AtomShards Posted September 2, 2018 Share Posted September 2, 2018 I enjoy security and hacking but am not good enough to peruse it as a career so im basically a noob who knows a few things. Now everything i can find on OSINT relates to a company or business but i would like to know how i could get as much information on an everyday individual. All help is greatly appreciated, thank you Quote Link to comment Share on other sites More sharing options...
NoExecute Posted September 2, 2018 Share Posted September 2, 2018 (edited) How do you mean, "relates to companies" ? OSINT - Open Sources Intelligence gathering (Collecting info from open / public sources) HUMINT - Human Intelligence Gathering (info from people on the ground / human sources) CYBINT - Cyber intelligence SIGINT - Signal Intelligence gathering TECHINT - Analysis of technical capabillities of an enemy MEDINT - Medical records / information FININT - Financial information So OSINT is just the CIA's catchy term for gathering date from publically available sources ? Directed at a person, it would be using every public know source to gather info on that person or group. <Stalkerish mode ON> Websites, social media, phonebooks, public records, News sites / magazines and papers. <Stalkerish mode OFF> For keeping track of these records, and building a picture of how it relates, I would suggest "maltego" and "casefile", they were made for this, and really is a great help in organising the information in a logical order. Start thinking on yourself yourself an an example. What information is out there on you ? What kind is it (phone number, email, medical, address and so on) Who has this information, and who can access it ?, and access it under what circumstances ? How do you get to it ? Because it will help you to start thinking about whats out there on you, and how to protect it. But, more important, it will help you build a list on most types and sources of information that applies to everyone else If it were me, that had to start launch an operation into someone, it would most likely go something like this. OSINT PHASE (Passive phase) Phonebooks, websites, social media, professional networks, public records of ownership of buildings, and placement of buildings Public listed address Public listed phonenumber Public listed email & messenger handles Get photos, known whereabouts / favourite places they visits Job / education, what and where Have they published anything (books, papers, assignments and the like) HUMINT (Active recon Phase) Friends ?, coworkers ?, relatives ? Gossip at the places they visit ? Directed Social engineering attacks Photo, video. Audio gathering if necessary TECHINT Technical equipment they have access to (laptops, phones, workstations) Where do they use it and for what ? CYBINT Closer look at websites / Social Media profiles When done, all of this should provide you with information, that can help you to build a profile, and find out where to direct you attention next. Direct attack campaings if that is to your liking, which I really wouldn't recommend ? But if you're working in an efficient directed manner, you would be amazed of what info is actually out there, if you go about getting it, in an coordinated effective manner. If not anything else, it's a fun task."Good luck double o seven, and do try to bring the gadgets back home to Q branch safely :D" Edited September 2, 2018 by Kentj 1 Quote Link to comment Share on other sites More sharing options...
digininja Posted September 2, 2018 Share Posted September 2, 2018 Find @webbreacher on Twitter, he is king of OSINT and regularly publishes stuff about it. Quote Link to comment Share on other sites More sharing options...
AtomShards Posted September 2, 2018 Author Share Posted September 2, 2018 2 hours ago, Kentj said: How do you mean, "relates to companies" ? OSINT - Open Sources Intelligence gathering (Collecting info from open / public sources) HUMINT - Human Intelligence Gathering (info from people on the ground / human sources) CYBINT - Cyber intelligence SIGINT - Signal Intelligence gathering TECHINT - Analysis of technical capabillities of an enemy MEDINT - Medical records / information FININT - Financial information So OSINT is just the CIA's catchy term for gathering date from publically available sources ? Directed at a person, it would be using every public know source to gather info on that person or group. <Stalkerish mode ON> Websites, social media, phonebooks, public records, News sites / magazines and papers. <Stalkerish mode OFF> For keeping track of these records, and building a picture of how it relates, I would suggest "maltego" and "casefile", they were made for this, and really is a great help in organising the information in a logical order. Start thinking on yourself yourself an an example. What information is out there on you ? What kind is it (phone number, email, medical, address and so on) Who has this information, and who can access it ?, and access it under what circumstances ? How do you get to it ? Because it will help you to start thinking about whats out there on you, and how to protect it. But, more important, it will help you build a list on most types and sources of information that applies to everyone else If it were me, that had to start launch an operation into someone, it would most likely go something like this. OSINT PHASE (Passive phase) Phonebooks, websites, social media, professional networks, public records of ownership of buildings, and placement of buildings Public listed address Public listed phonenumber Public listed email & messenger handles Get photos, known whereabouts / favourite places they visits Job / education, what and where Have they published anything (books, papers, assignments and the like) HUMINT (Active recon Phase) Friends ?, coworkers ?, relatives ? Gossip at the places they visit ? Directed Social engineering attacks Photo, video. Audio gathering if necessary TECHINT Technical equipment they have access to (laptops, phones, workstations) Where do they use it and for what ? CYBINT Closer look at websites / Social Media profiles When done, all of this should provide you with information, that can help you to build a profile, and find out where to direct you attention next. Direct attack campaings if that is to your liking, which I really wouldn't recommend ? But if you're working in an efficient directed manner, you would be amazed of what info is actually out there, if you go about getting it, in an coordinated effective manner. If not anything else, it's a fun task."Good luck double o seven, and do try to bring the gadgets back home to Q branch safely :D" Thank you this is very helpful. Also im very confused with what the hell im doing but im going to keep trying ? Quote Link to comment Share on other sites More sharing options...
ThatchersHeritage Posted September 4, 2018 Share Posted September 4, 2018 Worth checking this out as a source of where to obtain OSINT http://osintframework.com/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.