The OSINTion Tidbit

Share this post

OSINT Framework (with Justin Nordine)

tidbit.theosintion.com

OSINT Framework (with Justin Nordine)

Joe Gray
Dec 19, 2016
Share this post

OSINT Framework (with Justin Nordine)

tidbit.theosintion.com

OSINT Framework (WITH Justin Nordine)

ADVANCED PERSISTENT SECURITY PODCAST

EPISODE 29

GUEST: Justin Nordine

December 19, 2016

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.

NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

OSINT Framework (WITH Justin Nordine)

SHOW NOTES

PART 1

Instead of discussing the news, we decided to talk about Josh Huff‘s recent OSINT Fire Drills: Monitoring the Internet blog post. We discuss his approach in evaluating change detection and his use of and testing of a variety of tools. Joe also relates this to contingency and redundancy. We talk about when testing of new tools is appropriate and when it is not. We discussed Josh’s DerbyCon talk. The discussion shifted to the breadth of OSINT and the integration of OSINT into Penetration Testing and Red Teaming.

PART 2

Justin talks about the origins of OSINT Framework. It began as a project with some of his co-workers. We talk about the change detection tools within OSINT Framework and some case studies relative to Josh’s blog post. We discuss the use of typo squatting for OSINT and Social Engineering as well malicious use. We talk about contributing information to threat intelligence feeds like AlienVault Open Threat Exchange (OTX). OSINT and the election is covered in terms of the misinformation campaigns and candidates using OSINT to better understand their constituents.

PART 3

We talk about analyzing Metadata. Justin provides examples of scraping metadata from pictures on websites like Facebook or Craigslist. He talks about sites now removing or obfuscating metadata to protect users. We discuss use cases for malicious software from the attacker and defender perspectives, when to scan your own files for exploitation (thus burning them) versus keeping them. The discussion shifts to Operations Security (OPSEC). We discuss persona generation and when to employ it. Joe mentions Riffle as a Tor alternative.

Riffle Information:

Tech Crunch article about Riffle

Riffle

ABOUT Justin

OSINT Frmework (with Justin Nordine)
Justin Nordine

Justin is a “Cyber Pathologist” by day. He holds various SANS/GIAC certifications. He is active in the lock picking and lock sports communities. He is the author of OSINTFramework. He resides somewhere in the Carolinas.

CONTACTING Justin:

Twitter: @jnordine

OSINT Framework

GitHub: Lock Fale


PASSWORD BLOG LINKS:

AlienVault

Hosted Locally on Advanced Persistent Security

WI-FI BLOG LINK:

AlienVault

Hosted Locally on Advanced Persistent Security

POWERSHELL LINK:

AlienVault


JOE’S BLOG ON ITSP:

When Friendly Thermostats & Toasters Join The IoT Dark Side

Joe’s Blog on Tripwire:

Burgling From an OSINT Point of View

Joe’s Blogs on Sword & Shield Enterprise Security’s site:

Holiday Shopping Safety Series: Shopping Via Credit Card and e-Commerce

Holiday Shopping Safety Series: Holiday Scams and Hoaxes

Joe’s Work with WATE 6 News in Knoxville, TN:

Shopping online safely this holiday season

iPhone scam uses text messages to hack iCloud information

Maryville hacker takes over Facebook accounts

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:

Delivered by FeedBurner

SUBSCRIBE TO OUR MAILING LIST

* indicates required

Email Address *

First Name

Last Name

The post OSINT Framework (with Justin Nordine) first appeared on Advanced Persistent Security.

Share this post

OSINT Framework (with Justin Nordine)

tidbit.theosintion.com
Comments
TopNew

No posts

Ready for more?

© 2023 The OSINion
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing