OSINT Automation


Table of Contents


Open-source intelligence (OSINT) Automations covers the techniques and procedures practiced retrieving targeted information from open-source networks containing immense amounts of data using automatic tools to achieve maximum results.

This course teaches participants how to collect and analyze information using different tools and creating automation. Students will be further exposed to collecting information from the Darknet, social networks, and other sources.

How to make the most of this course?

In order to succeed in the course, the following requirements must be met:

  • Participation in all practical laboratories
  • Self-work at home between lessons
  • Repetition of materials, self-learning, performing tasks, etc…

In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
The participant will also need a good personal computer suitable for running virtual machines, with a broadband Internet connection.

Target audience

This course targets mostly law-enforcement wanting to master the art of finding data around the internet.

  • Threat intelligence analysts
  • Cybersecurity professionals
  • Law enforcement personnel
  • Intelligence officers
  • Private/public Investigators
  • Forensics investigators


  • Creating customized data collecting scripts
  • Providing students with an all-source methodology
  • Discovering techniques needed to generate highly relevant intelligence
  • Understanding how to collect information from various social networks
  • Exploring the Darknet for information bases


  • First level of OSINT course
  • Advanced web search
  • Linux



In this module, participants will learn to use Linux for collecting data from different sources. Students will also learn to gather information regarding domains in different parts of the world.

Technical content

  • Linux Scripting
    Open-Source Intelligence
    Becoming Anonymous
    Building your Lab
    Virtual Private Network (VPN)
    Proxy Layer
    Working with VPS
    DNS Leakage Testing
    Reconnaissance of an Organization


Students will get to know practical tools and search engines they will handle to collect data throughout this module. They will deepen their understanding of various information sources and will focus on gathering data from social networks.

Technical content

  • OSINT Tools
    Online Tools and Frameworks
    Introduction to Basic Bash Scripting and Automation
    Extracting Information From Major Social Networks
    Extracting Metadata and Geolocation


Students will become familiar with a wider and more advanced array of OSINT tools and search engines in this module. They will understand how to use metadata and maximize the use of different filtering and customization options for searching. Students will gain the capabilities of identifying further information that may not be disclosed in a standard Google search.

Technical content

  • OSINT Tools In-Depth
    About Crawlers


The Darknet is considered the most prominent source of huge amounts of relevant information that is not accessible through the usual network. During this module, participants will learn to use the Darknet, pinpoint the information they are looking for, collect it, use avatars, purchase databases with sensitive information, and activate different automated tools for browsing and extracting information from the Darknet.

Technical content

  • Darknet Overview
    How Crawlers Operate
    Creating URLs Crawlers
    Creating Darknet Crawlers
    Understanding Cryptocurrency Marketing


The following labs are part of the actual BT209 course:
  • Lab 1 Tracing Basic Information
  • Lab 2 Searching for Information
  • Lab 3 Using OSINT Tools
  • Lab 4 Mastering Google Search-Engine
  • Lab 5 Automated OSINT Tools
  • Lab 6 Searching the DarkNet
  • Lab 7 Identifying Avatars
  • Lab 8 Configuring OSINT Automations

Real Cases Studies

Case Study #1 (TOS001)
A group called "OurMine" took control of the HBO accounts, as well as those for the network's shows, including Game of Thrones. The hackers released episodes of the series before scheduled dates. The security team was able to trace some of the hackers by tracing one of the attackers' nicknames on Twitter. You are hired to track the group.
Case Study #2 (TOS002)
On May 10th, the Illinois Air National Guard was a victim of information exposure. Personal information of Air Force members was leaked through social media platforms due to a lack of security settings on these websites. An intelligence team was assigned to the case, and you are one of them. Use your OSINT skills and tools to find leads to the incident.
Previous slide
Next slide
BT221 OSINT Automation

 Course type

This course is delivered in the following ways:

  • Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
  • In situe classroom with proctored labs and scenarios executed in our Cyberium Arena

All sessions are recorded and attendees can replay them  during 30 days. All course material is electronically made available to the participant.

 Course Group: FOUNDATION


 Hands-on / Theory MiX

The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.

1 %
Case Studies


This course prepares the participant to the following certification:

  • C|OSINT (Mcafee)

Required EqUIPMENT

Network connection

As this course extensively uses a cloud based Learning Management System, including a lab arena, attendees need a stable broadband connection to the Internet.

BYOD – Bring Your Own Device

As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:

  • Audio and Video
  • 8 GB RAM
  • 200 GB Disk Space
  • Virtualization capabilities ( supporting latest version of Virtualbox or similar virtual machine application)

And also a Good Headset with Mic

More Details