We covered multiple OSINT case studies and challenges from HackTheBox, namely Easy Phish, Infiltration & ID Exposed, where we demonstrated how to gather information and intelligence using search engines, social media and other ways such as extracting location from email addresses.

Blue Team Study Notes

OSINT Study Notes

Customers of secure-startup.com have been recieving some very convincing phishing emails, can you figure out why?
Can you find something to help you break into the company ‘Evil Corp LLC’. Recon social media sites to see if you can find any useful information.
We are looking for Sara Medson Cruz’s last location, where she left a message. We need to find out what this message is! We only have her email: saramedsoncruz@gmail.com

HighLights

Commands used in DNS enuemration

nslookup -type=text secure-startup.com

nslookup -type=txt_dmarc.secure-startup.com

dig secure-startup.com ANY

In the second case, the challenge flag was found in this instagram profile.

In the third case, the location of the email owner was found opening Google hangouts, inspecting the page and looking for “jsdata” till the pattern of numbers was found.

OSINT Tutorials

Video Walkthrough

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles