SEMAFOR-CONSEIL
Your Cybersecurity Compass
Menu
/ Cybersecurity Analyst, Cybersecurity Consultant, Cybersecurity Engineer, Defense, Learning, Monitoring, Detection, Defense / By

OSINT Automation

BT221

Table of Contents

Description

Open-source intelligence (OSINT) Automations covers the techniques and procedures practiced retrieving targeted information from open-source networks containing immense amounts of data using automatic tools to achieve maximum results.

This course teaches participants how to collect and analyze information using different tools and creating automation. Students will be further exposed to collecting information from the Darknet, social networks, and other sources.

How to make the most of this course?

In order to succeed in the course, the following requirements must be met:

  • Participation in all practical laboratories
  • Self-work at home between lessons
  • Repetition of materials, self-learning, performing tasks, etc…

In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
The participant will also need a good personal computer suitable for running virtual machines, with a broadband Internet connection.

Target audience

This course targets mostly law-enforcement wanting to master the art of finding data around the internet.

  • Threat intelligence analysts
  • Cybersecurity professionals
  • Law enforcement personnel
  • Intelligence officers
  • Private/public Investigators
  • Forensics investigators

Objectives

  • Creating customized data collecting scripts
  • Providing students with an all-source methodology
  • Discovering techniques needed to generate highly relevant intelligence
  • Understanding how to collect information from various social networks
  • Exploring the Darknet for information bases

Pre-requisites

  • First level of OSINT course
  • Advanced web search
  • Linux

Syllabus

Description

In this module, participants will learn to use Linux for collecting data from different sources. Students will also learn to gather information regarding domains in different parts of the world.

Technical content

  • Linux Scripting
    Open-Source Intelligence
    Becoming Anonymous
    Building your Lab
    Virtual Private Network (VPN)
    Proxy Layer
    Working with VPS
    DNS Leakage Testing
    Reconnaissance of an Organization

Description

Students will get to know practical tools and search engines they will handle to collect data throughout this module. They will deepen their understanding of various information sources and will focus on gathering data from social networks.

Technical content

  • OSINT Tools
    Online Tools and Frameworks
    Introduction to Basic Bash Scripting and Automation
    Extracting Information From Major Social Networks
    Extracting Metadata and Geolocation

Description

Students will become familiar with a wider and more advanced array of OSINT tools and search engines in this module. They will understand how to use metadata and maximize the use of different filtering and customization options for searching. Students will gain the capabilities of identifying further information that may not be disclosed in a standard Google search.

Technical content

  • OSINT Tools In-Depth
    About Crawlers
    SpiderFoot
    Maltego
    Recon-NG
    Mapping
    Openrefine
    Foca
    SearchCode

Description

The Darknet is considered the most prominent source of huge amounts of relevant information that is not accessible through the usual network. During this module, participants will learn to use the Darknet, pinpoint the information they are looking for, collect it, use avatars, purchase databases with sensitive information, and activate different automated tools for browsing and extracting information from the Darknet.

Technical content

  • Darknet Overview
    How Crawlers Operate
    Creating URLs Crawlers
    Creating Darknet Crawlers
    Freenet
    Understanding Cryptocurrency Marketing
    Bitcoin
    Wallets

Labs

The following labs are part of the actual BT209 course:
  • Lab 1 Tracing Basic Information
  • Lab 2 Searching for Information
  • Lab 3 Using OSINT Tools
  • Lab 4 Mastering Google Search-Engine
  • Lab 5 Automated OSINT Tools
  • Lab 6 Searching the DarkNet
  • Lab 7 Identifying Avatars
  • Lab 8 Configuring OSINT Automations

Real Cases Studies

Case Study #1 (TOS001)
A group called "OurMine" took control of the HBO accounts, as well as those for the network's shows, including Game of Thrones. The hackers released episodes of the series before scheduled dates. The security team was able to trace some of the hackers by tracing one of the attackers' nicknames on Twitter. You are hired to track the group.
Reference
Case Study #2 (TOS002)
On May 10th, the Illinois Air National Guard was a victim of information exposure. Personal information of Air Force members was leaked through social media platforms due to a lack of security settings on these websites. An intelligence team was assigned to the case, and you are one of them. Use your OSINT skills and tools to find leads to the incident.
Reference
Case Study #3 (TOS003)
A hacker nicknamed AlpHaNiX defaced Google, Gmail, YouTube, Yahoo, Apple, and more websites. Cybersecurity researchers found that the hacker used a strategy called DNS cache poisoning. A local security department responded and started to track those domains using their advanced OSINT tools. Help your team mitigate this security incident.
Reference
Case Study #4 (TOS004)
The Kaspersky security researcher team reported that the Tor network is currently being used to hide 900 botnet and other illegal hidden services. A Police intelligence unit found information about a criminal who used the "Silk Road" - a popular underground market for merchandise purposes. As a member of the intelligence team, track the criminal and to find any connections related to the Darknet.
Reference
Case Study #5 (TOS005)
The infamous hacking group Anonymous vowed an 'Electronic Holocaust' against Israel and promised to erase Israel from the cyberspace. They leaked credentials to 6000 routers including usernames and passwords. During the attack, the group used many hacktivist community webservers; use your skills, and find related information about the group targets.
Reference
BT221 OSINT Automation
Join a session

 Course type

This course is delivered in the following ways:

  • Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
  • In situe classroom with proctored labs and scenarios executed in our Cyberium Arena

All sessions are recorded and attendees can replay them  during 30 days. All course material is electronically made available to the participant.

 Course Group: FOUNDATION

LEVEL
0%
HOURS
1

 Hands-on / Theory MiX

The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.

Hands-on
1 %
Labs
1
Case Studies
1

Certification

This course prepares the participant to the following certification:

  • GOSI (SANS)
  • C|OSINT (Mcafee)

Required EqUIPMENT

Network connection

As this course extensively uses a cloud based Learning Management System, including a lab arena, attendees need a stable broadband connection to the Internet.

BYOD – Bring Your Own Device

As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:

  • Audio and Video
  • 8 GB RAM
  • 200 GB Disk Space
  • Virtualization capabilities ( supporting latest version of Virtualbox or similar virtual machine application)

And also a Good Headset with Mic

More Details

Subscribe

Join a session
SEMAFOR-CONSEIL
Privacy Policy
Contact