You will learn how to carry out open-source investigations. Discovering and analyzing data from search engines, social media platforms, and the Dark Web is part of this. OSINT is an unstoppable skill that will significantly improve all your cybersecurity abilities.

"An OSINT investigation is like putting together a puzzle. You gather all the pieces, and then you start putting them together to see the big picture."

OSINT is a powerful tool for cybersecurity that can be used to identify and mitigate threats. By gathering information from public sources, OSINT can help organizations stay ahead of potential threats and protect their networks and data. Additionally, OSINT can help identify vulnerabilities in networks and systems and prevent attacks.

Some key skills that are generally useful for OSINT include the following:

Research and analysis skills: The ability to gather information from a variety of sources, analyze it, and draw logical conclusions.

Technical skills: The ability to use technology to gather information, including using search engines, social media platforms, and dark web tools.

Writing skills: The ability to write clearly and effectively, and to express complex concepts in a way that is easy to understand.

Thinking skills: The ability to think critically, solve problems, and come up with creative solutions.

MCSI's MOIS certification is perfect for those who want to learn all the right OSINT skills. The certification covers a wide range of topics, from social media to Dark Web investigations. Everything is hands-on so you can immediately put your new skills to the test.

The MCSI Open-Source Intelligence (MOIS) certification will equip you with the skillset necessary to carry out the following tasks:

• Create an anonymous presence to be used to conduct online investigative research and data collection
• Explain, collect, and analyse data collected from social media platforms: Instagram, Facebook, X, LinkedIn, Reddit, Discord
• Use information like usernames, telephone numbers and email addresses to gather additional public information about a target
• Show how to identify and extract sensitive information and metadata from public documents
• Use OSINT to recover evidence about images and videos circulated online using techniques like geolocation, tamper detection and language translation
• Identify text, images and videos generated and manipulated using Artificial Intelligence (AI)
• Create professional reports to deliver actionable intelligence retrieved using OSINT

MCSI is one of the most respected and trusted names in cyber security education and training. Our certifications teach critical skills, knowledge and abilities needed to advance a career in cyber security. Our courses are comprehensive and up-to-date, and our instructors are experienced professionals who are dedicated to helping students learn. MCSI provides the real-world skills and knowledge you need to protect any organization from cyber threats.

• Create an anonymous presence to be used to conduct online investigative research and data collection

  There are numerous advantages to maintaining an anonymous internet presence. Individuals can perform online investigative investigation and data collection without fear of retaliation thanks to anonymity. It can also be used to protect whistleblowers and political dissidents' identities. Anonymity is also a useful technique for safeguarding the privacy of personal data.

  While conducting an OSINT investigation, there are a number of tactics that can assist you remain anonymous. Here are a few of the techniques covered in this course:

  Pseudonyms

  One way to protect your identity and personal information when conducting online searches is to use a pseudonym instead of your real name. This will help to keep your private information confidential and out of the hands of anyone who may be interested in harming you or stealing your identity. Additionally, it is always a good idea to be mindful of the websites that you visit and the information that you share, as not all websites are safe and trustworthy. By taking these simple precautions, you can help to keep yourself and your loved ones safe and protected online.

  Proxies

  A proxy server allows you to conceal your IP address and surfing habits from prying eyes.

  Virtual Private Network

  There are several reasons why you should utilise a VPN. Perhaps you're concerned about your privacy and don't want your internet service provider (ISP) to know what you're up to online. Perhaps you're travelling and don't want local networks to monitor or stop your traffic. Perhaps you live in a country with tight Internet censorship and wish to be able to access websites that have been restricted.

  Using a VPN, for whatever purpose, is a terrific way to keep your internet traffic secret and secure. VPNs are simple to set up and use, and they work on a variety of platforms, including PCs, Macs, cellphones, and tablets.

  TOR

  The TOR network is a collection of volunteer-run servers that enable anonymous internet access. The Onion Router (TOR) is a term that refers to the numerous layers of protection that are utilised to hide your identity and location. Your traffic is routed via a number of different servers before reaching its destination when you utilise TOR, making it harder to track your activity. TOR is a free and open source anonymity network that has been utilised by journalists, activists, and privacy advocates all around the world.

  Private Email Accounts

  Use a private email account instead of your personal email address when signing up for online services. This way, you can keep your personal email address private and only share it with people you know and trust. If you ever need to stop utilising the service, simply delete your account using your private email address.

  Secure Browsers

  Ensure that your web browser has strong security features like HTTPS and SSL enabled. This will help prevent third parties from intercepting your data and browser history. You'll learn a lot more browser security hardening techniques.

  Security Awareness

  When conducting OSINT investigations anonymously, it's vital to be aware of the security dangers. You expose yourself to attacks from hostile actors that are interested in tracing down your movements and activity if you remain anonymous. To protect yourself, it is vital to take steps to secure your identity and computer systems. You should also be aware of the risks of disclosing personal information on the internet and take steps to protect your privacy. By being aware of the security risks inherent with OSINT investigations, you may protect yourself and your investigations while still enjoying the benefits of anonymity.

• Collect data from hundreds of high-value data sources

  It can be difficult to collect data from hundreds of high-value OSINT data sources. It may, however, be a fairly manageable procedure if the correct tools and techniques are used.

  Search Engines

  Search engines are an important part of any OSINT investigation. They can help you find information on the internet about people, organizations, and other topics. There are many different search engines, but the most popular ones are Google, Yahoo, and Bing.

  When you are conducting an OSINT investigation, it is important to use all of the resources at your disposal. This includes using search engines to find information on the internet. The best way to use search engines is to use a variety of different search terms to get as much information as possible.

  Social Media Platforms

  Social media platforms are valuable sources of information for open-source intelligence (OSINT) investigations. These platforms allow users to share information publicly and openly. This makes them an ideal source of information for investigators who are looking for leads or information that may not be available elsewhere.

  There are a number of social media platforms that can be useful for OSINT investigations. The most popular social media platforms, such as Facebook, Twitter, and LinkedIn, are all useful for finding information. These platforms can be a valuable resource for investigators who are looking for information about people, companies, or other organizations.

  Code Repositories

  Some open source intelligence (OSINT) investigations rely heavily on code repositories. They can provide significant insight into a company's or organization's operations, as well as information on potential security flaws. While there are several code repositories accessible, GitHub and SourceForge are two of the most popular.

  Both GitHub and SourceForge have search engines that allow you to search for specific code files or projects. They also have community forums where developers can ask questions and discuss code projects.

  Email Addresses

  Email addresses are one of the most important pieces of information in an OSINT investigation. They can provide a wealth of information about a person, including their name, their contact information, and their place of work. In order to find email addresses for an investigation, you can use a variety of online tools and websites.

  IP Addresses

  An IP address (internet protocol address) is a unique identifier assigned to devices participating in a computer network using the internet protocol. Most devices that connect to the internet are assigned a public IP address, which can be used by anyone to find and connect to the device.

  When conducting OSINT investigations, it is important to understand the role of IP addresses in networking. Investigators can use public IP addresses to identify the physical location of a device and its owner. By tracing the IP address back to the hosting provider, investigators can often obtain additional information about the device and its owner, including name, email address, and contact information.

  In some cases, investigators may also be able to identify the specific device model and operating system used by the owner of a public IP address. This information can be helpful in identifying the target of an investigation and understanding their online activities.

  Online Communities

  There are many different online communities that can be useful for OSINT investigations. Some of these communities are open to the public, while others are invitation-only.

  Public communities include social media platforms like Facebook and Twitter, and online forums and discussion boards. These platforms can be used to gather information about individuals, organizations, and events. They can also be used to track sentiment and activity around specific topics.

  Invitation-only communities include private social media groups, Slack channels, and email lists. These communities can be used to gather information that is not available in public forums.

  Documents

  Documents are a valuable source of information for any OSINT investigation. They can provide information about the subject of the investigation, as well as their associates and activities. Documents can be obtained from a variety of sources, including public records databases, online archives, and commercial data providers.

  Public records databases are a great resource for documents. They typically contain a variety of records from government agencies, such as birth certificates, marriage licenses, and property records. They also often contain court records and other government documents.

  Online archives are another great source of documents. They are typically collections of historical documents that have been scanned and made available online. This can include everything from ancient manuscripts to vintage newspapers.

  Commercial data providers are a great source of business records. They typically have detailed information on business owners and executives, such as addresses, phone numbers, and email addresses. They can also include information on business finances and operations.

