Sorry for not posting in a while, started the EC-Council Certified Incident Handler course this week (will be posting about it next) but I have an absolute CRACKER of an interview for you here with a master of OSINT and someone extremely generous in sharing and teaching the community, its Ohshint.
I first came across Ohshint when trying to learn more about OSINT, his gitbook website is jam packed with hints, tips, resources and downloads and I must have spent HOURS reading through it.
Working in DFIR I think learning OSINT is perfect for me to do and marry it with my day job so been well happy to interview Ohshint.
How did you first get into doing OSINT?
It all started for me when I was very young. I was always a super curious kid when I wanted to know something about something. I obsessed over it and read everything I could find about whatever I was obsessing over at the time. Looking things up online on old BBS boards and IRC channels using a dial-up connection. Back then I was surprised that I was actually able to find what I was looking for most of the time.
In the later years (Around 2001 – 2003ish), I started looking for information online about my local area. Topographic maps, property lines, zoning stuff, water lines, and so on. Mainly because I was just curious what was out there, and I wanted to find some topographic maps I could print out and take with me on hikes with my friends.
I found so much information within a few hours that I did not even know what to do with it. Then I thought to myself; “What else can I find online?”.
That’s where the whole OSINT journey started for me, I guess.
How long have you been involved in the community now and how did the GIT with all the resources come about as something you decided to do?
I wouldn’t say I have been actively involved in the OSINT community for that long. Although, I have been a lurker within the OSINT and general intelligence communities for well over a decade. Started actually posting OSINT resources and tools maybe 4 or 5 years ago on various platforms.
After getting some recognition as the go-to “OSINT guy”, and constantly being bombarded with questions about OSINT related things. I decided to create a blog, so I could give beginners and professionals alike a place to go whenever being asked things. Figured it would make more sense to just have everything consolidated into one page instead of answering individual questions every day.
It has been going pretty good since I started the blog back in October of 2021. Most people seem to love it, and of course there are some people that hate it lol. Can’t really help them with that though.
Your site is such a great resource for people looking to get into OSINT but what would you recommend if someone like me wanted to get more involved?
Well thank you! Sharing is caring 🙂
For people that want to get more involved in the OSINT world, I’ve found that the best way to get into it is by joining a few OSINT communities on places like Discord. There are lots of great Discord servers for OSINT related projects and on-going investigations, and they always need more people to help out.
Here are some really awesome OSINT-focused communities I would highly recommend joining. Most of these communities have Discord servers for you to join and Twitter accounts to follow:
- [The OSINT Curious Project](https://osintcurio.us/)
- [Trace Labs](https://www.tracelabs.org/get-involved)
- [The OSINTion](https://www.theosintion.com/)>
- [OSINT Editor](https://discord.me/osinteditor)
- [OSINT FR](https://osintfr.com/en/home/)
- [Project Owl: The OSINT Community](https://discord.com/invite/projectowl)
- [Brigada OSINT](https://www.brigadaosint.com/)
Another great place to keep up-to-date with the latest OSINT news, techniques and resources is Twitter. The OSINT community is extremely active on Twitter. Plus, you will learn a lot from the entire community here, and everyone is usually always willing to help out and provide tips and resources.
Shoutz to: –
And so many others!
All of these people are all highly knowledgeable and certainly worth following!
I see you work as a private investigator, did the job come about because of your work in OSINT or did the OSINT come about because of the role?
A little bit of I suppose. As a kid, I always thought that being some kind of “spy” would be the coolest job ever. Never really thought that my OSINT skillset would be applicable as a career early on in life. So I stuck to working in the IT field for the most part. It was a good gig, but honestly it did become quite boring over time. Sitting at a desk pushing buttons 8 hours a day just wasn’t that fulfilling for me personally. I craved more excitement!
Originally, I thought about joining the military as an intelligence officer or something similar. But I decided that career path wasn’t the right fit for me. Wanted to combine both my technical skillset and my investigative skillset, so I aimed at the private sector instead, got my PI license and have not looked back since.
Doing OSINT for real cases that involve real people certainly upped my game that’s for sure. My OSINT skillset has drastically improved since I became a PI, but having previous background knowledge in both InfoSec and OSINT skills defiantly helped me hone my skills.
Do you have any other hobbies and things you are into other than OSINT, even other aspects of Cybersecurity?
Yes I do!
Some of my other hobbies and interests are firearms, forensics (both physical and digital), physical security, and hoarding data.
Personally, I like firearms. Collecting them, the history behind them, the engineering aspects of them, and of course, going out in the woods and shooting old cars and washing machines and stuff. Its just so much fun!
I really enjoy forensics as well. Mainly forensic document examination, like being able to identify and reverse engineer fake currency, forged documents, forged signatures and things like that. I don’t really know why I enjoy these types of things, as most people see that as an extremely boring subject. I guess its just one of those weird things I like lmao.
Lockpicking, bypassing, and general physical security things have also been a hobby of mine for many many years. For one, I just think it is a good skill to know just in case. Plus, the further you dive into the physical security realm. The scarier things get!
I am also an avid data hoarder (or “pirate”, whatever you prefer). I hoard mostly books and useful/interesting information. I currently have just over 112TB of total data. Around ~6TB of that is just books, over 850,000 of them in fact. 🙂
Why? Because I believe that information can, and should be, made freely accessible, recorded, programmed, and *understood*.
