WEBVTT

00:00.680 --> 00:07.040
In this rerecorded video, we're going to talk about what is Osint, also known as Open Source Intelligence.

00:07.070 --> 00:09.680
Now this is a rerecorded video.

00:09.680 --> 00:16.220
If you're coming back to it, one of the students in one of the classes did mention that the audio quality

00:16.220 --> 00:19.910
was a little too quiet, and I apologize for that.

00:19.910 --> 00:21.920
I I'm not sure what happened.

00:21.920 --> 00:26.960
So this is why I'm rerecording this and hopefully the audio quality is a lot better.

00:26.960 --> 00:32.310
So let's get into what is Osint, also known as open source intelligence.

00:33.900 --> 00:40.860
So open source intelligence or Osint, is data collected from publicly available sources to be used

00:40.860 --> 00:44.610
in an intelligence context in the intelligence community.

00:44.640 --> 00:52.380
The term open refers to overt, publicly available sources as opposed to covert or clandestine sources.

00:52.830 --> 00:59.640
It is not related to open source software or public intelligence, and that's a Wikipedia entry for

00:59.640 --> 01:00.390
Osint.

01:02.310 --> 01:05.010
Now what can we find with Osint?

01:05.040 --> 01:09.720
Well, we can find a lot of different things using open source intelligence, things like email addresses,

01:09.720 --> 01:12.330
phone numbers, addresses and identities.

01:12.480 --> 01:16.890
It can be used for background checks, social media accounts and information.

01:17.520 --> 01:19.530
We could do criminal record searches.

01:19.530 --> 01:25.210
We could figure out different scams and a lot of other things.

01:26.800 --> 01:34.000
So in terms of who would use Osint, pretty much everyone can use Osint on a certain level.

01:34.090 --> 01:41.530
Law enforcement will use Osint to search out possible crimes and information security professionals.

01:41.530 --> 01:47.000
Malicious hackers use Osint in terms of malicious hacking.

01:47.090 --> 01:52.190
Um, that's referred to as reconnaissance, which is the first phase of hacking.

01:53.000 --> 02:04.040
Businesses could use Osint to check up on competitors, things like geopolitical changes, climate changes.

02:04.220 --> 02:07.250
They could take a look at their employees.

02:07.280 --> 02:13.010
Investigators will use open source intelligence for things like doing background checks, finding things

02:13.010 --> 02:16.760
about people, finding missing people, and so forth.

02:16.760 --> 02:23.060
Journalists will generally use Osint to do fact checking and dig up information on different stories,

02:23.060 --> 02:29.480
and home users could use Osint for things like, well, determining if something is a scam, looking

02:29.480 --> 02:34.340
up information, just reading the news nowadays, there's so much information out there, it's hard

02:34.340 --> 02:37.340
to tell what's real and what isn't real.

02:37.340 --> 02:41.780
And you could use Osint to kind of determine fact from fiction.

02:44.450 --> 02:47.660
Now, informational data use using open source tools.

02:47.660 --> 02:51.710
We're going to be there's a lot of different tools out there for using Osint.

02:51.710 --> 02:58.310
Things like CSI Linux, Maltego, Google events operators, news sites, etc. and we're going to be

02:58.310 --> 03:04.050
taking a look at all these different tools and how to use them, when to use them.

03:05.970 --> 03:14.190
So by piecing together information we can, it helps us build a much bigger picture in terms of things

03:14.190 --> 03:15.600
like Facebook usernames.

03:15.600 --> 03:17.940
We can take a Facebook username from that.

03:17.940 --> 03:21.000
We could generally figure out a different Facebook post.

03:21.000 --> 03:24.000
User email addresses, data breach dumps.

03:24.000 --> 03:30.120
We could take a look at password hashes, unique passwords, users real email addresses.

03:30.120 --> 03:33.300
We can potentially figure out their real identity and location.

03:33.300 --> 03:38.460
Basically, what we're doing is we're gathering information and we're analyzing that information on

03:38.460 --> 03:44.010
our target, whether it's a person, whether it's a location, a story or whatnot.

03:44.550 --> 03:46.500
And that data could lead.

