From his OSINTUp keynote "Decoding the digital shadows: journey from OSINT novice to master," Micah Hoffman guides OSINT practitioners through his 10 step approach and shares resources to help you along your journey.
In the world of open-source intelligence (OSINT), the ability to navigate and interpret data is not just a skill but an art. In his keynote training for the inaugural online skill-sharing event, OSINTUp, Micah Hoffman aims to illuminate the path for practitioners and OSINT enthusiasts alike, providing a step-by-step approach to achieve proficiency in this dynamic field.
From understanding the basics to staying updated with the latest tools and techniques, Micah gives 10 steps for taking your OSINT knowledge from novice to mastery:
Step 1: Document your progress
When pursuing OSINT mastery, Micah explains that documentation of your learning journey is paramount to gauge your progress and identify areas for growth. Whether you prefer the versatility of an Obsidian vault, the simplicity of a notepad or Word document, or the structured organization of an Excel spreadsheet, choose a method that resonates with you to capture your progress.
Documenting your learning journey not only serves as a record of your achievements but also empowers you to leverage your existing knowledge as a foundation for further growth. It enables you to observe patterns, identify connections and further your understanding of the field. In his session, Micah says, “Many times, what happens is we get so wrapped up in the things we don't know that we forget about… all the things that we’ve already learned.” While it's natural to focus on the vast expanse of what remains unknown, it's equally important to acknowledge and celebrate your accomplishments. Recognizing your progress, however incremental, fuels your motivation to learn more.
Step 2: Create a list of things you don't know
A crucial aspect of deepening your OSINT knowledge lies in identifying and addressing your gaps. Everyone has areas where they feel less competent, even those with years of OSINT investigative experience; the key is to transform these gaps into opportunities for growth. Micah suggests creating a list titled, "Things I don't know... yet," and to fill it with things you have not yet learned. Regularly review this list and turn each item into an action item, actively seeking out resources and training opportunities to fill those knowledge gaps. Whether it be a learning event or just a casual conversation with a fellow OSINTer, you will become aware of topics and techniques that you haven’t learned yet to populate the list. Micah credits his own (ever-growing) list for fueling his OSINT journey. This ongoing process of self-improvement will keep you up-to-date, show your progress and ensure you don’t miss pertinent info, techniques or strategies.
“There's deeper things that we can learn and collect and that can be useful. The more we understand them, the more our capabilities grow.”
Micah Hoffman
Step 3: Learn more deeply
OSINT is a vast and ever-changing field, with new tools and techniques emerging all the time, there is always more to learn. One of the best ways to improve your OSINT skills is to take a deep dive into the various levels of data collection and analysis. Just like an onion, OSINT has multiple layers of complexity and depth. Micah shares, “There's deeper things that we can learn and collect and that can be useful. The more we understand them, the more our capabilities grow.” He shows this through an IT/cybersecurity perspective explaining the open systems interconnection (OSI) model:
While many OSINTers might skim the surface by gathering information from social media profiles, there is way more depth to explore. Micah’s analogy shows the depth of OSINT through his comparison to the OSI model, a fundamental concept in IT and cybersecurity. The OSI model delineates the different layers through which data moves, illustrating the complexity of information exchange in digital systems.
At the physical layer, data interception occurs through devices that capture and translate signals like radio or Wi-Fi into data. Next, the operating systems layer shows how specific computer systems like Mac or Linux work and what special applications or configuration settings are specific to a system. Moving up the model into the middleware layer, protocols and encryption mechanisms come into play, shaping how data is transmitted securely across networks. And at the services layer, familiar interfaces like web browsers offer a gateway to accessing and interacting with digital content. However, the OSI model doesn't stop there. Bruce Schneier, a renowned cybersecurity expert, proposed three additional layers that extend beyond the cyberworld, including people, organizations and governments. Here, factors such as human behavior, legal constraints and organizational policies come into play.
Highlighting the areas and opportunities for learning and expansion, OSINT practitioners should have an understanding of all layers. Whether you're well-versed in the legal intricacies of OSINT but lack knowledge in operating systems, or vice versa, there's always room for growth and to add to your “Things I don’t know… yet” list.
Step 4: Seek breadth of knowledge
Like the OSI model, it's important to spread your wings and explore the wide array of subjects within OSINT. This is where a little guidance can go a long way.
One of the first pieces of advice often given to newcomers is to turn to Google. By searching a simple query like "OSINT site: start.me," you can unlock curated OSINT resources. These start.me pages, crafted by OSINT enthusiasts like Bruno Mortier and others, serve as curated collections of bookmarks and favorite websites, organized for easy access.
Exploring these OSINT start.me page, filled with categories ranging from news and blogs to tools and resource collections, can be overwhelming to say the least. OSINT expert, Griffin Glynn’s start.me page offers a plethora of links spanning various categories. For both newcomers and seasoned professionals, the page has stars next to certain entries to highlight where to start exploring.
So, instead of drowning in the sheer volume of information available, navigate OSINT resources with purpose and direction. Seek breadth of knowledge, embrace the wealth of resources at your disposal and let curiosity be your guide.
Step 5: Set aside time to learn
Getting ahead or even remaining proficient in OSINT requires a commitment of dedicated time to learning. Tools, websites and techniques evolve, necessitating commitment to staying up-to-date on the latest. Micah emphasizes that it is understandable to have demands on your time with kids, work, school and hobbies. However, setting aside dedicated learning time (no matter how small) will do wonders for progressing in OSINT. Time dedicated to continuous learning will change over your life depending on life circumstances but setting aside dedicated learning time even if it is a small amount is vital.
Time dedicated to learning will change over your life depending on circumstances but tracking downtime might not be as difficult of a mission as you think. Micah mentions how some companies dedicate specific days and times for continuous learning. For instance, employee productivity typically dips on Fridays so some organizations dedicate part of the work day for continuous learning. On the other hand, OSINT might not apply to your job at all so you must push learning to the weekend or week nights. No matter your situation or preference, be sure to make learning a habit by putting it on your calendar or to-do list or otherwise it could easily slip off your radar.
Remember to use your “Things I don’t know… yet” list to help you decide what to focus on, to track your progress and to show when you learned a specific skill. By writing down when you learned a skill, it serves as a reminder to follow back up with it later on to ensure that you are staying up-to-date with best practices.
Step 6: Connect and collaborate with others
In the OSINT world, collaboration and networking are indispensable. While embarking on a solo OSINT journey can be fruitful, the rewards of connecting with others are immeasurable. Engaging with fellow OSINT enthusiasts provides a gateway to diverse perspectives, specialized knowledge and a variety of resources.
Social media offers a plethora of OSINT-centric groups and communities. Reddit has a thriving OSINT subreddit, where members can share insights, collaborate on projects and engage in discussions. Discord servers, Slack groups and other online channels can also provide avenues for connecting and engaging with fellow OSINTers. You can pose questions, share findings or simply immerse yourself in the knowledge of the community. By contributing, you not only enhance your own skills but also contribute to the growth of the entire OSINT ecosystem.
When selecting a community, consider your comfort level and interests. Some groups focus on specific OSINT domains (SOCMINT, GEOINT, etc.) or skill levels, while others cater to a more general crowd. Whether you're a seasoned professional or just starting out, there's a community out there that aligns with your needs and desires.
OSINT communities:
Step 7: Continuous learning is a must in OSINT
In OSINT, continuous learning is not just an option, it's a necessity. Just as technology advances at a relentless pace, so do OSINT techniques and tools. What may have been a reliable resource or a cutting-edge tool yesterday might become obsolete or ineffective tomorrow, rendering it useless for your investigations. To stay ahead in this dynamic field, persistent learning is crucial.
Websites and online platforms that serve as valuable sources of information are subject to constant changes. Web structures may be revamped, URLs may shift and content may be moved, updated or even removed. Micah gives an example, “In 2018, I tweeted, Hey, here's how to use Google cache and keep yourself safe by adding the ampersand strip equals one to the end of it… Google cache is no longer there.” The nature of the internet demands that OSINT practitioners like Micah remain vigilant and adaptable, updating their knowledge of these evolving landscapes.
Beyond these external factors, the field of OSINT itself is in a state of perpetual change. New methodologies emerge, innovative tools are developed and best practices are refined on a regular basis. To stay ahead of the curve and maintain your proficiency in OSINT, it's crucial to embrace continuous learning as a core tenet of your professional development.
