Défilement automatique:

00:00:01
[Music]
00:00:08
Um hello to everyone. Uh thanks for for
00:00:12
being here for watching my session. Uh
00:00:16
also I would like to thank first of all
00:00:19
uh the team of oin ambition. I would
00:00:21
like to to to thank
00:00:24
uh
00:00:25
dafush all of them. They are doing an
00:00:28
amazing job with hosting ambition
00:00:30
organizing this conference and with
00:00:32
everything they do for the hosting
00:00:34
community uh newsletter a lot of tips a
00:00:38
lot of LinkedIn activity uh they
00:00:40
basically leverage all all of the social
00:00:42
media sources they can and share a lot
00:00:45
of things uh uh so so I would like to
00:00:48
thank them and and well today in my
00:00:50
session uh hosting tools and
00:00:53
methodologies the eternal dilemma I will
00:00:55
talk about uh these two parts of OSIN uh
00:00:59
two essential parts. Uh first I will
00:01:03
give a definition uh purpose reliability
00:01:05
use cases about about each one of them.
00:01:08
Uh then we will cover strengths and and
00:01:11
weaknesses uh why are they important?
00:01:14
What are the strengths and weaknesses of
00:01:16
each? We will explore simos in tools,
00:01:18
categories, advanced platforms,
00:01:20
collections and resources. will try to
00:01:23
uh classify these tools and and give um
00:01:28
useful resources for you to to use then
00:01:31
on your uh ocean investigations. Then we
00:01:34
will explore oin methodologies. Also
00:01:37
we'll talk about categories. We'll talk
00:01:38
about resources, workflows, books,
00:01:41
techs. And finally we'll give a final uh
00:01:46
verdict. Um so I I suppose everyone is
00:01:49
hearing me. I see some some comments in
00:01:52
the chat but uh I think we're good. Of
00:01:55
course. Let me present a little bit
00:01:57
about myself. Let me talk a little bit
00:01:59
about myself. I'm Alex Lano. I'm the CEO
00:02:01
of CyberG, an intelligence company based
00:02:04
in Barcelona. I'm also a private
00:02:06
investigator and and I like to share
00:02:09
some tips, uh, cheats, uh, staff
00:02:12
resources on LinkedIn. So, uh, pretty
00:02:15
much that's all all information you can
00:02:17
find about me is on LinkedIn. I also I'm
00:02:20
a nursing professor at the University
00:02:23
uh, of Barcelona. So, that's the basic
00:02:26
information about me. Let's start with
00:02:28
the presentation and with the the value
00:02:30
I want to give you
00:02:32
today. So OSIN tools what are OSIN
00:02:35
tools? Osin tools are software platforms
00:02:39
or techniques used to gather and analyze
00:02:41
opensource information. What's the goal
00:02:44
of these uh osin tools? To automate data
00:02:47
collection, enhance efficiency and
00:02:49
improve analysis. Are they reliable?
00:02:52
Yes, they they give us data accuracy.
00:02:56
Some of them we'll talk about this later
00:02:58
and and depending on the tools
00:03:01
effectiveness and source credibility
00:03:03
we'll we'll get more accurate uh better
00:03:06
accurate data or less accurate data uh
00:03:09
use cases. Why do we need closing tools
00:03:12
gathering large scale data automating
00:03:15
our researches and data collection and
00:03:17
also to visualize connections and and to
00:03:20
pivot between uh different types of data
00:03:24
sources. On my right hand I have
00:03:26
different tools. Probably you know all
00:03:28
of them. We have Prime an advanced
00:03:30
platform by social links. We have
00:03:32
Montiggo another advanced platform.
00:03:34
Google EPOS uh oin rocks face tech ID
00:03:38
giant. So these are examples of of oin
00:03:41
tools but we'll talk about uh and give
00:03:44
more examples uh during my presentation.
00:03:47
On the other hand we have OSIN
00:03:50
methodologies. What are osin
00:03:52
methodologies? These are structured
00:03:53
processes and best practices for
00:03:55
conducting oin investigations. The
00:03:58
purpose is to ensure systematic ethical
00:04:01
and accurate intelligence gathering.
00:04:04
Reliability ensures intelligence is
00:04:06
verified and contextualized proper
00:04:09
properly. And then the use cases we have
00:04:11
we can conduct structure investigations.
00:04:14
Uh we can avoid errors and avoid also
00:04:18
misinformation. Again on my right hand I
00:04:20
have the intelligent cycle. is the basic
00:04:22
cycle everyone should know uh when
00:04:25
whenever they start uh in the oen space
00:04:27
or in the intelligence space and
00:04:30
direction data collection processing and
00:04:32
exploitation analysis and production
00:04:34
dissemination and feedback. This is the
00:04:36
intelligence cycle uh a general cycle we
00:04:40
should all follow whenever we're doing
00:04:41
our investigations uh whenever we're uh
00:04:45
collecting information and then turning
00:04:47
turning that information into
00:04:48
intelligence. We'll talk more about it
00:04:51
later. So what are the strengths and
00:04:53
weaknesses of each hosting tools?
00:04:56
Strengths rapid data retrievaling tools
00:04:59
are very important when whenever we talk
00:05:02
about collecting data. Uh then closing
00:05:05
methodologies become very important when
00:05:08
we talk about um analyzing this these
00:05:12
data and and extracting intelligent.