03:47.130 --> 03:52.240
If we're dealing with people to other users that we can that interact with our target.

03:52.240 --> 04:00.550
And essentially by piecing together this information bit by bit, we're ultimately building a broader

04:00.550 --> 04:02.590
picture of what we're looking for.

04:04.870 --> 04:13.480
So in terms of employee or employers rather checking on their employees, they may check social media.

04:13.480 --> 04:21.860
So in this case a KFC worker was fired after a Facebook photo shows her licking potatoes and the person

04:21.860 --> 04:27.920
that snapped the photo was also fired in this case, so employers may use ozone to monitor social media

04:27.920 --> 04:31.790
activity related to their company or employees.

04:31.790 --> 04:40.820
So this can help employers figure out if their employees are potentially doing anything that it will

04:40.820 --> 04:42.590
damage their reputation.

04:42.590 --> 04:46.970
And in this case, they did find out something that was very damaging.

04:46.970 --> 04:53.570
So when licking your food, potentially, or even if they're just pretending to and and they're posting

04:53.570 --> 05:00.710
videos that can have a very, very bad impact on your company, to say the least.

05:02.210 --> 05:09.210
So, uh, in terms of dating sites, men and women, if they're on a dating site, individual may use

05:09.210 --> 05:12.900
Austin to verify individuals they're considering going on date with.

05:12.900 --> 05:20.040
And if that information is accurately represented, representative of that person.

05:20.040 --> 05:28.350
So say a woman goes on, uh, a dating site and they see a picture of someone and they, they look at

05:28.350 --> 05:30.210
the photo and go, well, that's a good looking person.

05:30.210 --> 05:34.830
And they like the bio and they start chatting and things sound really great.

05:34.830 --> 05:40.890
Well, before they go on that date, they may use open source intelligence to start looking at this

05:40.890 --> 05:43.650
person and going, okay, is this person real?

05:44.640 --> 05:50.220
They could potentially take the photo, do a reverse image search, see if that's really them, start

05:50.220 --> 05:56.620
background checking their stories and information and help determine if that person is scamming them

05:56.620 --> 06:03.580
or God forbid, that they are a dangerous individual going on these dating sites and looking to hurt

06:03.580 --> 06:13.210
someone, whether it's a man or a woman, law enforcement or network administrators may be after malicious

06:13.210 --> 06:19.330
hackers, and you could potentially use OSN to track down malicious hackers, scammers and whatnot.

06:19.930 --> 06:24.250
And potentially what networks are tied to using open source intelligence.

06:24.250 --> 06:32.080
So a lot of times in my work, I come across people that are sent phishing emails or potentially scams.

06:32.200 --> 06:40.240
Information to different users all use open source intelligence, one to determine whether it is a legitimate

06:40.240 --> 06:41.560
email or text message.

06:41.560 --> 06:48.530
And then I'll generally take that information and go through and figure out kind of who they are and

06:48.530 --> 06:49.640
where they're at.

06:50.510 --> 06:57.140
So these are some uses for open source intelligence and kind of a broader view of what open source intelligence

06:57.140 --> 06:58.430
or Osint is.

06:58.460 --> 07:02.480
Now there's a lot of specific aspects of Osint.

07:02.510 --> 07:05.450
Things like Signet which is signal intelligence.

07:05.450 --> 07:06.650
Marsden.

07:07.040 --> 07:12.500
Um, there is um Humint which is human open source intelligence.

07:12.500 --> 07:15.740
This is going to be a broad picture of open source intelligence.

07:15.740 --> 07:20.720
We're going to take a look at different tools and techniques for your general use of open source intelligence.

07:20.720 --> 07:23.030
And I'm really excited that you're taking this course.

07:23.030 --> 07:24.830
I appreciate it very much.

07:24.830 --> 07:28.190
And again, hopefully the audio quality is much, much better in this one.

07:28.190 --> 07:33.740
And if you run any questions with the uh, or have any problems with the course, always feel free to

07:33.740 --> 07:34.700
contact me.

07:34.700 --> 07:35.870
Thank you so much.

07:35.870 --> 07:37.340
I'll see you in the next video.