2. Me Me Me…
•Who/What am I?
•Simple answer:
• Father/Husband/Son/Brother
• Programmer/Pentester/Researcher
• Hillbilly
3. What is OSINT?
“Open Source Intelligence, often referred to as OSINT, can mean
many things to many people. Officially, it is defined as any
intelligence produced from publicly available information
that is collected, exploited, and disseminated in a timely manner
to an appropriate audience for the purpose of addressing a
specific intelligence requirement. For the CIA, it may mean
information obtained from foreign broadcasts. For an attorney, it
may mean data obtained from official government documents that
are available to the public. For most people, it is publicly available
content obtained from the internet.”
--Michael Bazzell
Me? I have been around for a while…
Somewhere around 18 years or so in the InfoSec field.
Over that time, I have been a programmer, researcher, and pentester (currently for Rapid7).
But most of all, I am a father, husband, son, and brother.
OSINT is intelligence produced from publicly available information
First of all I am NOT a lawyer:
By from what I understand the answer is …Maybe.. But usually yes.
If you were able to collect the data by access a website or other source without breaking access controls or something similar, then you should be fine.
What about password/data breaches/leaks.. Well.. It is probably best to not download/view them. I know that sometimes it can cause issues if you have a security clearance or can cause issues in court cases and such.
pentester
Search Engines
Google, Bing, …
Social Media
Facebook, Twitter, LinkedIn, …
Online Communities
Reddit, …
Data Sharing
Pastebin, …
Corporate
www.company.com, jobs.company.com, …
Google
Bing
Yandex
Yahoo
Baidu
Duckduckgo
SHODAN
Google dorks
Google
SHODAN
Archive.org / waybackmachine
Facebook searches
https://www.facebook.com/search/str/Adrian%20Sanabria/users-named/intersect
https://www.facebook.com/adrian.sanabria
adrian.sanabria 508092249
https://www.facebook.com/search/508092249/photos-by
https://www.facebook.com/search/508092249/photos-liked
https://www.facebook.com/search/508092249/photos-of
https://www.facebook.com/search/508092249/apps-used
https://www.facebook.com/search/508092249/events
https://www.facebook.com/search/508092249/employers
https://www.facebook.com/search/508092249/friends
Twitter
site:linkedin.com adrian sanabria