00:05:14
It's not the same. That's a big mistake.
00:05:17
It's not the same collecting data uh and
00:05:22
turning this data into intelligence that
00:05:24
can help us make uh informed decisions.
00:05:27
So the strengths of tools are rapid data
00:05:29
retrieval, automated analysis and
00:05:32
expands data
00:05:34
sources. However, they have some
00:05:36
weaknesses also. They can generate false
00:05:38
positives for misleading data. They
00:05:41
require user experience to interpret
00:05:43
correctly. Some of the tools and and
00:05:45
that's another important thing to
00:05:47
mention. Some of them are easy to use.
00:05:50
They have a a easy user interface. Some
00:05:53
others uh require expertise and and are
00:05:57
not as easy. And then uh these tools can
00:06:00
become obsolete with changing changing
00:06:03
technologies. Not all the tools uh are
00:06:07
developed or are maintained in the same
00:06:10
way. Meaning that sometimes these tools
00:06:13
uh will lose re reliability. Why?
00:06:15
Because uh one day they will be uh
00:06:18
online the the next day they won't they
00:06:20
will they will be offline or outdated
00:06:22
and then we won't be able to use them.
00:06:25
On the other hand, oin methodologies
00:06:27
strengths ensures ethical and legal
00:06:29
compliance, ensures accuracy and
00:06:31
credibility and provides structured
00:06:34
intelligence workflows. It's important
00:06:37
whenever we want to uh carry out
00:06:40
investigations that we follow the same
00:06:42
process, the same process and more if
00:06:44
we're working uh as a team. Why? because
00:06:48
uh we will we will need to to do this
00:06:51
like our client or whoever is behind the
00:06:54
investigation. We will need to have uh a
00:06:57
warranty that what we're doing is the
00:06:59
same uh and not just like in inventing
00:07:03
or trying to
00:07:04
uh make up uh the investigation uh while
00:07:08
we are doing it. In some cases of course
00:07:10
improvisation is correct but also we
00:07:13
should follow a step of processes that
00:07:16
we will talk about them later.
00:07:18
Weaknesses can be time consuming and
00:07:20
that's a big problem. Uh sometimes
00:07:23
intelligence needs to be fast in some
00:07:25
cases. We need we need the information
00:07:27
and we need to make the decisions fast.
00:07:30
So following a a structure methodology
00:07:33
can be time consuming and sometimes we
00:07:35
won't be able to use also requires
00:07:38
manual verification. Uh we're in a in a
00:07:41
world that it's turning more and more
00:07:44
into automat automation meaning that uh
00:07:49
everything that is manual is uh getting
00:07:52
um less important.
00:07:55
Thus using these type of methodologies
00:07:58
we and can take us a lot of time and and
00:08:00
and means uh acting manually which in
00:08:04
some cases can can become a weakness.
00:08:06
And finally needs adaptability to new
00:08:08
tools and data sources. we're using for
00:08:11
example an advanced platform advanced
00:08:13
sourcing platform um and we don't know
00:08:16
how to use it or they update the
00:08:18
platform we will need to also update the
00:08:22
methodology because maybe things are
00:08:24
done differently and and that's that
00:08:27
also is going to take us time and we
00:08:30
will have to adapt to the changes of the
00:08:32
tools so let's explore some tools I see
00:08:35
some comments here uh okay no questions
00:08:39
yet let's explore some oin tools uh
00:08:42
categories of oin tools. Remember oin
00:08:46
tools help collect analyze and visualize
00:08:48
public available data and these tools
00:08:50
fall into various categories based on
00:08:53
the purpose they have. categories. For
00:08:55
example, let's classify them into search
00:08:58
and information gathering. We have
00:09:00
Google Dorking. Google uh is an
00:09:02
important tool and important resource to
00:09:04
use. Shoddan senses also we have social
00:09:06
media intelligence. Um
00:09:10
uh so we have platforms such as social
00:09:14
in scramble maltiggo in framework. We
00:09:17
have email and username tools. Have I
00:09:19
been found? What's my name? Giant. We
00:09:21
have website and domain tools. who is
00:09:24
look up way back machine DNS dumpster.
00:09:27
Uh we have IP and network tools just to
00:09:31
gather information about IPs and
00:09:33
networks. Dark web such as uh the search
00:09:35
engine giant AMA and Darkhole uh the
00:09:38
hide and wiki. We have data bridges and
00:09:41
leaks tools, dehy bridge forums,
00:09:43
intellects, geoloccation and mapping
00:09:45
tools such as Google maps, geospy,
00:09:47
geocrippy, image and video in Gendex,
00:09:51
YouTube data viewer, phone number and
00:09:53
people search through caller APIs people
00:09:56
uh threat intelligence and malware and
00:09:58
meta data analysis tools such as PA or
00:10:00
exit tool. I'm sure um many of you know
00:10:04
all of these tools or or a high
00:10:07
percentage of these tools. uh we use
00:10:09
them daily uh some of us in our
00:10:12
investigations. So this is an initial
00:10:14
classification so that we understand
00:10:17
that uh not all the tools work the same
00:10:20
but instead there are different purpose
00:10:22
for each one.
00:10:24
Let's talk also about a controversial
00:10:27
topic I I I like to uh discuss with with
00:10:32
some of my colleagues and and oin
00:10:34
professionals uh which is osing tools
00:10:37
and osing advanced platforms. Okay. Um
00:10:41
let me see you not mention us. Okay.
00:10:44
user search I uh yeah that's a that's a
00:10:47
great uh tool also uh a great platform
00:10:50
that uh some some friends are developing
00:10:54
but let's continue tools and advanced
00:10:57
platforms uh what's the difference okay
00:11:00
let's start with what's the difference
00:11:02
tools usually are individual
00:11:05
applications designed for specific doing
00:11:08
tasks meaning I have a problem for
00:11:11
example I want to investigate an email
00:11:13
address I will use a specific tool for
00:11:16
extracting data uh from that email
00:11:19
address such as if I have a Gmail uh I
00:11:22
could use Gant. Okay. Um they are
00:11:26
usually small websites, applications or
00:11:29
scripts and they operate standalone
00:11:32
often requiring manual use. They can be
00:11:36
combined they can use uh multiple tools
00:11:39
with other tools and create an osing
00:11:41
workflow. Okay. So within tools you we
00:11:44
can have a list u of different tools and
00:11:47
then use each one of them for one two
00:11:50
maybe three specific tasks but then we
00:11:53
will have to use another one and then on
00:11:57
the other side we have oin advanced
00:11:59
platforms I'm a big fan of these
00:12:01
advanced platforms um especially for
00:12:04
data collection not for data analysis
00:12:07
but for data collection I believe they
00:12:10
give you a quantitative and a
00:12:12
qualitative uh improvement and value
00:12:16
towards investigations. What are oin
00:12:18
advanced platforms? They are
00:12:20
comprehensive systems that integrate
00:12:22
multiple oing tools. They enable you to
00:12:25
automate. Automation is a is a key uh
00:12:29
thing within advanced platforms. They
00:12:31
use algorithms and sometimes they are
00:12:34
more and more integrating artificial
00:12:36
intelligence for data analysis and
00:12:38
collection. They support multiple users
00:12:40
for team investigations and aggregates
00:12:42
and correlates data from various uh
00:12:45
various sources. Okay, let's let's talk
00:12:49
first about some collections of tools
00:12:51
and then we will mention some advanced
00:12:53
platforms my my favorite advanced
00:12:56
platforms um and and just give some some
00:13:02
details about each one of them. Uh if I
00:13:04
stop sometimes it's because I'm reading
00:13:06
the chat in case I'm missing something
00:13:08
or or I can answer a question. Okay, but
00:13:10
but let's continue. Collections of
00:13:14
tools. Again, one of my goals in this in
00:13:17
this presentation is to give you
00:13:18
resources and to and to give you value
00:13:21
with uh different tools uh names,
00:13:25
collections, websites that then you can
00:13:27
use later uh in your investigations or
00:13:30
for gathering information. Okay. So, uh,
00:13:33
first one I I I've shared I I'm going to
00:13:36
share eight of my favorite collections
00:13:39
of hosing tools. Meta OIN, which
00:13:42
aggregates toposing tools and resources,
00:13:45
um, and includes over 5,000 tools,
00:13:48
resources, and links. Okay. uh it pri
00:13:52
prioritizes popular tools groups
00:13:54
citation counts uh meaning the the more
00:13:58
uh popular a tool is uh I'm sure they
00:14:02
are going to show it more and and you
00:14:04
will have a better access to it uh which
00:14:06
is this website I believe it's it's one
00:14:08
of the resources uh sometimes whenever
00:14:11
we are stuck or we're are out of our com
00:14:15
comfort zone meaning that uh we don't
00:14:17
know what tool to use or maybe we're
00:14:18
investigating something from another
00:14:21
country or maybe we want to check for
00:14:24
business databases just uh things like
00:14:28
that. It's important to to at least try
00:14:32
to see if we can find the answer uh
00:14:34
inside this this site meta. Another uh
00:14:38
great toolkit is Belling Belling online.
00:14:42
Um you all know the Bellinkats the
00:14:44
company uh they are also doing amazing
00:14:47
stuff um in Ocean and then they are
00:14:50
volunteers and staff that collaborate
00:14:52
they collaborate to update uh this tool
00:14:55
tool entries they have toolkit with uh
00:14:59
hundreds of of tools and then you can
00:15:02
download this toolkit in CSV format.
00:15:05
Okay. Uh again most of these collections
00:15:08
organize the different tools in
00:15:10
categories which help us as
00:15:12
investigators to just like um check if
00:15:16
for example we're investigating an image
00:15:18
or we're trying to geolocation just go
00:15:21
directly to the category uh we need and
00:15:24
we have oin framework um it focuses on
00:15:27
free oing tools and resources I've read
00:15:30
uh in the comments that yeah advanced
00:15:32
platforms are expensive um usually
00:15:36
individual investigators cannot uh
00:15:38
afford them. But uh when when we're
00:15:41
talking about companies, I I believe
00:15:43
it's a essential investment uh to have
00:15:48
an advanced platform or to combine uh
00:15:50
some of them. Okay. Uh the the way you
00:15:53
can investigate and we're talking about
00:15:55
volume um uh you can you can handle
00:15:58
different much many more cases and you
00:16:00
can collect uh automatically a lot of
00:16:04
information. For me it's a it's a an
00:16:06
essential investment. Okay. Uh we were
00:16:09
in OS framework. Some tools may require
00:16:12
registration or payments but but most of
00:16:15
them are free and and it was originally
00:16:19
designed for information security
00:16:20
purposes. Okay. Then we have start me
00:16:23
pages. Different start me pages. One of
00:16:25
my favorites is Nick uh start me page
00:16:30
which includes most topics and fields.
