•This course focuses first and foremost on developing your technical and critical thinking skills required to conduct online investigations and information gathering from open sources, in a secure and anonymous manner. My main goal is not only to provide expertise and best practices on online security & anonymity, but also to encourage and support you in developing the right mindset and attitude towards the act of thinking like an online detective.
•Part 1 focuses on raising awareness on security and anonymity requirements while collecting online information on a subject of interest. We will be presenting in a clear and structured way the 5 solid steps to building your very own cyber-stronghold. I will discuss methods to reduce the vulnerabilities in your defenses, and increase your resilience to different types of attack vectors from the current cyber-threat landscape that can severely handicap your OSINT investigative efforts.
•In part 1 you will:
•· Get introduced to operational security/OPSEC, explore the current online threat landscape and most common vulnerabilities overlooked by users, create a risk matrix and identify risk mitigation techniques to protect your assets
•· Explore in depth the 5 building blocks to create your own cyber-stronghold for OSINT: 1 – Windows OS hardening, 2 – Firefox browser hardening, 3 – Isolation and virtualization, 4 – Connecting anonymously to the Internet and 5 – User best practices
•· Harden your Windows 10 OS, reduce threat privilege level, minimize user tracking, configure Windows Firewall using the WFControl app, master disk & file encryption using Veracrypt, use Applocker, harden the HOSTS file and more
•· Complete an exhaustive hardening setup guide for Mozilla Firefox, install recommended extensions for security & privacy, discover how users are being tracked online, how your internet browser is fingerprinted by websites and how to test and minimize your browser’s fingerprint
•· Create a dual boot environment with Windows 10 and Debian 10 Buster, learn to setup virtual machines with VirtualBox and VMware
•· Discover the strengths and weaknesses of Linux distros specialised for security&anonymity: Tails, Whonix, Qubes OS and why they are not recommended for OSINT
•· Choose the best operating system and browser for OSINT, get a preview  of Linux distros specialized for OSINT such as Buscador, Huron, OSINTUX
•· Implement OPSEC rules and best practices to harden your mobile and WIFI connections to the internet, select a good VPN provider
•· Explore the pro’s and con’s of using TOR and I2P for OSINT, do a quick dive into encryption
•· Learn advanced techniques such as nesting/chaining multiple virtual machines and anonymization services
•· Implement best practices in managing passwords with KeepassXC, selecting a good email provider, backup utilities, hash tools, EXIF and metadata removal
•This is Part 1 of 3 of the structured OSINT analysis course. After the completion of all 3 parts, you will have a solid knowledge and skillset about implementing and maintaining solid security and anonymity while conducting thorough online OSINT investigations.
•In Part 2 we will present a comprehensive Open Source Intelligence Guide, packed with the latest tools and techniques and in Part 3 we will tackle the subject of validating information obtained from open sources to guard against fake-news.
•Who this course is for:
•Private sector security divisions – for monitoring threats to your company from physical violence, counterfeit products to disgruntled employees
•Private investigators – to find information without possessing a very deep understanding of computers or the internet
•Law enforcement – to provide tools for locating information on suspects for a legal investigation and operational security know-how in order to prevent compromising the investigation.
•Intelligence analysts – to help you hone your abilities and expand your skillset, to supplement/complement, and even confirm or deny current data.
•Human resources – for applicant processing, to complete reference checks or for head hunters to find the right candidates to fill a job requisition.
•Parents and teachers – to ensure the safety of children when using the Internet
•Penetration Testers, Social Engineers and white hat hackers – to gather intel on the vulnerabilities of a target using OSINT in a secure way
•Insurance Investigators – to investigate fraudulent insurance claims
•Journalists – to ensure story validation from multiple sources, to conduct research on an article in a secure environment
•Researchers and students – to expand your knowledge in the field of OSINT, security and anonymity
•