Where does operational security begin?

Where does operational security begin?

By Elliott Anderson | May 20, 2020 12:00:00 AM

Over the course of the last few months, we’ve blogged about finding bad guys by guessing emails, mapping friends, understanding emotional behavior, and leveraging laziness and poor password...

Becoming Dark Web Rambo

Becoming Dark Web Rambo

By Elliott Anderson / May 6, 2020 12:00:00 AM

There’s a lot of mystery that surrounds the dark web–surprisingly, even in the information security space.  I’ve met a huge swath of capable engineers and developers who can explain the technical...

Cutting your teeth on ShadowDragon’s advanced CTF

Cutting your teeth on ShadowDragon’s advanced CTF

By Elliott Anderson / Apr 29, 2020 12:00:00 AM

We’ve talked in recent weeks about the importance of training and the methodology behind it.  Much of the OSINT work we do is focused on the social aspects and footprint of a target online.  As...

Fishing with a Subaru

Fishing with a Subaru

By Elliott Anderson / Apr 15, 2020 12:00:00 AM

There comes a time in some OSINT investigations where we have accurately identified our target’s profiles, lifestyle, and communication platforms, but we still aren’t quite to the point of...

Background Checks & Due Diligence

Background Checks & Due Diligence

By Elliott Anderson / Mar 11, 2020 12:00:00 AM

Many years ago, when I was in college, I had a job at a large retailer.  It involved all of the normal retail-y things: stocking, checking, unloading trucks, helping customers, etc.  After...

Unmasking a carder with OSINT

Unmasking a carder with OSINT

By Elliott Anderson / Feb 19, 2020 12:00:00 AM

Today, we will be exploring the world of carding a bit and following the path of a kid on his way to becoming a full-fledged carder.  I spent about an hour on the basics of the investigation. The...

Iran and OSINT Hunting for Fun & Profit.

Iran and OSINT Hunting for Fun & Profit.

By Elliott Anderson / Jan 15, 2020 12:00:00 AM

Today, I’m going to go on a very basic hunting adventure. Every so often, I do stuff like this for “fun”.  There’s no deep takeaway here –– just some basic searching and the techniques involved. ...

What’s in an email address?

What’s in an email address?

By Elliott Anderson / Dec 17, 2019 12:00:00 AM

A few weeks ago we went over an interesting way to pivot from breached data passwords to a target by virtue of the lazy way many people reuse the same passwords for multiple emails.  In a very...

Into the Breach

Into the Breach

By Elliott Anderson / Oct 16, 2019 12:00:00 AM

We’ve all heard the advice a million times, “Don’t use the same password on different websites.” Unfortunately, (or fortunately, depending on our motivations) many users make this exact mistake....

Bad moods = Bad decisions

Bad moods = Bad decisions

By Elliott Anderson / Aug 25, 2019 12:00:00 AM

As a developer and OSINT investigator, I often come across other investigators that are researching a target online and have “hit a wall,” so to speak.  “I’ve hit a dead-end, I can’t figure...

Scroll to Top