OSINT stands for open source intelligence and it’s the collection and gathering of information using publicly available sources to define and identify a persona.

Usually OSINT centers around uncovering activities as part of an investigation about an identity on the internet. Google, Facebook, Twitter, Github and other available public sources are places OSINT practitioners go to to gather information.

In this post, We covered what is OSINT and how to gather information using public resources. We solved a case where we uncovered a persona using Google and Github. This was part of TryHackMe Advent of Cyber 3 Day 16

Downlaod learning material in PDF

Get OSCP Certificate Notes

The challenge scenario goes as follows

Grinch Enterprises has decided to use the best festival company to try their new ransomware service. While they think that this is a great proving ground, McSkidy is adamant to determine their goals and share them with the wider security community – can you use your open source intelligence methods to find out more information about their ransomware gang!

Learning Objectives

  • Understanding what OSINT is and where it originates
  • Understand the implications of OSINT and how it can be used for reconnaissance and information gathering
  • Learn how to conduct an OSINT investigation to gather information on an individual

Challenge Answers

What is the operator’s username?

GrinchWho31
What social media platform is the username associated with?

Twitter
What is the cryptographic identifier associated with the operator?

1GW8QR7CWW3cpvVPGMCF5tZz4j96ncEgrVaR
What platform is the cryptographic identifier associated with?

keybase.io
What is the bitcoin address of the operator?

bc1q5q2w2x6yka5gchr89988p2c8w8nquem6tndw2f
What platform does the operator leak the bitcoin address on?

GitHub
What is the operator’s personal email?

DonteHeath21@gmail.com
What is the operator’s real name?

Donte Heath

Video Walk-Through

https://www.youtube.com/watch?v=wdhe1ZHl1F0