“We need to take information, wherever it is stored, make our copies and share them with the world. We need to take stuff that’s out of copyright and add it to the archive. We need *to buy secret databases and put them on the Web. We need to download scientific journals and upload them to file sharing networks. We need to fight for Guerilla Open Access.”
– [Guerilla Open Access Manifesto, by Aaron Swartz](https://archive.org/stream/GuerillaOpenAccessManifesto/Goamjuly2008_djvu.txt).
I have found, and I am maybe just imagining it, or it was maybe one guy in a forum, and I remember it differently, but OSINT gets a bit of a rough deal with people either not seeing it on a level pegging field as other skills or people saying its quite easy. I disagree with both by the way but wondered if this is something you have maybe found as well?
Can’t say I fully agree with people who say that OSINT does not require real skill. Although, I can understand why some people have this opinion. OSINT itself is actually easy to pick up and start learning. However, becoming a highly skilled OSINT professional will not happen overnight. Getting to this level can take years, or even decades to learn.
I understand this viewpoint though. Let’s say for example you compare an OSINT professional to a professional reverse engineer. Obviously these two examples are barely even comparable, because they are two totally different box of frogs. Although, they both would require years of practice and research to achieve.
Also, understand that most people do not even know, or even understand, what OSINT actually is or how its used. When someone who doesn’t know much about this field approaches me and asks what OSINT is, commonly they believe that all that’s involved is simply looking things up on Google. Which is a fair assumption, but it goes much deeper than that. After I explain it more in-depth to them, most of the time they are terrified and want to learn more.
I think it is safe to say that OSINT professionals, and “hackers” in general do have “power” over the average Jimmy. Wouldn’t you agree?
With regards to OSINT what are you currently using as your base operating system and what’s your go to tools?
Well, I tend to use virtual machines of course. Sometimes I will use a VPS if an investigation requires it.
For most OSINT related things, I personally don’t really like to use any of the pre-made OSINT tailored VMs. Don’t get me wrong though, most of these pre-made VMs are actually pretty great and I have played around with all of them at one point. Like the [Trade Labs OSINT VM](https://www.tracelabs.org/initiatives/osint-vm), or [CSI Linux](https://csilinux.com/), and of course the guide from [Michael Bazzell’s newest book](https://inteltechniques.com/book1.html) for creating your own Ubuntu OSINT VM. These are all awesome operating systems, and I would recommend using them if you aren’t very experienced with using a *nix environment.
For myself though, I prefer building my own VM for OSINT. Installing the tools I need and personalizing it to my preferences. Usually I use Debian for this, for no other reason other than because I like it.
First off, I always create the VM inside a hidden and encrypted volume (For OPSEC/paranoia, as well as legal reasons). I give the VM at least 16GB of RAM, and as many CPU cores as possible, because why not.
As for tools, there are so many that I use. I’ve created a simple BASH script that I run right after the initial install that installs most of me preferred tools. Here is a quick list of the tools off the top of my head that I use:
There are more, but you get the idea.
Following on from this what is your take on sock puppets, do you have a few long-term puppets, or do you just create as you need, same with email addresses actually?
Using sock puppet accounts is essential. Especially if you are doing any active OSINT (Which does happen sometimes, but it’s not recommended). I have a few long-term sock puppets that I use strictly for passive OSINT work. I never interact with any targets whatsoever with these accounts. Currently, I operate long-term sock puppets for Facebook, Instagram, Discord, Tinder, Telegram and Twitter. However, I don’t use most of them very often besides the Facebook one because Facebook is very ban-happy when it comes to sock puppets.
Usually, I tend to create new sock puppets for each investigation. Never using the same email address, username, or phone number twice.
gmail.com + fakenamegenerator + burner SIM = easy burners!
What is your tale on OSINT courses and certifications, do you think they are worth it financially, is one looked on higher than the rest?
I think that OSINT courses are great for people who are learning OSINT. Although they aren’t essential at all.
As for certifications, I feel that they are only useful to have so you can impress the HR department. In my opinion, they aren’t really needed whatsoever.
I don’t have any `¯\_(ツ)_/¯`
With people and sites making security a more important issue, are you finding it harder to get information through OSINT than before or does the constant posting to different social media make it easier to get information to work with?
Not at all, gathering information is so much easier these days than say 20 years ago. People willing post sensitive PII, incriminating evidence like pictures of their illegal firearms (often with serial numbers exposed too), stacks of cash, piles of drugs, their new car (with visible plate numbers), photos of their keys for their new homes (which can be cloned easily), and so on.
Take Facebook, Instagram or Twitter for example. Websites where people post everything going on in their lives, lists and photos of them, all their friends and family, names and photos of their pets, where they are, what they are doing, who they are doing it with? People basically “writing their own dox” in near real-time!
This is literally a wet-dream for intelligence agencies and investigators alike.
Everything is on the internet; you just have to know how to find it!
Thanks for reading guys, give him a look/follow at: –
OhShint Twitter = https://twitter.com/ohshint_
OhShint Site = https://ohshint.gitbook.io/oh-shint-its-a-blog/