00:16:33
Okay. again organized by categories and
00:16:37
and you can
00:16:39
find many tools probably most of them
00:16:43
most of the uh most used and popular
00:16:45
ones in in this part page. Okay. Of
00:16:49
course we have cyber detectives
00:16:51
collection over a thousand resources and
00:16:55
focuses on automation as oinking a
00:16:58
strength. Then we have Arnold browsers
00:17:01
oin reperatorium. I will recommend you
00:17:03
to take this reperatorium also. Um it's
00:17:07
a it's a a very comprehensive
00:17:10
reparatorium. This this person has been
00:17:12
in the oin field for like 40 years. So
00:17:15
so it's someone reliable that knows what
00:17:17
he's doing. And again we have asin
00:17:20
collection another start me page. And
00:17:22
finally we have au hosting tools. He has
00:17:25
more than 10,000 posting tools and
00:17:28
resources uh organized within different
00:17:32
uh categories and I will say this is the
00:17:34
largest website uh well the website the
00:17:37
largest website yes containing awesome
00:17:40
tools. So these are some snapshots so
00:17:43
that you have a visually some reference
00:17:46
about how uh these sites look and how
00:17:49
can we use them. uh this metaosin for
00:17:52
example you can you can click in any of
00:17:54
these circles and then you will start
00:17:56
receiving uh resources and links that
00:17:59
you can use for investigations. There's
00:18:01
also the availability to just uh do some
00:18:05
searches on a on a table. So you have
00:18:07
the graphical way of seeing uh the site
00:18:09
and then the table way also oing
00:18:12
framework. I'm sure you know about this
00:18:15
framework, but it's uh a classic one and
00:18:17
and we couldn't miss it uh in this
00:18:20
presentation. You just start clicking uh
00:18:23
the dots and then you will find
00:18:25
different tools uh for different
00:18:27
purposes. And then uh I just wanted to
00:18:30
give you an example of a start me page.
00:18:32
Uh these these pages really save us a
00:18:35
lot of time. And again, usually when
00:18:38
when we're doing investigations that are
00:18:40
not related directly to what we usually
00:18:43
do, uh this can become very helpful and
00:18:46
I'm sure you can find a star me page
00:18:49
about anything uh in the ocean field.
00:18:52
Okay. So um these are my my examples of
00:18:57
oing collections and and also of course
00:19:01
uh as you may have seen through my
00:19:03
LinkedIn I like to share uh my top email
00:19:06
address tools, phone number tools, dark
00:19:09
web tools. I have uh different templates
00:19:11
and and cheat sheets where I explain all
00:19:15
all these tools where I I mention these
00:19:17
tools so that you can use them. Um as we
00:19:19
can see for email address tools we have
00:19:23
21 different well 21 different tools
00:19:26
each of them uh different some of them
00:19:29
are similar because again another tip
00:19:32
whenever we are investigating and we
00:19:34
don't find information by using one tool
00:19:37
maybe another similar tool can give us
00:19:39
that
00:19:40
information check the comments uh okay
00:19:43
we're we're discussing about uh
00:19:46
investing investing in in Oene advanced
00:19:50
platforms. Well, we we can talk about
00:19:52
that later. Um and and well, as you can
00:19:56
see, many tools, many categories, all of
00:19:59
them organized and and at the end we
00:20:02
have thousands and thousands of tools.
00:20:05
Um on the other hand, top advanced
00:20:08
platforms, uh we talked about tools.
00:20:11
Let's talk a little bit about platforms.
00:20:13
Uh I've selected eight of the platforms
00:20:15
I like the most. uh first social links
00:20:18
primal very uh useful for sock
00:20:22
investigations a lot of sources I will
00:20:24
give you an example you're investigating
00:20:26
a Facebook account uh and you want to
00:20:29
know his network you want to extract all
00:20:33
the pictures you want to see all the
00:20:34
comments uh in all these pictures you
00:20:38
want just to get a a big picture of
00:20:40
what's going on visualize this in a in a
00:20:44
graph so that you
00:20:47
correlate and you can find similarities
00:20:50
or or mixed points between two entities.
00:20:54
For example, if we're we are
00:20:55
investigating a a gang, okay, uh we we
00:20:59
can just like extract all of this
00:21:01
information automatically in within
00:21:04
minutes and then find uh just like
00:21:07
multiple friends or mutual groups,
00:21:10
multiple pages. uh we can do that all
00:21:12
the time and and that's why I believe uh
00:21:15
these type of platforms uh this is a use
00:21:18
case that that shows how these type of
00:21:21
platforms can help us and and can can
00:21:24
elevate in volume but also qualitative
00:21:27
the the level of our investigations.
