Discover more from The OSINTion Tidbit

Open Source Intelligence (OSINT), Geospatial Intelligence (GEOINT), OPSEC/Privacy, Disinformation, and Data Science and the impacts they have on society.

OSINT Framework (with Justin Nordine)

Joe Gray

Dec 19, 2016

ADVANCED PERSISTENT SECURITY PODCAST

EPISODE 29

GUEST: Justin Nordine

December 19, 2016

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

OSINT Framework (WITH Justin Nordine)

SHOW NOTES

PART 1

Instead of discussing the news, we decided to talk about Josh Huff‘s recent OSINT Fire Drills: Monitoring the Internet blog post. We discuss his approach in evaluating change detection and his use of and testing of a variety of tools. Joe also relates this to contingency and redundancy. We talk about when testing of new tools is appropriate and when it is not. We discussed Josh’s DerbyCon talk. The discussion shifted to the breadth of OSINT and the integration of OSINT into Penetration Testing and Red Teaming.

PART 2

Justin talks about the origins of OSINT Framework. It began as a project with some of his co-workers. We talk about the change detection tools within OSINT Framework and some case studies relative to Josh’s blog post. We discuss the use of typo squatting for OSINT and Social Engineering as well malicious use. We talk about contributing information to threat intelligence feeds like AlienVault Open Threat Exchange (OTX). OSINT and the election is covered in terms of the misinformation campaigns and candidates using OSINT to better understand their constituents.

PART 3

We talk about analyzing Metadata. Justin provides examples of scraping metadata from pictures on websites like Facebook or Craigslist. He talks about sites now removing or obfuscating metadata to protect users. We discuss use cases for malicious software from the attacker and defender perspectives, when to scan your own files for exploitation (thus burning them) versus keeping them. The discussion shifts to Operations Security (OPSEC). We discuss persona generation and when to employ it. Joe mentions Riffle as a Tor alternative.

Riffle Information:

Tech Crunch article about Riffle

Riffle

ABOUT Justin

OSINT Frmework (with Justin Nordine) — Justin Nordine

Justin is a “Cyber Pathologist” by day. He holds various SANS/GIAC certifications. He is active in the lock picking and lock sports communities. He is the author of OSINTFramework. He resides somewhere in the Carolinas.

CONTACTING Justin:

Twitter: @jnordine

OSINT Framework

GitHub: Lock Fale

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:

Delivered by FeedBurner