All right, let's jump right into it. Welcome everyone, We're about to take a deep dive into the world of open source intelligence.
Ocent for sure.
Oh, since that's right. If you want to learn some serious, cutting edge techniques, you are in the right place because today we're diving into Michael Bizell's book Open Source Intelligence Techniques.
That's right.
We are, so get ready to uncover some secrets that are hidden in plain sight.
Yeah. But before we before we start digging into other people's lives, we really have to talk about protecting your own.
Oh that's a good point.
It's like, imagine like you're trying to track someone and you find out they're already tracking you. Uh oh yeah, not good.
That sounds like a like a bad spy movie waiting to happen.
Right, So how do we make sure we're not the ones being investigated? Yeah?
How do we protect ourselves?
So think of it like building a digital fortress around yourself. Yeah, you gotta start with the basics. Anti virus, malware protection, super important.
Those are the essentials.
Yeah, definitely. Now, ClamAV that's a great open source opwa If you're looking for.
Something free, okay, good to know.
Then you want to harden your browser, so disable any plugins you don't actually need.
Oh yeah, I'm always surprised by how many I have and I don't even.
Realize it exactly exactly. And then we got to talk about privacy focused add ons. Okay, think of these as your OCENT toolkit, all right, so you block origin, blocks those annoying ads. Fire shot. This one lets you capture entire web pages.
Oh neat, like a screenshot, but like a better version.
Way better. And bulk media downloader, Yeah, that's for well, downloading media in bulk. And of course exit viewer. This lets you analyze images, get all the metadata.
That sounds pretty powerful it is.
And of course a VPN.
Always got to have a VPN.
Oh yeah, that's essential for masking your IP address. Right, but Bazel takes it a step further.
Oh what does he say?
He really advocates using a Linux virtual machine.
A virtual machine? What's that?
So think of it as a mini computer inside your computer? Whoa, yeah, right, and this one is dedicated it's solely to OCENT.
Ah, I get it.
It's an extra layer of security.
That makes a lot of sense.
So even if your main system gets compromised, your OCENT work stays safe. Yeah, you want to be the one doing the investigating, not the other way around.
Very true.
All right, So now we got our digital defenses up, let's get into some actual ocent techniques.
Let's do it. Where should we start?
I think a good place to start is social media.
Of course, that's like a gold mine of information.
It really is. Let's start with Facebook, all right, Facebook? Did you know that every Facebook user has a unique ID that can be exploited?
Wait, a secret code, like a like a skeleton key.
It's a skeleton key. Yeah. Once you find it, you can uncover photos, they've liked, groups, they've joined events, they've attended.
Whoa, It's like a whole secret history, it really is, and.
It's all stuff that Facebook tries to keep hidden.
That's kind of creepy but also kind of cool.
Yeah. Right, so how do we find this magical user id?
Yeah? How do we do it?
Well, there are tools that can help, or you can find it by looking at the source code of their profile page. And here's where it gets really interesting. You can search for Facebook profiles not just with email addresses, but also phone numbers.
Wait, so I could find your profile just using your phone number. That's wild.
It's possible.
That's a bit scary.
It is, it is, and that's not all. You can uncover connections between people, connections that aren't obvious.
Okay, like how do you do that?
By analyzing their friends networks. You can even use Facebook's live video map to find someone's location in real time.
Hold on real time? That's I mean. Isn't that an invasion of privacy?
It can be. Yeah, but it's all public information.
That's crazy, Yeah, it is, all.
Right, let's switch gears. Let's talk about Twitter.
Okay, Twitter, so.
Unlike Facebook, Twitter is much more open, but you need a strategic approach. You can use advanced operators to filter, buy date, location, even the device someone used to tweet.
Okay, that sounds pretty specific.
It is like Facebook. You can sometimes unearth deleted tweets.
Oh wait, deleted? How's that possible?
So nothing is ever truly gone on the internet. Oh, that's the beauty and the danger of it. There are services that archive web pages, including tweets, even after they've been deleted.
Oh wow, So even if someone thinks they've covered their.
Tracks, it's still out there.
That's a bit scary but also fascinating.
It is. And then there are tools like tweet beaver and tinfol leak that can analyze a user's network and activity patterns.
So we can see who they're connected to and how they're using Twitter exactly. I'm starting to feel like a digital detective.
Here you are, you're getting it. Okay, let's move on to Instagram.
All right, Instagram everyone's favorite photo sharing app.
Right, So Instagram search function is kind of limited.
Yeah, it's not the best.
But you can bypass that use Google to find profiles and tag posts. Plus, Instagram often keeps metadata in photos, which can reveal locations.
Oh right, metadata.
We talked to that even a selfie can give away more than you intended.
Yikes, gotta be careful about what I post.
You do you do? So what else can we use beyond social media?
Yeah? What else is there?
People? Search engines, pipil peak you. These are amazing resources.
I've used those before. It's always a bit unnerving how much they find, right.
It's eye opening. Yeah, and you can use them to find potential email addresses and even social media profiles, even if you only have a name and a location.
So like one piece of information leads to another and another.
It's like a digital trail, a trail of breadcrumbs, exactly. You can go even deeper than that. Deeper.
How much deeper can it go?
Have you ever heard of the dark Web?
I have, but it sounds kind of intimidating.
So think of the Internet like an iceberg. Right. The surface web is what we see every day, but underneath lies this vast hidden network the dark web.
Okay, so like the tip of the iceberg versus what's underneath.
Exactly, it's a place where anonymity rains and information. Well, it can be valuable, but also.
Sounds like a risky place to be.
It can be. You can access it using TOR, that's the anonymous browsing network.
Oh, I've heard of Tor.
And then there are specialized search engines like showdan. This can reveal Internet connected devices, potentially including unsecured webcams and servers.
That's wow. That's kind of scary.
It is a bit it is. So you've got social media, you've got people search engines, you've got the dark web. With all this information, how do you even keep track of it?
That's a good question. It sounds like it could get overwhelming pretty quickly.
It definitely can. That's why archiving and Documenting your findings is so important.
So you don't lose track.
Right, you need to capture, preserve the evidence, especially if you might need it later for legal purposes.
Maybe right makes sense.
Tools like hunchly they're invaluable for this.
Hunchy, i'f check that out.
It's like having a digital notary for your investigation.
So you've got social media, people, search engines, the dark web. Can you give me some real world examples of how these overcent techniques have been used? Oh?
Absolutely. The Housel's book has some incredible stories. There was one case where a missing person was found thanks to deleted social media posts. Yeah, they used osin techniques to recover them.
Wow. So it's like bringing a digital ghost back to life. You could say that that's amazing.
It really is. And there was another case where a suspect in a vandalism case was identified using a reverse image search.
Oh wow. So even seemingly harmless photos can.
Be incredibly revealing. Osin's even been used to uncover a company's hidden connections by analyzing their domain name.
So it's not just about finding people, it's about understanding connections networks exactly.
It's a powerful tool that's for sure.
With great power comes great responsibility.
You got that right. Yeah, We've covered so much already. I need a minute to let it all sink in.
I know, right, We've gone from social media to the dark web. It's a lot to process.
We've only just scratched the surface. The world of ocent is vast, constantly evolving.
I can't wait to learn more. Welcome back to our deep dive into the world of open source intelligence.
It's like we're putting together a giant puzzle, and each piece of data brings us closer to the bigger picture.
Exactly, So let's keep uncovering those pieces. What other techniques can we use?
Let's talk about email addresses. Even if you don't have the full email address, you can often piece it together.
You mean, like a digital guessing game.
It's more than just guessing. You can try different combinations, right their name, use your name, other details with common email providers, so.
Like Gmail, Yahoo, those sorts of things.
Exactly.
Are there tools that can help with this?
Oh? Absolutely? Bizell mentions this website find any email really effective.
Find any email?
Okay, You just need their name and the employer's domain, and it generates a list of possible email addresses.
That sounds super helpful. Okay, So let's say we have a potential email address. What do we do with it?
First, verify it's real email. Hippo can check if it exists.
If it's active email, Hippo got it.
Then have I been planed? Check if it's been compromised?
Oh right, like a data breach or something exactly.
You wouldn't want to rely on a compromise email address.
Right, definitely not. Okay, So what else can we do with a verified email address?
You can gather some intel. Try creating an account on Apple ID using their email if it's already in use, you know they have an Apple account?
Ah, clever.
You can do this with other services too, build a profile of their online activity.
It's like a digital fingerprint exactly.
Okay, let's shift gears a bit. Say we're not investigating a person but an event.
Okay, so like a protest, a crime or something like that.
Yeah, osin can be really helpful there too. How so social media is your starting point, right? Search Twitter, Facebook, Instagram using keywords makes sense. Remember those advanced search operators.
Oh yeah, those are super powerful.
They can help you filter through the noise and get to the most relevant.
Posts, so you don't have to weighe through everything.
Right, and don't forget about tools like tweet monitor, multiple feeds, hashtags.
Tweet deck like a command center for information exactly.
What about events that aren't widely discussed on social media?
Hmmm, yeah, those are trickier.
Online communities are a good place to look. Think forums, message boards.
Like those niche communities exactly.
They usually have their own search functions, or you can use Google.
Okay, So we got to find the right communities for our investigation.
Right and look for discussions, threads, any mentions of the event, user names, timestamps. Pay attention to those details.
It's like virtual detective work.
It is bizelle mentions. Reddit. It's a great example, vast network of communities.
I've heard of Reddit. It seems a bit overwhelming, it.
Can be, but once you get the structure, it's a gold mine.
So how do you even navigate it?
Search for specific subredits or use the main search function look for keywords?
Okay, so we found some interesting posts.
Now what try to identify the users?
Right?
Yea, Then you can use those other techniques we talked about to find their social medt profiles, learn more about them.
Ah. Okay, so it all ties together.
And there's this service push Shift. It lets you search for deleted Reddit.
Posts, deleted posts, so even if they try to cover their.
Tracks, it might still be out there.
Wow, the Internet never forgets, it really doesn't.
All right, let's move on to a different kind of online space, dating websites.
Oh interesting, So we're not just talking about finding lost loves, not this time.
Yeah, these platforms can be valuable for investigations, relationships, infidelity, even criminal activity.
Okay, I can see how that would be relevant.
But how do we even investigate them? They seem pretty private?
Yeah, that's what I was thinking.
Most have search functions filter by location, age, interests, that sort of thing.
Okay, so you can narrow down the search, and you.
Can always use Google. Some profiles are publicly.
Visible, even if they think they're private.
Sometimes. Yeah, now here's a cool technique sentence searching. Take a unique phrase from their profile and search for it on Google.
Ah. So if they've used that phrase elsewhere, you might.
Find their other accounts, social media blogs.
Clever.
And don't forget about reverse image search. If you have their.
Photo, Oh right, that can be powerful.
It can lead you to their other online identities.
So many techniques. How do we keep it all organized?
Organization is key, especially for complex investigations. Bizell suggests using mind maps or other visual tools.
To connect the dots exactly.
And spreadsheets. Those are your friends.
I love a good spreadsheet, simple but effective, they really are.
Speaking of practical tools, what about online classifieds?
Oh, like craigslists.
Yeah, Craigslist. You might think it's just for furniture and apartments.
Yeah, that's what I usually use it for.
But it can be useful for investigations, missing persons, stolen goods, even criminal activity.
Wow, I didn't realize.
You can search by location, keywords, even phone numbers.
Okay, that makes sense.
And there's this technique called site searching. You use Google to search for specific content within a.
Website, so like searching for a specific phone number, but only within craigslists.
Exactly. Pay attention to the language, time of posting, any patterns.
It's all about the details.
It is. It is a scent. Is more than just techniques. It's a mindset, way of thinking, curiosity, persistence, connecting the dots. We've covered a lot, but there's still more to come.
This is all so fascinating. I can't wait to learn more. Welcome back to our final deep dive into ocent. We've explored so much already, social media, the dark web, even dating apps.
We have, but there's still so much more to explore.
I'm ready for it.
What else is there today? Let's shift gears a bit less about specific platforms, more about the information itself.
Okay, I like where this is going.
Let's talk about document analysis.
Document analysis like reading reports and stuff.
More than just reading, it's about analyzing think reports, presentations, spreadsheets, legal filings, all publicly available online.
Oh okay, I can see how those could be valuable.
They're gold mines if you know how to analyze them.
That is, So, where do we find these documents?
Search engines those are your best friend. Use specific keywords file types to narrow down your search.
So if I'm investigating a company, for.
Example, exactly, you could search for their name, plus file types like PDF or DOCX, find reports, presentations, even internal documents.
Sometimes that's pretty cool. It's like going on a digital treasure hunt.
It is, and Bazell has some great tips on search operators that can make this even more effective. Ooth like what the file type operator that lets you search for specific file types or site to restrict your search to a specific website.
Okay, those are useful, But once we've found some promising documents, how do we analyze them?
It's a skill definitely takes practice. Start by scanning for keywords, phrases relevant to your investigation, names, dates, locations, things like that.
So it's like you're looking for those key pieces of information, right.
And then try to understand the context. Who created the doc document when why.
So it's not just about what the document says, but who wrote it, why they wrote it exactly.
And don't forget about the metadata.
Metadata Like with photos.
Yep, documents have it too hidden information about the creation, modification history.
So that could tell us who the author is, when it was created, things like.
That, even the location where it was created. It's like having x ray vision for digital documents.
Wow, that's powerful. Are there tools that can help us extract this metadata?
Oh yeah absolutely ex off tool that's one Bazell recommends, handles a ton of file types, reveals a lot of information.
Ex of tool. I'll have to check that out. But with so much information in these documents, how do we stay organized?
Organization is key? For any kind of ocent. Really, label store, cross reference your findings, spreadsheets, mind maps, those are your friends.
Keep it all straight exactly. Yeah.
Okay, So let's say you've analyzed the document, you've found something interesting. What's next?
What do we do with that information?
Corroborate it? Can you verify it through other sources, other documents, websites, social media? Does it match what you already know?
So it's like building a case, making sure all the pieces.
Fit precisely, and if you find discrepancies, don't ignore them.
Oh those could be important.
It could be clues pointing you in a new direction.
Okay, so let's switch gears again from documents to something more visual. Maps, satellite imagery.
Those are great tools. Say you're investigating a company an individual, you want to understand their physical environment. Google maps being maps, you can view their office buildings, their homes, even the surrounding neighborhoods.
So we can get a feel for the place without even being there exactly.
Pay attention to details, the size of the building, what kind of cars are parked there, even the landscaping.
Ah, I never thought about those details.
They can tell you a lot about a person, an organization, their wealth, status activities.
It's like being a virtual detective.
You are, and don't forget about historical imagery.
Oh right, you can see how places have changed.
Over time exactly, construction projects, patterns of activity, it's like a time machine.
That's amazing. But what about bigger events, natural disasters, protests. Can maps and satellite imagery help with those?
Oh? Absolutely? Real time situational awareness track movements, assess damage, identify hazards so you can.
Get a sense of what's happening on the ground exactly.
And social media is crucial for those events too, crowdsourced view of what's happening.
It's like having a global network of eyes and ears exactly.
But with all this information, it's important to.
Be critical, right, how do we know what to trust?
That's the key to being a good OCENT investigator. Evaluate your sources, corroborate your information, look for patterns, consistencies, inconsistencies.
So it's not just about finding information, it's about analyzing it, making sure it's reliable exactly.
Ocent is about asking the right questions. The world of ocent it's always changing, new techniques, new technologies.
So yes, stay curious people, Exactly.
The truth is out there, just waiting to be discovered.
This has been an incredible deep dive into Osent. Thank you so much for sharing your expertise and for guiding us through this fascinating world. I feel like I've learned so much.
It's been my pleasure. Remember Happy Sleuthan everyone, and
To our listeners, thank you for joining us on this journey, Keep exploring, keep learning, and we'll see you next time on the deep dive