Methodology

One of the most frustrating things to happen in any data visualization software is for you to run a query and get back the notification: “This result returns more nodes than you are allowed to...

We’ve talked in recent weeks about the importance of training and the methodology behind it.  Much of the OSINT work we do is focused on the social aspects and footprint of a target online.  As most...

It would take about 3 minutes to teach someone how to collect data on a single individual. That is easy to do. You poke around and find out all you can about the person. The difference between an...

There comes a time in some OSINT investigations where we have accurately identified our target’s profiles, lifestyle, and communication platforms, but we still aren’t quite to the point of...

When starting a project in OIMonitor, you are tempted to cast a wide net and grab from every source. This will bring in a lot of hits and you may even think, “Wow, this is awesome! I am awesome! My...

Many years ago, when I was in college, I had a job at a large retailer.  It involved all of the normal retail-y things: stocking, checking, unloading trucks, helping customers, etc.  After working...

Today, we will be exploring the world of carding a bit and following the path of a kid on his way to becoming a full-fledged carder.  I spent about an hour on the basics of the investigation. The...

I recently setup a project in OIMonitor to track the mentions of infectious diseases mentioned in the news. I immediately got results, though not all of it was good. One thing that did pop up...

Risk management strategies that work are hard to find in such a noisy infosec buzzword filled industry. Our guest Matt Devost, offers perspective on subjects which will be helpful for beginners,...

Incident Response and extended investigations need storytelling functionality. Westward.ai’s innovation in event query languages is discussed laced with candor, history, and strange hacker lore. The...

We have been monitoring COVID19 and observed that we need to dig in deeper with experts in the field.   In this episode we explore that dialogue. In our podcast, we aren’t always the experts in...

Nico, (dutch_osintguy) shares his origin story along with war stories old, and new. Topics the following: Leadership seems to want visualization, analyst don’t care. Discussions evolve about how...

Today, I’m going to go on a very basic hunting adventure. Every so often, I do stuff like this for “fun”.  There’s no deep takeaway here –– just some basic searching and the techniques involved. ...

2020 will be eventful and likely one of the most historical years containing change, balancing the tension between change, conflict, and hopefully peace in a long time. When reflecting on the...

A few weeks ago we went over an interesting way to pivot from breached data passwords to a target by virtue of the lazy way many people reuse the same passwords for multiple emails.  In a very...

We’ve all heard the advice a million times, “Don’t use the same password on different websites.” Unfortunately, (or fortunately, depending on our motivations) many users make this exact mistake. In...

The first lesson I was ever taught in programming is the need for scaffolding. Just like painting a house, even if you are certain you can reach every nook and cranny and cover every wall,...

In 1896, at the University of Lausanne in Switzerland, a young economist by the name of Vilfredo Pareto published a paper showing how 80% of the land in Italy was owned by 20% of the population....

As a developer and OSINT investigator, I often come across other investigators that are researching a target online and have “hit a wall,” so to speak.  “I’ve hit a dead-end, I can’t figure anything...

In my last entitled Illuminating Context with Timeline Analysis, I gave a rough sketch of the basics. In this post I will share a few specifics. The primary point to drive home is there won’t ever...

In our training courses, we push ideas and investigative methodology more than we push our tools. Tools will change, but proper investigative methods will not change. Asking the right questions will...

Human trafficking, according to Wikipedia, is the trade of humans for forced labour. With the advent of the internet and high-speed communication, traffickers have found a new way to advertise their...

Everyone has a different use case that needs to be monitored, and we enable a vast amount of use cases for tailored collection and monitoring with OIMonitor at a very high scale and have been doing...

Today we are going to look at how we can build a network from a single starting entity and use that network to identify the actors in the network that are the most connected. For this example, we...

Every investigation is different, but what never changes is how you have to treat an investigation much like the challenge of building something with a bucket of Legos. With each bread crumb, you...

I had previously written about how we started with our our monitoring platform and how that grew into the beast it is today.  I didn’t leave much room to frame things in the most hip-infosec way,...

If the world has a plethora of investigators and the success of prosecutors is hovering around 90% success rate  — why do we struggle with an increase in more complex crime, a rise in international...

In “Understanding Link Analysis and Using it Investigations,” I detailed how to get started and some fundamentals on link analysis. What I didn’t cover was how long you should be involved in the...

I started using link analysis for investigations somewhere around 2009/2010 when we were developing the first version of SocialNet.  A longtime friend, Roelof from Paterva, shared his vision for a...