OSINT Framework (with Justin Nordine)

OSINT Framework (WITH Justin Nordine)

ADVANCED PERSISTENT SECURITY PODCAST

EPISODE 29

GUEST: Justin Nordine

December 19, 2016

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.

NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

OSINT Framework (WITH Justin Nordine)

SHOW NOTES

PART 1

Instead of discussing the news, we decided to talk about Josh Huff‘s recent OSINT Fire Drills: Monitoring the Internet blog post. We discuss his approach in evaluating change detection and his use of and testing of a variety of tools. Joe also relates this to contingency and redundancy. We talk about when testing of new tools is appropriate and when it is not. We discussed Josh’s DerbyCon talk. The discussion shifted to the breadth of OSINT and the integration of OSINT into Penetration Testing and Red Teaming.

PART 2

Justin talks about the origins of OSINT Framework. It began as a project with some of his co-workers. We talk about the change detection tools within OSINT Framework and some case studies relative to Josh’s blog post. We discuss the use of typo squatting for OSINT and Social Engineering as well malicious use. We talk about contributing information to threat intelligence feeds like AlienVault Open Threat Exchange (OTX). OSINT and the election is covered in terms of the misinformation campaigns and candidates using OSINT to better understand their constituents.

PART 3

We talk about analyzing Metadata. Justin provides examples of scraping metadata from pictures on websites like Facebook or Craigslist. He talks about sites now removing or obfuscating metadata to protect users. We discuss use cases for malicious software from the attacker and defender perspectives, when to scan your own files for exploitation (thus burning them) versus keeping them. The discussion shifts to Operations Security (OPSEC). We discuss persona generation and when to employ it. Joe mentions Riffle as a Tor alternative.

Riffle Information:

Tech Crunch article about Riffle
Riffle

ABOUT Justin

OSINT Frmework (with Justin Nordine)
Justin Nordine

Justin is a “Cyber Pathologist” by day. He holds various SANS/GIAC certifications. He is active in the lock picking and lock sports communities. He is the author of OSINTFramework. He resides somewhere in the Carolinas.

CONTACTING Justin:

Twitter: @jnordine
OSINT Framework
GitHub: Lock Fale


PASSWORD BLOG LINKS:

AlienVault
Hosted Locally on Advanced Persistent Security

WI-FI BLOG LINK:

AlienVault
Hosted Locally on Advanced Persistent Security

POWERSHELL LINK:

AlienVault


JOE’S BLOG ON ITSP:

When Friendly Thermostats & Toasters Join The IoT Dark Side

Joe’s Blog on Tripwire:

Burgling From an OSINT Point of View

Joe’s Blogs on Sword & Shield Enterprise Security’s site:

Holiday Shopping Safety Series: Shopping Via Credit Card and e-Commerce
Holiday Shopping Safety Series: Holiday Scams and Hoaxes

Joe’s Work with WATE 6 News in Knoxville, TN:

Shopping online safely this holiday season
iPhone scam uses text messages to hack iCloud information
Maryville hacker takes over Facebook accounts

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:


Delivered by FeedBurner

SUBSCRIBE TO OUR MAILING LIST

* indicates required