00:21:30
Okay. uh they are adding also more and
00:21:32
more uh artificial intelligence such as
00:21:35
facial recognition uh futures. Um the
00:21:39
object recognition futures uh and then
00:21:44
uh you can you can just like think about
00:21:45
all the possibilities this a tool like
00:21:49
this can give you to to just adapt it to
00:21:51
your uh specific use cases depending on
00:21:55
what type of investigations you perform
00:21:57
the most. Another one uh classic a very
00:22:01
good platform uh Maltigo. Maltiggo uh
00:22:05
probably one of the first ones, one of
00:22:07
the most comprehensive ones. It enables
00:22:10
you to just like add multiple multiple
00:22:13
sources and and then just leverage all
00:22:16
of these sources. I can say just like
00:22:18
dark web sources, uh business data, um
00:22:22
network data, uh everything and just
00:22:26
like leverage leverage it in the same
00:22:29
platform and and analyze, monitor,
00:22:32
analyze large volumes of data instantly.
00:22:34
Okay, we have a another one, the third
00:22:36
one I will say scope. Now I I really
00:22:38
like how they work. uh instant
00:22:42
aggregated data for actionable insights,
00:22:44
object recognition, analytics and
00:22:46
automated reports. Um also we can we can
00:22:50
automate reports with with these uh with
00:22:53
these platforms. However, I I usually
00:22:56
don't do that but in some cases also
00:22:59
going back to what we said that time is
00:23:01
essential in intelligence, it's
00:23:02
important to have some some resource
00:23:05
that can automate the even even the
00:23:08
report uh making. Okay. And then we can
00:23:11
visualize intelligence in a v variety of
00:23:13
layouts. We have timelines, we have a
00:23:15
dashboards, we have uh maps. So we can
00:23:19
visualize everything we are doing in
00:23:21
different layouts. Another one uh from
00:23:24
Australia, Nexus explore. Uh it's super
00:23:28
powerful for gint. Uh they have Robus
00:23:32
public and corporate records access and
00:23:35
and they have secure anonymized dark web
00:23:38
and oin bro browsing. Um next for dark
00:23:43
for dark web I know there are many more
00:23:45
and I'm not saying these ones are like
00:23:47
the best of the best. I will say these
00:23:49
ones are the ones I've I've tried. I
00:23:52
know more about them. Uh so that's why
00:23:55
they are here. Uh probably you have some
00:23:58
different thoughts in some cases but I I
00:24:00
I I believe these ones are are worth it
00:24:04
for sure. Darkhole vision um real-time
00:24:08
thread monitoring uh with darknet data
00:24:11
automated alerts and custom well
00:24:14
customable secure search tools advanced
00:24:17
exposure metrics to assess cyber risk.
00:24:20
Then we have Paul Walker. I I wanted to
00:24:23
add this which is uh more about
00:24:25
investigating is about social listening.
00:24:28
You know brand reputation is also inside
00:24:30
the ocean space and this tool um what
00:24:34
enables us is to
00:24:38
um just to um just leverage social
00:24:43
listening. I mean if we want to uh
00:24:46
investigate or let's say monitor a
00:24:48
company or an individual or just a topic
00:24:52
we can use tools like toll walker that
00:24:55
uh they have access to different data
00:24:58
sources and that enable us to to monitor
00:25:01
uh how the brand is performing what are
00:25:04
they saying about about a brand what are
00:25:06
the news that are showing up related uh
00:25:08
to a brand to to an individual. This
00:25:10
this can be effective also for executive
00:25:12
protection for BIP uh monitoring. Uh a
00:25:16
tool like this is always uh welcome into
00:25:19
into our uh laboratory of of
00:25:24
uh Osin laboratory. Okay. Then we have
00:25:26
Black Dot Solutions. They are doing also
00:25:28
a great job uh very focused on due
00:25:31
diligence but also social media
00:25:32
intelligence. Um and I I really like
00:25:35
their platform also. And finally, Onyx
00:25:38
FCast. Um, again, very similar to to the
00:25:41
other ones. And I just wanted to give
00:25:43
you my opinion about these tools, uh,
00:25:46
these advanced platforms. And I see a
00:25:48
lot of comments,
00:25:50
uh, talking about, uh, well, discussing
00:25:53
which one is
00:25:54
[Music]
00:25:57
better. Okay. Yeah.
00:26:00
$75,000. As I mentioned, um, Eeky. Eeky
00:26:04
is a is a good one. It's developed by uh
00:26:06
Kembro uh a great guy also and and well
00:26:12
yeah the discussion here as I see in the
00:26:14
comments is okay is it worth it
00:26:18
um is it worth it to spend that much
00:26:20
money I will say for an individual
00:26:22
investigator uh it's it's hard it's it's
00:26:26
painful to do this type of investments
00:26:28
but if you're a company I'm talking
00:26:30
about companies such as uh let's say a
00:26:33
bank uh here in Spain, Santandere or or
00:26:36
maybe City Bank or or uh let's say
00:26:41
whichever company Tesla um big companies
00:26:44
out there uh their intelligence teams I
00:26:49
believe that they must be equipped with
00:26:52
the right platforms and avoid spending
00:26:55
resources and time with individual
00:26:58
tools. In some cases of course they they
00:27:00
must have knowledge about both both with
00:27:03
uh because of course the team must be
00:27:06
must be
00:27:07
um must be uh the oing professionals
00:27:12
must must be the team must be formed by
00:27:15
oing professionals. The sourcing
00:27:17
professionals must have knowledge about
00:27:19
how to develop or how to use uh normal
00:27:23
tools, free tools, but also they should
00:27:26
invest in this type of advanced
00:27:28
platforms and just mix them uh mix both
00:27:31
of them. Okay, it's not one is better
00:27:33
than the other. Uh of course this is
00:27:36
going to give us more qualitative and
00:27:37
quantitative advantage but both mixing
00:27:41
both of them is the key here. not just
00:27:43
like relying only on advanced platforms.
