Hjem

Foreword xix Preface xxi Introduction xxv
Part I Foundational OSINT 1
Chapter 1 Open Source Intelligence 3
1.1 What Is OSINT? 3
1.2 A Brief History of OSINT 6 The Past 6 The Present 8 The Future 10
1.3 Critical Thinking 14
1.4 Mental Health 16
1.5 Personal Bias 17
1.6 Ethics 19
Chapter 2 The Intelligence Cycle 23
2.1 What Is the Intelligence Cycle? 23
2.2 Planning and Requirements Phase 24
2.3 Collection Phase 26 The Art of Pivoting 27 Overcoming OSINT Challenges 33 RESET Technique 33 Gap Analysis 34 Why We Have So Much Data 37
2.4 Documentation Methods 39
2.5 Processing and Evaluation Phase 44 Scoping 45 Data Enrichment 45
2.6 Analysis and Production Phase 47 Visualizations 47
2.7 Reporting 50 Report Tone 51 Report Design 51 Example Report 54
2.8 Dissemination and Consumption Phases 54 Tippers 55 Feedback Phase 55 Challenges in the Intelligence Cycle 55
Chapter 3 The Adversarial Mindset 57
3.1 Getting to Know the Adversary 57
3.2 Passive vs. Active Recon 64
Chapter 4 Operational Security 67
4.1 What Is OPSEC? 67 Threat Modeling 68 Persona Non Grata Method 68 Security or "Baseball" Cards 69 Attack Trees 71
4.2 Steps for OPSEC 72 Outlining the Five Steps of OPSEC 72 Step
1: Define Critical Information 72 Step
2: Analyze the Threat 72 Step
3: Determine Vulnerabilities 73 Step
4: Risk Assessment 73 Step
5: Apply Countermeasures 74
4.3 OPSEC Technology 77 Virtual Private Network 77 Why Use a VPN? 77 Choosing a VPN 78 VPN Concerns 78 Privacy Browsers 79 Tor 79 Freenet 80 I2p 82 Virtual Machine 83 Mobile Emulator 85
4.4 Research Accounts 85
4.5 Congratulations! 90
Part II OSINT Touchpoints 91
Chapter 5 Subject Intelligence 97
5.1 Overview 97 What Is Subject Intelligence? 98 Digital Footprint 98 Examining a Subject''s Pattern of Life 102
5.2 Names 106 Subject Names 106 Naming Conventions 107 Arabic Naming Conventions 107 Chinese Naming Conventions 109 Russian Naming Conventions 109 Name Searching Techniques 110
5.3 Subject Usernames 110 Username Searching Techniques 111 Correlating Accounts and Subject Information by Username 112
5.4 Subject Emails 116 How to begin connecting accounts 117 Correlating Accounts and Subject Information by Email 117 Google Accounts 119 Correlating an Email with a Domain 120 Email Verification 122 Privacy Emails 124 Data Breaches 125
5.5 Subject Phone Numbers 129 Typing Phone Numbers to additional selectors 129 Correlating a Phone Number with a Subject 129 Phone Number Spoofing 131
5.6 Public Records and Personal Disclosures 132 Methods for incorporating public records searches 132 Collecting Public Records Associated with a Subject 132 U.S. Official Public Record Sources 134 U.S. Unofficial Sources 142
Chapter 6 Social Media Analysis 145
6.1 Social Media 145 Key Parts of Social Media 146 Collecting Social Media Data on a Subject 148 Correlating Subject Social Media Accounts 149 Subject Associations and Interactions on Social Media 151 User Media and Metadata 156 Social Media Pivots at a Glance 159
6.2 Continuous Community Monitoring 160 Methods for the Continuous Monitoring of a Group 160 Facebook Groups 161 Telegram Channels 162 Reddit 164 4chan and 8kun 166 I Joined a Community, Now What? 167 I Am Unable to Join a Community, Can I Still Monitor Them? 168
6.3 Image and Video Analysis 169 How to Look at an Image/Video 169 Reverse Image Searching 172 Image- Based Geolocation 173 Image Analysis 173 Geolocation Steps 175 Image Analysis 177 Geolocation Steps 178 Image Analysis and Geolocation for Real- Time Events 181
6.4 Verification 184 Misinformation, Disinformation, and Malinformation 185 How Do We Verify If Content Is Mis/Dis/Mal? 186 Spotting a Bot Account or Bot Network 187 Visualizing and Analyzing Social Networks 190 Spotting Digitally Altered Content 193 Photo Manipulation 196 Video Manipulation 199
6.5 Putting It All Together 200 Chasing a Puppy Scam 200
Chapter 7 Business and Organizational Intelligence 209
7.1 Overview 209 What Is Organizational Intelligence? 209
7.2 Corporate Organizations 212 Understanding the Basics of Corporate Structure 213 Entity Types 213
7.3 Methods for Analyzing Organizations 215 Government Sources and Official Registers 216 Edgar 218 Annual Reports and Filings 219 Annual Report to Shareholders 220 Forms 10- K, 10- Q, and 8- K 220 Digital Disclosures and Leaks 220 Organizational Websites 221 Social Media for Organizations 225 Business Indiscretions and Lawsuits 226 Contracts 229 Government Contracts 229 Contract Reading 101 231 Power Mapping 239 Tips for Analyzing Organizations Outside the United States 243 Canada 243 United Kingdom 243 China 246 Russia 246 Middle East 249
7.4 Recognizing Organizational Crime 250 Shell Corporations 251 The "Tells" 252
7.5 Sanctions, Blacklists, and Designations 253 Organizations that designate sanctions 254 The United Nations Security Council 254 The Office of Foreign Assets Control 254 Other Blacklists 254
7.6 501(c)(3) Nonprofits 255 Primary Source Documents 256 IRS Form 990 256 IRS Tax Exempt Organization Search 257 Annual Reports 258 Consumer Reports and Reviews 259 Charity Navigator 259
7.7 Domain Registration and IP Analysis 260 An Organization''s IPs, Domain Names and Websites 261 What Is an IP address? 261 What Is a Domain Name? 261 What Is a Website, and Why Does All of This Matter? 261 Analyzing Organization Websites 262 Robots.txt 262 Website Design and Content 263 Website Metadata 264 Analyzing WHOIS Record Data 265 Analyzing IP Addresses 267 IP Addresses 101 267 What Can I Do with an IP Address? 269 Words of Caution 270
Chapter 8 Transportation Intelligence 273
8.1 Overview 273 What Is Transportation Intelligence? 273 The Criticality of Transportation Intelligence 274 Visual Intelligence 275 Spotters 275 Social Media Disclosures 276 Webcam 276 Satellite Imagery 278 Signal Detection 281 Understanding Navigational Systems 282 Dark Signals 284 Signal Spoofing 285 Identity Manipulation 287 GNSS Jamming 287 GNSS Meaconing 288
8.2 Vessels 289 Introduction to Maritime Intelligence 289 Types of Maritime Entities 289 Vessel Terminology 290 Maritime Discovery and Analysis Methods 291 Vessel Paths and Locations 292 Vessel Meetings 293 Port Calls 297 Maritime Entity Ownership and Operation 300 Maritime Critical Infrastructure and Entity Vulnerabilities 301 Ship-to-Shore Critical Infrastructure 302
8.3 Railways 305 Introduction to Railway Intelligence 305 Types of Railway Entities 306 Railway Terminology 307 Railway Discovery and Analysis Methods 308 Visual Identification of Rail Lines 308 Railway Routes and Schedules 314 Railway Entity Ownership and Operation 317 Railway Critical Infrastructure and Entity Vulnerabilities 318
8.4 Aircraft 323 Introduction to Aircraft Intelligence 323 Types of Aircraft 324 Parts of a Typical Jet 325 Aircraft and Air Travel Terminology 327 Aircraft Discovery and Analysis Methods 328 Identifying Aircraft 329 Flight Paths and Locations 346 Limiting Aircraft Data Displayed and Private ICAO Addresses Listings 349 Tracking Cargo 350 Notice to Air Missions (NOTAMs) 350 Air Traffic Control Communications 352 Aerodromes 352 Geolocation and Imagery Analysis of Aircraft 355 Aviation Entity Ownership and Operation 358 Aviation Critical Infrastructure and Entity Vulnerabilities 361
8.5 Automobiles 362 Introduction to Automotive Intelligence 362 Types of Automobile Entities 362 Automobile Terminology 363 Automobile Discovery and Analysis Methods 364 Identifying Automobiles 364 Tips for Monitoring and Analyzing Automobile Routes 371 Automobile Entity Ownership and Operation 374 Automobile Security and Technology 375
Chapter 9 Critical Infrastructure and Industrial Intelligence 379
9.1 Overview of Critical Infrastructure and Industrial Intelligence 379 What Is Operational Technology? 384 What Is IoT and IIoT? 385
9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems 387 Planning the Analysis 388 Five Possible Information Gathering Avenues 388 Visualizations 390 Plotting Locations with Google Earth Pro 391 Using Premade Visualizations 397 Public Disclosures 402 Contracts 402