Sign in Subscribe

Learning OSINT Techniques

I've heard it often said that "Learning OSINT is like drinking from a firehose" and it's true! Over the past several months, I have immersed myself in OSINT training. It is amazing how well OSINT fits my desire to learn new things, figure out how things work, and use what

OSINT Academy Week 7

This week we covered various types of analysis. * CARA Analysis (Characterstics, Associations, Reputation and Affiliations) * SWOT Analysis (Strengths, Weaknesses Opportunities and Threats) * Value Chain Analysis * Supply Chain Analysis Much of this week I learned about the vast amount of public records that can be researched to uncover vital information in

Manual Metadata Extraction

Did you know that you can unzip a file by changing the file extension? I recently learned that you can extract additional information from files with the .pptx, .docx and .xlsx These are the steps: 1. Download the desired file in one of the mentioned formats. 2. Rename the file,

OSINT Academy Week 5

Week 5 has been amazing! This week we covered "Technical Research" learning about processes and tools that allow you to dig deep into the following areas. I learned advanced research skills with: * Emails * Documents * Images * Videos * Domains * IP Addresses I discovered a number of fascinating processes and tools that I

Revisiting 2024 Goals

A friend recently asked me about the status of my 2024 goals. He asked if I had ever written about the successes I had in achieving them. I hadn't realized it until then, but I never wrote and end of 2024 post updating my goals. Here are the goals that

Week 4 OSINT Academy

This week, I focused on learning the proper construction of URLs for various social media platforms. Gaining the ability to manually build these URLs allows for more advanced navigation and access within the platforms—going beyond the limitations of their default search features. We focused on the following platforms: * Facebook

OSINT Academy Week 3

This week was like drinking from a fire hose! Reading through the book "OSINT Techniques" by Michael Bazzell was amazing! The amount of search techniques covered was incredible! At first, I thought about using a note-taking app to capture some of the great resources I was learning, but I quickly

OSINT Academy Week 2

This week, we learned about the term "Managed Attribution," which is defined as " the ability to remain cloaked, anonymous, unnoticed, while conducting online investigations." Virtual Machines We learned about the different host software used to manage virtual machines. The two most popular are Virtualbox and VMWare. We learned how to

OSINT Academy Week 1

I am so thankful to have the opportunity to participate in the training offered by the OSINT Academy and the Hetherington Group. Week one began on Monday, March 24th. I began my morning at 4 a.m., eager to dive into the training. I had already determined that I would

Professional Networking Tips

Let me just start off by saying that I am in no way an expert on "Networking". So why am I writing a blog post about this topic? The reason is that I want to help people who may be less familiar, or new to networking to build their online

OSINT-Advanced Search Operators

Advanced Search Operators are very powerful. Knowing how to properly use them could mean the difference between finding the specific information you are looking for and being overwhelmed with tons of not so relavant information. It is also very important to use multiple search engines to ensure that you have

Make the most of your mistakes

While recently watching a YouTube video created by my friend "Brews-n-Hacks" (Ryan) I saw that he had added a "Bloopers" reel to the end of his video. This made me laugh, and I started to think about mistakes I have made when recording videos. For those new to creating content,

uBlock Origin Alternatives

As of February 26, 2025, Google Chrome has begun disabling and suggesting the removal of extensions that are not updated for Manifest V3, particularly affecting popular extensions like uBlock Origin. Note: Manifest V3 (MV3) is the latest version of the extension platform for Chromium-based browsers (like Chrome, Edge, and Brave)

privacy

Using Expired Domains for OPSEC

A few years ago, after listening to the podcast by Michael Bazzell (which I really miss) I decided to explore using "expired domains" as a layer of operational security. I visited the website expireddomains.net and began looking for a domain that had a reasonable reputation, and a name that

Hands-on with My OSINT Training

If you are not yet familiar with Micah Hoffman and Griffin Glynn these two guys are great! They are the owners of My OSINT Training an amazing platform for learning about OSINT. Micah and Griffin don't just show you a list of tools, they are experts who are both passionate

LetsDefend training

I am always looking for a great deal on cybersecurity training. With the cost of living being so high, we are all looking for ways to level up our skills, without breaking our budget. I recently began studying for the CompTIA CySA+ exam using the course from Dion Training. While

TLDR Wazuh setup

Create two servers on Linode: * 1GB Ubuntu for the agent * 4GB Ubuntu for the server Note:This is the minimum requirement On the server machine 1. Connect to the "server" via SSH and run apt update 2. Next, run curl -sO https://packages.wazuh.com/4.9/wazuh-install.sh && sudo

Publishing your first video

If you are passionate about technology like I am, you want to share with the community. But, what if you are an introvert, shy, or just not good at public speaking? How do you overcome the fear of stepping out of your comfort zone? I have heard people say that

FREE non-persistent web-based Firefox browser

Possible use case: Setting up a non-persistent stand alone Firefox web browser for performing OSINT research. You might be wondering what I'm talking about. Basically, I'm referring to running the Firefox web browser inside a Docker container. The "free" aspect comes from utilizing Amazon's EC2 (Elastic Compute Cloud). Why not

Hands-on with Crowdsec

Crowdsec is an amazing tool that allows you to enroll a machine or VPS and have "Curated Threat Intelligence Powered by the Crowd." They have a great "Community Edition" that will allow you to set it up and quickly secure your machines and servers. First, create an account at Crowdsec.

Why you need a blog right now

If you are interested in starting a career in IT, or more specifically, Cybersecurity, there are some important steps you should take. One of those steps is creating a blog, website, or somewhere to show what you are learning. If you have never created a blog, I can help. Here

Hands-on with Push Security

PushSecurity is an amazing tool that allows you to turn every employee's browser into a telemetry source and control point for defending workforce identities. I recently learned about PushSecurity from Dr. Gerald Auger on the Daily Cyber Threat Brief It is simple to setup, just create a free account and

Hands-on with Canary Tokens

Canary Tokens are a clever and inexpensive way to detect unauthorized access or malicious activity within a network. You can generate tokens for FREE at CanaryTokens.org Here are a few practical uses: 1. Detecting Unauthorized File Access * Use Case: Embed a canary token in a sensitive document (e.g.

Hands-on with Elastic SIEM

I recently found a great tutorial from Gerald Auger on setting up the Elastic SIEM. I have been trying to become more familiar with security solutions that I haven't used before. The great part about this tutorial is that Gerry provides you with three bullet points that you can add

Hands-on with Wazuh

Wazah is an amazing SIEM (Security Information and Event Management) tool. It is free to use as a self-hosted solution. In this post, I will be explaining some practical ways to use Wazuh to harden the security of an Ubuntu server. If you are unfamiliar with Wazuh, I recommend watching