00:27:47
Okay. Um then let's explore Osin
00:27:50
methodologies.
00:27:51
Um let's let's continue with Osin
00:27:54
methodologies. Again the the basic one,
00:27:57
the most important one. Um the the
00:27:59
intelligent cycle. Okay, let's let's
00:28:02
review a little bit the intelligence
00:28:03
cycle. Planning and direction. Uh plan,
00:28:06
strategize, research, discuss, gather
00:28:08
intelligence, execute task efficiently.
00:28:11
Data collection will be the next step.
00:28:13
Gather intelligence overtly and
00:28:14
corporately utilizing various
00:28:17
technological resources. Processing and
00:28:19
exploitation. Just compile collected
00:28:21
data into intelligence reports. Analysis
00:28:24
and production. Analyze data. Determine
00:28:27
relevance. Anticipate the outcomes.
00:28:29
Evaluate impact on interests. Then
00:28:32
dissemination and feedback. Deliver
00:28:34
analysis to policy makers. Await
00:28:36
feedback. Restart cycle as necessary. Um
00:28:39
this I would like to mention that
00:28:41
sometimes uh it's avoided like um we
00:28:44
start an investigation and we don't
00:28:46
really uh care about this cycle but uh
00:28:50
just this this doesn't have to last for
00:28:52
hours maybe you can collect data as we
00:28:55
mentioned with uh doing some scrapping
00:28:57
or extracting some data with advanced
00:28:59
platforms and that can take us 20
00:29:02
minutes uh and then doing the analysis
00:29:05
if that data is super clear can take us
00:29:07
just like five minutes or maybe it can
00:29:10
take us days. But all of these steps
00:29:13
should be uh reminded whenever we are
00:29:15
organizing or we're trying to plan an
00:29:17
investigation. Uh we should we should uh
00:29:20
take into account all of these steps.
00:29:23
Okay. Uh here I have more data uh about
00:29:27
the intelligent cycle just some
00:29:29
different tips I will say stepby-step
00:29:31
tips. uh define objectives, identify
00:29:34
requirements, select sources, develop
00:29:36
plan. That's for the planning and
00:29:38
direction step. For data collection, use
00:29:40
diverse sources, automate if possible,
00:29:43
verify credibility and stay ethical and
00:29:45
legal for processing and exploitation.
00:29:47
Organize data, remove redundancies,
00:29:50
normalize formats and document sources.
00:29:52
Documenting is also super important.
00:29:55
anal analysis of and production.
00:29:57
Identify patterns, assess reliability,
00:29:59
contextualize data and generate insights
00:30:03
for dissemination and feedback. The last
00:30:04
step, create reports, tailor to
00:30:06
audience, solicit feedback and update
00:30:09
methods. And then general aspects,
00:30:11
general um tips I will say, strive for
00:30:15
precision and correctness. It's
00:30:17
important to verify the data. uh we're
00:30:21
not going to share um data with our
00:30:25
client or with whoever if we haven't
00:30:28
verified because let's say we make a big
00:30:31
mistake and that leads to uh bigger
00:30:34
mistakes uh afterwards then we will m
00:30:37
maintain a sense of urgency the fastest
00:30:41
also maintaining striving for precision
00:30:43
but the fastest we can deliver our
00:30:46
results our intelligence the better and
00:30:50
and that happens a lot uh well we're
00:30:53
living in a world of urgency but in the
00:30:56
intelligence field this becomes even uh
00:30:59
more important. Okay. Use credible
00:31:01
sources and methods adhere to legal and
00:31:04
moral guidelines. This depending when uh
00:31:09
you have the ability to well and
00:31:11
depending on the country you have more
00:31:13
legal restrictions uh and all and and
00:31:16
more freedom to do these type of
00:31:18
investigations. stay flexible and ready
00:31:20
to adjust. Okay. Uh we we are going to
00:31:23
talk about methodologies but we must
00:31:25
stay flexible because not all of the
00:31:27
investigations are the same. I will say
00:31:29
we should follow uh steps but uh also
00:31:33
stay flexible. Okay. Uh and then ensure
00:31:37
OBSAC operational security through all
00:31:40
phases and that it's it's one of the
00:31:42
most important uh aspect to consider.
00:31:45
OBSE is essential. Okay.
00:31:49
Categories of oin methodologies. Okay.
00:31:52
Uh ocean methodologies include
00:31:55
structured processes and best practices
00:31:57
for conducting ocean investigations.
00:31:59
Main categories include passive versus
00:32:02
active ocean. Okay. If we don't
00:32:04
interact, we're talking about passive
00:32:06
oin. If we uh are interacting, if we're
00:32:10
engaging with a target, we're talking
00:32:11
about tactive methodologies by source
00:32:14
type surface web intelligence, web in
00:32:17
geospatial intelligence, geoing, social
00:32:19
media intelligence,
00:32:21
suggestions, gaming, digital
00:32:23
footprinting and metadata, deep and dark
00:32:26
web intelligence. These are some uh of
00:32:29
course there are more but these are some
00:32:30
of the methodologies by source type or
00:32:33
types of intelligence. And then
00:32:35
methodologies by purpose. Okay, we
00:32:38
depending on what we're investigating,
00:32:41
depending on um what our goals are, uh
00:32:46
we can talk about threat intelligence,
00:32:49
business intelligence, law enforcement
00:32:51
investigations, median disinformation.
00:32:54
Uh we talked before uh on a previous
00:32:56
slide about brand reputation. Okay, all
00:32:59
of these depending on the purpose we're
00:33:01
doing different types of oin
00:33:04
investigations or researches. Okay,
00:33:08
where to look? We're talking about
00:33:10
methodologies. Where do we have to uh
00:33:12
look for them? Articles and blogs.
00:33:14
Excellent articles and blogs out there.
00:33:17
I would recommend Osin Ambition, Osin
00:33:20
team also. Um social links has great
00:33:25
articles. uh medi like just like
00:33:28
subscribing to medium or being able to
00:33:31
to just get notifications from them uh
00:33:34
will give us a lot of tips and and and
00:33:37
in some cases methodologies such as how
00:33:39
to investigate on Facebook, how to
00:33:41
investigate on Instagram. All of that
00:33:43
super useful to mix all of these uh
00:33:46
knowledge and just develop your your own
00:33:48
methodologies, workflows, posting books,
00:33:51
checklists, step-by-step guides. Okay?
00:33:54
And let me give you some examples again
00:33:57
so that you have different resources to
00:34:00
to go and
00:34:02
check. Uh ocean resources. These are
00:34:05
some of I have a I have a PDF with a lot
00:34:08
of these cheat sheets and most of the
00:34:11
material material you can see here and
00:34:14
and I just like to gather knowledge and
00:34:18
mix it together and present it in a nice
00:34:20
way. So we have books, different books,
00:34:22
ocean books. We have news and blogs, uh
00:34:24
a great list of news and blogs,
00:34:26
podcasts, YouTube channels, virtual
00:34:28
machines, um newsletters, telegram
00:34:32
groups, all of them uh can give us uh
00:34:35
knowledge and information that we can
00:34:38
later on develop uh methodologies. Of
00:34:41
course, these are resources. What will
00:34:43
give us uh the biggest value uh and
00:34:46
what's more important is just practicing
00:34:49
investigating like spending years
00:34:52
investigating different things so that
00:34:54
we by our own experience know how to do
00:34:59
uh anything we have to do just like okay
00:35:02
I I've been investigating um or I've
00:35:04
been yeah investigating
00:35:06
um just like um gang members for years
00:35:12
now I know how to do it or what are the
00:35:15
steps I should follow. Uh so I will do
00:35:17
document all these steps so that if I
00:35:20
have to teach someone or someone has to
00:35:22
help me I we have some steps to follow
00:35:25
and we can be on the same page uh both
00:35:27
of us u oin workflows are also super uh
00:35:31
nice for for just developing
00:35:33
methodologies. Um we can see here an
00:35:36
example at the end posing is uh is I
00:35:41
will say it's just having one data point
00:35:45
and pivoting into other data points so
00:35:48
that we can find more and more
00:35:50
information. Okay, anytime uh we have a
00:35:52
data point and we can find information
00:35:54
about uh about it we have more
00:35:57
information to expand. So it's a
00:35:59
continuous process and and these type of
00:36:02
workflows give us a lot of uh
00:36:04
information or guidance about how we
00:36:07
should proceed and and how we we should
00:36:11
aot our investigations. Okay, in this
00:36:14
case for example we have a real name
00:36:16
then we get an email address, username,
00:36:18
social networks, search engines
00:36:20
location, IP address, domain names. uh
00:36:23
we're in the collection um phase, but
00:36:26
then we turn into the analysis phase and
00:36:28
then we extract knowledge. Um so so this
00:36:32
is a an interesting slide and an
00:36:35
interesting workflow to follow and each
00:36:38
of us can develop uh these workflows by
00:36:40
ourselves or we can uh use uh what's out
00:36:45
there which is a lot to just follow
00:36:48
these these workflows and
00:36:51
and see try them and see how they work
00:36:54
in our own investigations. Again uh
00:36:57
another example um we have Intel
00:36:59
techniques workflows. Uh Intel
00:37:02
techniques is a popular osing framework
00:37:04
developed by Michael Bassel. He offers
00:37:07
structure workflows for intelligence
00:37:08
gathering. Uh of course Michael Basel
00:37:11
and we'll mention it later. Uh he's the
00:37:13
author of of the famous book so
00:37:16
techniques. He has uh 11 editions so far
00:37:20
and and you can that's like the bible of
00:37:22
fosing. You can find a lot of tools, a
00:37:24
lot of real cases and and ways to to
00:37:27
leverage to install your own tools, how
00:37:30
to how to prepare yourself for o
00:37:33
investigations. But he also has a
00:37:35
website with tools with workflows with
00:37:40
uh blog with news and and I believe he
00:37:44
was one of the first who started
00:37:46
developing this type of workflows. So I
00:37:48
I will I wanted to give him credit.
00:37:51
Okay. Uh these workflows provide
00:37:54
step-by-step methodologies for
00:37:55
collecting, analyzing and correlating
00:37:57
data from v various online sources.
00:37:59
Again, we start with a real name and we
00:38:01
go to Twitter, Facebook, search engines,
00:38:04
people search engines, uh resumeums. In
00:38:06
each of the steps, we have different
00:38:09
tools. Okay, that's how we integrate
00:38:11
methodologies and
00:38:13
tools also. This this I will say it's
00:38:16
it's uh one of my favorites also and
00:38:19
very interesting. uh so well back by by
00:38:22
soy you probably know soy um Dimmitri
00:38:26
he's head of product in social links and
00:38:29
he he's always trying to improve and to
00:38:32
give value to the oin community and in
00:38:35
this case uh he developed uh a website
00:38:38
uh and and a methodology called soil so
00:38:42
weakness enumeration list which is a
00:38:45
stepbystep guide to social media or
00:38:47
investigations and and what he's trying
00:38:50
to do is to um to analyze each one of
00:38:54
the steps and and give us alternatives.
00:38:57
For example, okay, we start with a
00:38:58
username. What should we do later? Okay.
00:39:02
Um how should we gather more information
00:39:06
about this username or how can we uh
00:39:09
analyze this username and find
00:39:11
information somewhere else? Okay, that's
00:39:13
just like a silly example, but uh he he
00:39:16
he has a talent to structure everything
00:39:20
in a way that uh if you start reading it
00:39:23
and following it, it it makes completely
00:39:26
sense and and if you follow processes
00:39:29
like this and and you have to
00:39:31
investigate a social media account or do
00:39:33
a social media investigation, uh it's
00:39:35
really worth it.
00:39:38
Osin books uh another great resource to
00:39:41
to find and to
00:39:44
uh uh learn uh methodologies. I
00:39:47
mentioned Michael Vasel's oin
00:39:49
techniques. We have other books such as
00:39:51
deep dive uh which is a very interesting
00:39:54
book also and then oin uh the
00:39:56
authorative guide into due diligence
00:39:59
very spe specialized on do diligence but
00:40:03
if we have to do an investigation about
00:40:05
a company uh it's a great book I
00:40:07
recommend it gives you also stepby-step
00:40:10
guides and and tips of how to perform
00:40:13
these type of
00:40:14
investigations and then we have oin
00:40:17
checklist uh each one of us can just
00:40:20
develop uh create the their own uh
00:40:23
checklist uh from their experience from
00:40:25
all this knowledge uh that we can find
00:40:28
in these resources just like
00:40:31
uh divide our investigation. In this
00:40:34
case, I did one for digital risk
00:40:36
assessments with uh I believe 10
00:40:39
categories, 10 or 11 categories and then
00:40:42
I I
00:40:43
I wrote all the steps I me or my team
00:40:48
had to take to uh cover as much as
00:40:52
possible uh a digital risk assessment of
00:40:55
a BIP or of of our executive or someone
00:41:00
famous, you know, uh
00:41:02
having steps and having
00:41:05
um a guidance of how to how to do this
00:41:08
type of investigation so that any time
00:41:11
we have to do one of this we won't miss
00:41:14
anything okay and final verdict with
00:41:18
this we will finish I will love to
00:41:20
answer some questions or give my opinion
00:41:22
uh about advanced platforms about
00:41:25
methodologies about tools I will say
00:41:27
tools are essential they are essential
00:41:30
both free tools tools uh and advanced
00:41:33
platforms. If we don't have the budget,
00:41:36
I will I I will just uh remain with free
00:41:39
tools. There are some of them that are
00:41:41
great and and I I give credit to all of
00:41:44
them to to the developers then that in
00:41:47
some cases they just do this for fun or
00:41:49
to help others. Uh okay, but tools are
00:41:52
essential but require critical thinking
00:41:54
and proper methodology to be
00:41:57
effective. with this what I want to say
00:42:00
um I have different telegram groups I
00:42:03
follow uh many of them and I see hey can
00:42:06
you give me a tool or can can someone
00:42:10
tell me a tool for uh investigating an
00:42:13
Instagram
00:42:15
profile and next day hey can you give me
00:42:18
a tool for investigating email addresses
00:42:20
okay stop think critical thinking why do
00:42:25
you need the tool for why is it
00:42:27
important And what type of information
00:42:29
do you want to gather? Uh why are you
00:42:33
going to use this information later on?
00:42:35
It's not obviously it's not about I have
00:42:38
a website, I type an Instagram,
00:42:40
Instagram username or an email address
00:42:43
and then I get something. No, no. Just
00:42:46
think and and and think uh deeply about
00:42:51
why do you want the tool and and how
00:42:53
you're going to use it. Okay. Uh so they
00:42:56
are essential but they require critical
00:42:58
thinking and proper methodology and
00:43:00
second methodologies provide a structure
00:43:03
ethical and reli reliable approach but
00:43:05
can be enhanced with the right tools.
00:43:08
Okay you you can develop a methodology
00:43:11
that's my advice that you need to be
00:43:14
aware of what are the right tools that
00:43:16
will support your investigation and your
00:43:20
methodology.
00:43:21
Okay, with this being said, thanks to
00:43:24
all of you. Um, sorry for my English in
00:43:27
some times I've been I struggling a
00:43:30
little bit, but well, thank you a lot.
00:43:34
[Music]