Today I would like to talk about how to become a good OSINT investigator, but to continue the conversation I would like to make a small disclaimer — I will tell you only some aspects because the topic is very vast and I can not describe everything in one article, however, I will try to show you the way and how to pass this path.
To begin with, I want to say that I will consider OSINT as a set of skills or a
Or even a
All of what I said above you can develop in yourself, but the essence of all directions is the same — the ability to notice in the flow of information valuable information, anomalies, see the differences, carefully analyze the facts and build a logical chain. Today I would like to give you the first lesson, all resources which I will advise you — I studied by myself earlier:
Didn’t everyone make cheat sheets at school? It’s time to do it again, because in the future it should evolve into a
I can recommend that you turn to an interesting subculture that is suitable for introverts! I am sure that everyone is interested in various strange phenomena in one way or another. Immerse yourself in a net-stalking environment. Sometimes ordinary people were able to solve crimes which the police could not solve for years with OSINT and GEOINT alone (I could put in here links to subreddits, movies and news bulletins but since you and I are now doing OSINT I advise you to find it yourself. A little tip — use searches with different IPs, over different time ranges on different
The main thing is to remember your health, it is above all, do not let your principles be shaken by what you see. You are an observer. Here well helps to understand the psychology of
Some NetStalking Resources (use deepl.com for a better translation):
Keep in mind that in this part of the Global Internet (I mean OSINT in general, not only the Net-stalking), the percentage of people who are actively looking for problems or need to express their emotions is no different from other places. So, follow OpSec rules and don’t make too many mistakes. Conduct your activities from a separate, isolated device.
Once you can distinguish the information, sort it out then the next thing you can do is start practicing. As you know, good practice requires good motivation, and most likely at this point our paths will separate.
Here is a very good brain-stretching game will help to train associative thinking — a very important skill for anyone in OSINT:
Some will enjoy
You may want to de-anonymize telegram users (
I’ll highlight some basic advice for you — evaluate information according to different criteria, always know your “base settings” — it’s good for the mental health, the things you find shouldn’t ruin your foundations. Practice it, do it in your daily life, apply OSINT where it seems un-obvious like mentioned below:
Join communities, of course and chat, chat! Above I’ve only mentioned English-speaking communities but there are also local ones like
| Here I will tell you exactly how I investigate crypto hacks and security incidents, and describe methodology:
OpSec:
Use dangerzone.rocks if you are working with PDFs and please follow OpSec Guide!
Google Dorks:
References:
Personal Crypto Security & OpSec:
A) Understand that all sorts of blockchain.info, TrustWallet, MetaMask and other wallets are just interfaces.
B) Consider cold wallets, personally I do not trust Ledger or Trezor. There is a hardcore version
C) Make a cold
D) Check what are you signing, if we speak about ETH and similar chains, never use your main cold storage for casual work, but if you have to (for example, sign a gnosis-safe
E)
|Check out wallet rating:
F) Accept as a fact that if the device falls into the
G) Always double check an address you've copied to the clipboard. There is an evil software existing
H) Be aware of modern attack methods, carefully read step-by-step
I) Cold wallet attacks & defense methods, reading list from CIA:
J) Study
K) For deals use
L) Use
M) Counter-OSINT is important. Read about it more
N) Go thorough my Auditor Guide.
O) Check out DeFi RoadMap:
P) Check out advanced methods here and here.
Use dangerzone.rocks if you are working with PDFs and please follow OpSec Guide!
Carefully study these resources and come back to them as you journey through the world of the hornets, don’t forget the roots. This article does not answer questions, but rather raises some rhetorical questions to encourage you to think about something.
Thank you so much for reading till the end, I will try to formulate my thoughts and write some more articles on this topic in future!
May the Force be with you!
Support is very important to me, with it I can spend less time at work and do what I love — educating DeFi & Crypto users!
If you want to support my work, you can send me a donation to the address:
Also published here.