Step 8: Learn OSINT by doing
CTF/Challenges
The best way to master OSINT is to 'learn by doing'. As you get hands-on experience, you will build your skills and become more confident in your abilities. One of the best ways to learn OSINT is to participate in Capture the Flag (CTF) competitions and challenges. Catering to different skill levels, these events provide a fun and competitive environment to test your skills and knowledge.
Griffin Glynn Start.me page CTFs >>>
For more of an OSINT challenge, Sofia Gralhix, an OSINT expert and instructor, offers a series of free OSINT exercises that are perfect for beginners and intermediate-level learners. These exercises cover various topics, including web search techniques, social media investigation and OSINT tools. Each exercise provides step-by-step instructions and real-world examples, helping you apply your knowledge and skills.
Read a book
Reading books is a great way to deepen your understanding of OSINT techniques and strategies. Rae Baker's "Deep Dive: Uncovering the Hidden World of OSINT" is a must-read for anyone serious about learning OSINT. This comprehensive book provides a detailed overview of OSINT concepts, tools and techniques and offers practical advice on conducting OSINT investigations.
Watch a video
Video tutorials can also be a valuable resource for learning OSINT. Many experienced OSINT practitioners and trainers create informative videos that cover various aspects of OSINT. These videos can explain concepts, demonstrate techniques and provide real-world examples in an engaging and accessible way. However, before using any sources or taking advice from any experts, it's crucial to verify their ethical standards and legal boundaries. Ensure the information they provide is accurate and reliable.
Google it!
The OSINT world thrives on a spirit of self-reliance and resourcefulness. Before reaching out for assistance, take the initiative to research and explore. Micah suggests, “Do the work for us and then bring questions to the community…” This approach fosters a sense of independence and promotes a deeper understanding of the subject matter. The thrill of discovery and constant learning lies at the heart of OSINT mastery, so embrace the journey and enjoy the process of unearthing new knowledge and skills.
Step 9: Experiment, explore and have fun!
The OSINT world operates on a self-service model, encouraging individuals to take initiative and find a topic they are interested in and resources to support it. Searching for information on Google can reveal valuable OSINT resources, such as articles, forums and datasets.
The key to unlocking the treasure trove of OSINT knowledge lies in self-directed exploration and experimentation. There is no shortage of resources available at one's fingertips — books, articles, videos and online courses explore deep into the intricacies of OSINT. Seeking out ethical and reputable sources is crucial to ensure the validity of acquired knowledge. The vast expanse of the internet itself serves as a limitless resource for OSINT enthusiasts. Running queries on Google, exploring online forums and looking into specialized databases can lead to valuable insights and uncover hidden gems of information.
“You should be able to find a place in open source intelligence from image analysis to mapping, to object identification, social media exploitation. There's a whole bunch. That could get you very excited. Find that thing, watch talks, read things.”
Micah Hoffman
Step 10: Help others to get where you already are
As you progress on your OSINT journey and acquire expertise, extend a helping hand to others who are just starting out. Recall the difficulties and uncertainties you faced when you first began. By sharing your knowledge and experiences, you can illuminate the path for OSINT newcomers and accelerate their learning curve.
Many individuals interested in OSINT may feel overwhelmed by the vast amount of information and resources available. By guiding them through the initial steps, answering their questions and providing mentorship, you can make a significant difference in their progress. Remember, the OSINT community thrives on collaboration and mutual support. By helping others, you contribute to their success and foster a positive and inclusive environment for everyone involved.
Micah Hoffman's keynote speech for the online skill-sharing event, OSINTUp, covered a step-by-step guide to leveling up OSINT skills. He is an experienced teacher in cybersecurity and OSINT, with a significant role as a co-owner and course creator at My OSINT Training. Active in the community, he shares insights on his blog, webbreacher.com, and across social media as "WebBreacher." He enjoys using his technical skills to discover new OSINT methods, create new tools and make OSINT accessible and understandable to anyone. Micah offers himself as a resource to new and learning practitioners. You can find him on LinkedIn, X and his professional training site, myosint.training.
For more resources on learning OSINT skills and tradecraft, subscribe to NeedleStack: the OSINT podcast.
