We covered multiple OSINT case studies and challenges from HackTheBox, namely Easy Phish, Infiltration & ID Exposed, where we demonstrated how to gather information and intelligence using search engines, social media and other ways such as extracting location from email addresses.

Blue Team Study Notes

OSINT Study Notes

Customers of secure-startup.com have been recieving some very convincing phishing emails, can you figure out why?
Can you find something to help you break into the company ‘Evil Corp LLC’. Recon social media sites to see if you can find any useful information.
We are looking for Sara Medson Cruz’s last location, where she left a message. We need to find out what this message is! We only have her email: saramedsoncruz@gmail.com


Commands used in DNS enuemration

nslookup -type=text secure-startup.com

nslookup -type=txt_dmarc.secure-startup.com

dig secure-startup.com ANY

In the second case, the challenge flag was found in this instagram profile.

In the third case, the location of the email owner was found opening Google hangouts, inspecting the page and looking for “jsdata” till the pattern of numbers was found.

OSINT Tutorials

Video Walkthrough

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles