Open in app

Sign in

Write

Sign in

Review: The OSINTion People OSINT Course

OSINT Stan
8 min readJan 16, 2021

--

Professional InfoSec training typically comes with a hefty price tag. Enter The OSINTion, which aims to offer quality training options at an affordable price. This review discusses The OSINTion’s flagship course, Introduction to People OSINT/Missing Persons OSINT, taken January 2021.

Those of us that are looking to improve our digital investigation skills but do not have the benefit of a corporate training budget do not have a lot of options. Sure there are some great podcasts and amazing blogs out there, but there comes a point where you need a structured course put together by someone with skin in the game.

In terms of providing quality training at a realistic price, The OSINTion is in a class of its own.

THE INSTRUCTOR

Joe Gray is the man at the helm of The OSINTion and he brings serious InfoSec cred to the table. Just check out his author bio from Amazon:

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior OSINT Specialist at Qomplx, Inc. and previously maintained his own blog and podcast called Advanced Persistent Security. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. As a member of the Password Inspection Agency, Joe has placed 2nd in the HackFest Quebec Missing Persons CTF, 5th in the Global Missing Persons CTF IV, both powered by TraceLabs, 2nd in the BSides Atlanta OSINT CTF, and 3rd Place in the 2018 & 2019 NOLACon OSINT CTFs. Joe has independently placed 2nd in the HackFest Quebec SECTF, 4th Place in the DerbyCon OSINT CTF, and 2nd Place in Hacker Jeopardy at Hack in Paris. Joe has contributed material for the likes of TripWire, AlienVault, ITSP Magazine, CSO Online, Forbes, and Dark Reading as well as his own platforms. Joe is the author of a few OSINT tools, such as WikiLeaker and the forthcoming tools DECEPTICON and INTERCEPTICON.

This People OSINT course is actually the fourth class I’ve taken from him and I can confidently say that we are all very lucky he has elected run his own trainings rather than sign on with one of the premium InfoSec training outfit (You know the one. And if you don’t, here’s a hint: $$$$$).

To date, the courses I have taken are:

-Basic Missing Persons OSINT (4 hour)
-Business OSINT (8 hour)
-Practical OPSEC for OSINT and Privacy (6 hour)
-Introduction to People OSINT/Missing Persons OSINT(8 hour)

For each one of these, Joe brings to the table a mix of technical insight and personal connection to the materials covered. The stories he tells helps students grasp how to put theory into practice and better prepares them to put new skills into action.

So what’s this “People OSINT” course all about? Well let’s dive in…

CONTENT

It’s no big secret that the best way to cut your teeth in the OSINT world is through the TraceLabs missing persons Search Party events. These events have exploded over the past year since they have embraced the remote CTF model. As you might expect, they have gotten seriously competitive with having well over 100 teams being quite normal for an event.

The People OSINT course works under the assumption that you are, or soon will be, competing in these events. As the winner of a TL Black badge (as part of the Password Inspection Agency team) you really couldn’t have a better mentor showing you the ropes.

According to the course landing page, the following topics are covered:

  1. Social media — Sure, we’ve all been on Facebook, Twitter, Instagram, etc. But have you tracked down a person’s secondary accounts and tracked previously unknown habits, significant others, tattoos, etc.? That is the power of diving into social media research.
  2. OSINT processes and cycles — This section of the course helps you develop the discipline to keep yourself from getting immersed in never-ending rabbit holes trying to make connections that just aren’t there. Open source intelligence is more than just being really really good at Googling. It is a discipline. A way of thinking. A method of inquiry.
  3. TraceLabs categories — I can tell you from personal experience evaluating TL CTF flag submissions that submitting flags to the correct category may be the biggest challenge for newbie competitors. This section helps you to understand the categories and how to make strategic decisions when it seems like a piece of intel might fit two or more different flags.
  4. Case studies — Everything comes together in this section as Joe walks through real examples of intel spotted in the wild that aided in a CTF or investigation. Up until now, your understanding of People OSINT has been widening. At this point, you start to go deep.
  5. A Simulated CTF — In my opinion, this part is where the course is worth its weight in gold. I have taken other OSINT courses and I can tell you that you aren’t going to get the opportunity to work with a veteran investigator on a live search. This section is approached collaboratively. In retrospect my own approach during this part of the class wasn’t the best. I was off to the races, polluting the course’s Discord chat with every piece of info I came across, not even paying attention to what was happening in the class. A better approach would be to keep pace with the instructor and restrict your concurrent search to the same flag the rest of the class is on. This is the best way to pick up on Joe’s insights and recommendations as you go.

Each of the above is covered with enough detail that you should be able to hit the ground running at the start of a TL CTF. The skills you pick up along the way would still be very useful even if you have no plans to get involved with the organization.

As you move through the course additional applications of this skillset are also discussed. The instructor has a wide base of infosec experience and has been involved with a variety of organizations where #OSINTforGood is part of their mission. This means that you will hear the different tools and skills discussed as they can be applied to. variety of real life scenarios.

Format

The course is conducted live and there is no option to view a recording. This is completely understandable since real missing persons are discussed, especially in the simulated CTF section.

What you WILL get, though, is a selection of downloadable pdfs, including the powerpoint file used. I have found that this content is more than enough to review and jog my memory in regards to different parts of the course.

Go2Webinar is the platform used and it worked just fine for me on a MacBook. I believe the platform also has options to attend the training on a mobile device if needed.

The group chat, however, relies on Discord. Although I mainly use Discord on mobile, I did fire up the iOS app for the class to make copying and pasting into/out of the group chat much easier. All in all, it worked great and I was happy not to have to keep switching between views in G2W in order to alternate between viewing the chat and the full view of the presentation.

When I took the course, it was in two 4-hour sessions. The first day was mostly lecture-style, while more time on day 2 was spent walking through cast studies and doing the live simulation. Personally, I can’t imagine trying to wrap my brain around the course in a single 8-hour session but if that is more your speed then, at least as of this writing, you do have that option.

Pros and Cons

If I had to summarize in an easily digestable pros/cons bullet point list, it might look something like the following.

Pros:

  • The course has frequent sessions
  • Live collaboration on active missing person case with a seasoned pro is invaluable
  • Course content is well thought out and presentation is polished
  • Very reasonable price combined with the above points make this course an unbelievable value
  • Joe cares greatly about the quality of the courses and takes the surveys at the end of all his courses very seriously

Cons:

  • Replays not available of the course
  • Although the course is quite reasonably priced, it is not cheap and price could still be an obstacle for some. If you follow The OSINTion on Twitter, though, there are opportunities to pick up the course at a solid discount. Last Black Friday’s combo specials were a steal but I don’t know if that will happen again.
  • Best experience is to have multiple monitors during the class. Otherwise it might be hard to switch between the webinar, Discord channel, and practicing with the various tools on your own machine in parallel with the course.

How To Get The Most Out Of The Course

As I’ve written this review, a few tips have come to mind that I think people should know before jumping into the class.

  • Take copious notes. I would include with this setting up a bookmark structure in advance for the various websites and tools that will be mentioned.
  • Don’t worry about setting up a special Linux machine or anything like that just for the class if you don’t have the time. Installing a clean browser and having a few sock accounts set up is probably enough.
  • Pace yourself during the CTF simulation. I mentioned this above, but it is worth re-iterating. I don’t even know how many of Joe’s insights I missed because I was in a rush to collect as much info on the subjects as possible. In retrospect I regret this. I just cluttered up the Discord chat and caused distractions.
  • Take advantage of your time with Joe! Ask a lot of questions, but try to write them down and ask them before the breaks. Joe likes getting questions throughout his presentations and will take great care to make sure they all get answered. I ended up asking some questions that were not directly related to the topic at hand that I now realize were a bit of a distraction.

Conclusion And Takeaways

The People OSINT course is without a doubt the first place I would steer anyone looking to learn the ropes of researching missing persons online, or getting started with OSINT research in general. Newbie TraceLabs competitors will surely pick up an entire toolbox of skills, while those with some experience will be able to get an even deeper understanding of the competition.

For me, the biggest takeaway I had during this go around was the whole discussion related to collaborating with a team. I don’t think I’ve ever competed with the same team twice and the communication with my teams has always eventually turned into a disorganized mess.

It was also a chance for me to re-orient my thinking back towards competing after taking a long break from competing to reach my goal of earning the Senior Judge badge.

Moving forward, thanks to this course I am well situated to start putting a team together and go after my next goal: Placing in the top three of a TraceLabs event.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Osint
Open Source Intelligence
Open Source Investigation
Information Security
Infosec

--

--

OSINT Stan
OSINT Stan

Written by OSINT Stan

22 Followers
3 Following

Practical vigilance powered by OSINT, InfoSec, and loads of coffee.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams