OSINT mindset speakers at KazHackStan 2024! ?

Our speakers are back in Kazakhstan at the largest cybersecurity conference in Central Asia — KazHackStan 2024. Here is the schedule of talks:
*?Sept. 11
OSINT Track
[11:00-11:45] Dukera — GEWEL: A structural approach to GEOINT
[11:45-12:30] Soxoj — The Art of Digital
Investigations: The SOWEL Framework
[14:00-15:00] Vitaly Perov — OSINT: Underestimated Dork requests
[15:00-15:50] Pandora — Social graphs against cybercrime
[15:50-16:35] Pritchard — Obsidian as a support in OSINT investigations*

*?Sept. 12*

Information Security
[12:00-13:00] Gospodin Sobaka — DeFi Exploits and Hacks: Reversing Blockchain Exploits
Main Stage
[14:00-14:40] Pandora — Not tracing alone: investigating modern cryptocurrency wallet attacks
[15:10-15:50] Katya Turing — Preventing internal data leaks
[15:50-16:30] Artyom Semenov — How to protect your MlOps pipeline and model code from fears, hatred and vulnerabilities?

*?Sept. 13*

Main Stage
[15:05-15:35] Adk — RedTeam: Abusing Google to fight Google

We wish our guys a successful performance and look forward to seeing everyone! ?

?Site | ? Forum | ? Family |▶YT

This summer, I almost gave a lecture on logic in open-source intelligence investigations at one of the universities in Amsterdam. Although the lecture didn’t happen, I would like to share some thoughts based on the materials I prepared, focusing on the perspective I usually take on OSINT – automation and enhancing the efficiency of investigations.

❓ What I find truly missing in OSINT tools is the lack of positioning regarding which hypotheses they cover and how. This is reflected in the prevalent “tool worship”, which often overshadows the understanding of how and why to use tools effectively.

Typically, you know how to use the tools, understand the types of information you can gather, and generally how they work. But the challenge for many OSINT tool users lies in assessing the reliability of this information and its relevance to their investigations.

? Many OSINT tools merely automate the verification of basic hypotheses, such as:

- There are accounts of the same person using the same username => let’s find all accounts by username.

- There are accounts registered with the same email address or phone number => let’s find all accounts using registration identifiers.

- There are leaks of accounts of PoI, and Found leaks contain valuable information about the PoI => let’s find all leaks using names, usernames, phone numbers, emails, etc.

These hypotheses are straightforward and typically involve uncontroversial logical chains (although they are probabilistic!). However, issues arise because usernames can be used by other people for fake or unrelated accounts; some platforms allow account registration by email without confirmation; phone numbers can be reassigned, leading to mismatches; and leaks can point to unrelated individuals or accounts as described above.

☝️ Therefore, even in simple investigations, it’s crucial to consider the logical chain and the probabilities of edge cases. And these probabilities may be highly dependent on the context of the investigation and must be taken into account.

I don't even touch on more complex hypotheses: face similarity, virtual connections between individuals, cryptocurrency wallet owner attribution by transactions, account activity patterns, etc. These require deeper analytics and validation to minimize human bias and ensure robust conclusions.

? Could this be automated? I'm sure yes. Experienced investigators perform such verifications and outline the key points in their reports, and it's not that hard to algorithmize.
Why? Let's not forget that everyone makes mistakes. The more we will automate, the fewer errors we’ll have.

It would be beneficial to have at least some level of logical reasoning support in professional OSINT platforms, connecting many tools and approaches in one place. Ideally, this would involve not just assigning a weight to links between information pieces but also automating the building of the entire logical chain based on available search and analytics methods, their accuracy, and the ultimate goals of the investigation.

? I understand that this topic may seem trivial to those who have been conducting investigations since the days when there was no Internet and every piece of evidence had to be painstakingly connected. However, given the overwhelming volume of information today, the barrier to entry for investigations has significantly lowered, as has the quality of logical reasoning and final conclusions, making this topic extremely important.

? What's your opinion on this?

#tools #realinside #vacation

It's possible to show accounts' profiles for messages in channels after the last Telegram release.
A new OSINT vector! ?

A quick update on X / Twitter, they have just made an accounts Likes Private, which is annoying and doesn't help us much but don't worry as there are always new OSINT tools & techniques being made available to help locate other useful intelligence

How to attract the attention of passersby at the Intelligence Support Systems conference? Put a Flipper Zero box on your stand. It can even be an empty one!

#iss #realinside

✅ ISS talk -- done!

Thank you to the participants for attending and for the positive feedback! Although I cannot publish the presentation, I can share the very methodology I mentioned. It is publicly available here: https://sowel.soxoj.com

#iss #sowel #community

Quite often, we can forget the simple rules of evaluating sources and the quality of information in our research.

Discover Fravia’s Golden Rules of a Seeker, 7 Questions to Evaluate Information, and Prof. Sielaff’s Lessons on Info Sources to master your research skills!

Read ? http://fravia.soxoj.com ?

#community #fravia

? Botnadzor.com - a platform to detect bots in VK.com by account, post, or group. API and browser extensions are available.

❓ The project is designed to disclose the scale of hidden propaganda, misinformation publicly, and lies coming from seemingly real profiles of existing people. The photos on these profiles are stolen from dating sites or other social networks.

? Link: https://botnadzor.org/

? How to detect botnets and artificial content: https://sowel.soxoj.com/artificial-content-botnets

#botnet #sowel

Great article on basic OSINT skills ? to start with, with detailed explanations from my dear SL CoE guys, Costanza and Polina!

?Must read! ?

- https://pirascostanza.substack.com/p/skillset-for-osint-analysts-to-get
- https://aleksandrovapolina.substack.com/p/skillset-for-osint-analysts-to-get

#sociallinks #osintmindset