OSINT 2.0 - practical introduction to online open-source intelligence techniques 2100-CB-M-D1OSINT
1. Overview, Evaluation, and Classification of Available OSINT Tools
[Lecture]
History of OSINT. OSINT 1.0, 2.0, and 3.0. Typology and evaluation of OSINT software: 1. Integrated with the operating system and/or web browser (CSI Trace Labs, Tsurugi Linux, BlackArch); 2. Standalone, installed locally or online on the provider’s server (Maltego); 3. As references to software and other OSINT tools (Bellingcat's Online Investigation Toolkit, OSINT Framework).
2. Cyberuniverse Analysis Tool (CAT) (I)
[Workshop sessions + essential mini-lectures]
Proprietary tool for Internet analysis. Rationale for development, advantages and disadvantages of the tool. Methodology of tool development (selection of the carrier application – Brave). Installation and configuration.
3. Cyberuniverse Analysis Tool (CAT) (II)
[Workshop sessions + essential mini-lectures]
Selection of OSINT areas of interest. Systematic review of CAT tools.
4. The Art of Searching on the Surface Web
[Workshop sessions + essential mini-lectures]
History – from Google Hacking to Search Engine Hacking. Search operators of Google, Yandex, Bing, DuckDuckGo, and Yahoo. Creating simple and complex queries, comparing results, practical understanding of limitations and capabilities of specific search engines, empirical verification of the filter bubble hypothesis. Google Hacking Database. Global search engines. Privacy-focused search engines. Meta-search engines and multi-search engines. Search engines offering content aggregation (thematic, chronological, locational). Local search engines and directories. Other search engines (e.g., hacker leaks, data leaks, source code leaks). The Internet time machine (backwards) — the 3D search engine archive.org. Introduction to automated searching (YaCy). Searching using so-called weak artificial intelligence: ChatGPT, Bing, You.com, Phind… (and others current at the time of the course).
5. Searching for the Needs of Global Corporate Intelligence (CORINT/TRADINT)
[Workshop + essential lectures]
Global and European source search engines for economic entities and their interconnections: OpenCorporates and LittleSis. Economic entities and sanctioned units – sources of information about “white-collar” crime – business entities, units, government institutions, and their interrelations. FININT: verification of payment card metadata. Grassroots databases of reported scammers and internet fraud. Search engines and studies on economic data leaks (Offshore Leaks/Alerts).
6. Web Intelligence – What Can Be Learned from Analysis of Websites and Domains
[Workshop]
Who owns the website/domain and what is its structure (WhoIs, Whoxy, DNSDumpster, BuiltWith). Former owners of the website/domain (SecurityTrials, WhoIsRequest). Reputation of a given user (Netcraft, VirusTotal, ProjectHoneyPot, CriminalIP). Incidents related to a domain (RansomWiki – currently non-operational). What the website actually does, i.e., the owner’s intentions towards users (Redirect Detective, DNS Dumpster, Lookyloo, CookieServe, Certificate Transparency Search Tool). Other websites/domains owned by the same owner (AnalyzeID). Analysis of website/domain certificates.
7. The Hidden/Deep Web (Deep Web, Hidden Web, Darknet) – Installation, Configuration, Searching, Resources
[Workshop + essential lecture elements]
Practical searching in two networks selected by the students.
7.1. The Onion Router (Tor). Special-purpose .onion domain. Technical and functional characteristics. Funding of the Tor network. Tor by the numbers. List of safe protocols and applications for Tor. Installation and configuration of Tor Browser. Addressing in the Tor network. Security issues (legal and IT). Sources of Tor network addresses: search engines, entry points, forums.
7.2. Freenet – the network where censorship is impossible. Installation and configuration. Structure of keys (addresses).
7.3. Invisible Internet Project (I2P), i.e., Tor “on steroids.”
7.4. Lokinet – commercial successor of Tor?
7.5. ZeroNet – decentralized, non-anonymous P2P network based on the Bitcoin blockchain.
8. Evaluation of Final Projects
|
Term 2024Z:
None |
Term 2025Z:
None |
Course coordinators
Mode
Learning outcomes
Knowledge
• Fundamental and intermediate principles and techniques for effectively conducting open-source intelligence (OSINT) on private and corporate entities (KW_05)
• Familiarity with the rules and requirements for conducting investigations using OSINT methods and techniques in a safe, ethical, and lawful manner (KW_03) (KW_05)
• Understanding the functioning of the Deep Web, including networks such as TOR, Freenet, I2P, and Lokinet (KW_03)
Competences
• Ability to independently reflect on the compliance of white intelligence tools usage with ethical and legal standards (K_K03)
• Developing responsible social attitudes regarding the safe use of OSINT tools (K_K03)
• Proactivity in searching for and analyzing information (K_K05)
Skills
• Ability to analyze and understand the structure of websites and domains, including identifying owners and assessing user reputations
• Competence in professional use of selected OSINT tools for identifying physical and corporate entities and mapping connections between them (K_U02)
• Capability to install, configure, and use Deep Web networks such as TOR, Freenet, I2P, Lokinet, and IPFS
Assessment criteria
Final project consisting of the independent exploration, learning, and implementation of a white intelligence (OSINT) tool selected from the list provided by the instructor or a tool preferred by the student (subject to the instructor’s approval). The project should include the preparation of handouts in the form of a written tutorial or a recording (a video presenting the computer desktop along with narration). Projects are to be completed by the final session, at which time grades will be proposed along with justifications. If the grade is below 3, correction is required; if the grade is satisfactory or higher, improvement is optional. Corrections may be submitted until the end of the first deadline in the USOS system. The final grade will be the arithmetic average of the project grade and the partial grades for participation in individual classes.
Bibliography
Required Literature
• D. Mider (ed.), INFOBROKERING – The Art of Acquisition, Analysis, and Evaluation of Information, *Studia Politologiczne*, 2019, vol. 54.
• OSINT PL. How to Find a Countryman/Countrywoman (or Their Company). Polish Sources for the Needs of White Intelligence [#1 [https://youtu.be/S0w1XkdMF34](https://youtu.be/S0w1XkdMF34), #2 [https://youtu.be/uLaEFwNZPRA](https://youtu.be/uLaEFwNZPRA), #3 [https://youtu.be/BWTWPC22wY](https://youtu.be/BWTWPC22wY)] (self-study of knowledge and skills)
|
Term 2024Z:
None |
Term 2025Z:
None |
Additional information
Additional information (registration calendar, class conductors, localization and schedules of classes), might be available in the USOSweb system: