We're in Micah Hoffman
11 March 2022

WE’RE IN! Episode 14: How to Become a Master OSINT Detective Without Leaving Home

Synack

By Kim Crawley

Keep your trenchcoat in your closet. The only magnifying glass you’ll need is that icon on your PC monitor or smartphone touchscreen. In the world of cybersecurity, you can become a detective by learning open-source intelligence, or OSINT for short. 

OSINT is all about how to use publicly available information sources to better understand cyberthreats, attacks and targets. Occasionally, OSINT work can be done by looking through old books, newspapers or paper documents like property or court records, but most relevant open-source intelligence sources can be found on the internet. All of that means you can become a master detective without ever leaving home.

OSINT isn’t accessing information that’s legally protected or requires hacking or other illicit actions to acquire. Doxxing isn’t OSINT. Spyware isn’t OSINT. It doesn’t involve bypassing encryption. Also, OSINT is passive research. If you need to communicate with the subjects of your research, that’s not OSINT. But exploring publicly available information sources, both digital and analog, is what OSINT is all about. And, more and more, it’s an important skill that’s used by both offensive and defensive security professionals. 

In Episode 14 of WE’RE IN!, Micah Hoffman, principal investigator and owner of Spotlight Infosec and founder of MyOSINT.Training, discusses how he honed his OSINT skills and how those abilities help offensive and defensive cybersecurity practitioners. 

“OSINT is a reconnaissance skill. It’s all about that preparation work that needs to be done before you do anything in cyber, whether it’s attacking or defending,” he told WE’RE IN! co-hosts Bella DeShantz-Cook and Jeremiah Roe. 

[You can listen to this episode of WE’RE IN! on Apple, Spotify, Simplecast or wherever you get your podcasts.]

Hoffman also discussed that often just really clever Googling can help security researchers who are hunting for vulnerabilities in customers’ websites. “Part of our process was just to Google the name of the website. I pulled back a PDF help document that said, ‘Hey, if you want to log into this website, use a username like this and a password like that.’ And wouldn’t, you know, it, I just typed those exact credentials in … and logged right in.”

He remembered thinking: “Wow, this is so powerful. Who needs hacking when I can just log right in?”

While OSINT researchers take advantage of just how easy it is to access individuals’ private information on the open web, they also understand the privacy risks of social media platforms better than most. “People don’t realize what is online and being revealed about their organizations, themselves, their activities and their families,” said Hoffman. “The reality is that we give up our privacy every single time we use an app, every single time we choose to purchase something.”

The full transcript of the interview is available here