  Maps

  Maps are a valuable tool for Open-source Intelligence (OSINT) investigations. They can provide a high-level view of an area or region, showing political boundaries, physical features, and points of interest. Maps can also help investigators identify relationships between people and places, and track changes over time.

  Domain Names

  Domain names are a valuable part of OSINT investigations, as they can provide important information about the owner of a website. Most domain names are registered through a domain name registrar, which is a company that manages the registration of domain names. By looking up the registrar for a given domain name, you can often get information about the owner of the website. Additionally, if the website is hosted on a server, you can often find information about the server by looking up the IP address associated with the domain name.

  Data Breaches

  A data breach is the intentional or unintentional release of confidential, sensitive, or private information. Data breaches can include email addresses, Social Security Numbers, credit card numbers, and other Personally Identifiable Information (PII).

  Dark Web

  The Dark Web provides a platform for anonymity and illegal activities. It can only be accessed through special software and is not indexed by traditional search engines. This makes it a haven for criminals who want to avoid detection. The Dark Web is also used in OSINT investigations to gather information about potential targets. Investigators can use special search engines to find websites and forums that are not accessible to the general public. This can give them a better understanding of the target's activities and vulnerabilities.

• Perform Pivot Analysis to identify all the publicly available data on a target

  Pivot analysis is a process used in open source investigations to identify and track relationships between individuals, organizations, and events. The goal of pivot analysis is to create a network of information that can be used to identify previously unknown links and relationships between entities of interest. Pivot analysis can be used to identify potential suspects, victims, or witnesses in an investigation. It can also be used to identify potential sources of information or leads in an investigation.

  To perform a pivot analysis, the investigator begins by identifying a central entity or event in the investigation. The investigator then uses publicly available information to track the relationships between the central entity and other entities of interest. This process is repeated until all entities of interest have been linked to the central entity. The investigator then uses the information gathered in the pivot analysis to develop a hypothesis about the investigation.

• Develop professional procedures and methodologies for delivering professional OSINT engagements in the field

  It is important to develop professional procedures and methodologies when delivering professional OSINT engagements in the field in order to ensure the quality and accuracy of the information collected.

  In today's fast-paced and ever-changing world, it is more important than ever to have accurate and timely information when making decisions. OSINT provides a unique perspective on the adversary that can be used to inform those decision makers. However, in order for OSINT to be useful, it must be collected and processed correctly.

  Developing professional procedures and methodologies ensures that the OSINT collected is of the highest quality and that it meets the specific needs of the customer.

• Write professional OSINT reports

  The content of an OSINT report should be organized into six sections: an executive summary, scope of work, methodology, narrative, target profile face card/sheet, and appendices. Each component should be labelled correctly, and each paragraph should be well-written and simple to comprehend. Wherever possible, supporting evidence should be supplied, especially in the form of screenshots or pictures. The report should be formatted professionally, with headers and footers that are appropriate.

  Executive Summary

  An executive summary for an osint report should provide a brief overview of the report's findings. It should explain what osint is, what was found during the research process, and what the implications of the findings are. The executive summary should be clear, concise, and free of any jargon.

  Scope of work

  An OSINT report's scope of work section typically outlines the specific goals and objectives of the report, as well as the methods and tools used to collect the data. It is important to be as specific as possible in this section so that the reader knows exactly what to expect from the report. The scope of work should also be tailored to the specific client or audience for whom the report is being prepared.

  Methodology

  The methodology section of an OSINT report should describe the process and tools used to gather and analyze the data. It should also explain how the data was evaluated and how the conclusions were reached. This section should be clear and concise so that readers can understand how the information was collected and what methods were used to arrive at the final report.

  Narrative

  An OSINT report's narrative section is designed to give a clear and concise overview of the information that has been gathered. It should be written in a way that is easy to understand, and should not contain any unnecessary information. The narrative should be logical and well-organized, so that readers can easily follow the chain of events that led to the information being gathered.

  Target profile face card/sheet

  This is where all of the gathered information about the target is compiled into an easy to digest format. This format includes things like a physical description, known associates, and any relevant information about the target's background. This section is important because it allows the reader to get a quick overview of who the target is and what they are all about.

  Appendices

  This section contains information that supports the findings in the report. This information can include links to websites, screenshots, and other documentation. The appendices section is important because it provides readers with additional information that they can use to verify the findings in the report.