SANS Institute is moving its open source intelligence gathering and analysis training course online in response to the escalation of the COVID-19 pandemic.
The course, scheduled for July 20 to 25, will provide participants with OSINT groundwork knowledge and real-world skills and techniques to effectively find relevant data on the internet.
Participants will start the six-day course with an introduction to the OSINT field, which includes discussions on concepts like the goals of OSINT collecting, setting up an OSINT platform and leveraging search engines, SANS Institute posted.
The second day focuses on the intricacies of gathering, searching and analyzing OSINT, including data analysis challenges, file metadata analysis and OSINT frameworks. Concepts such as web data harvesting, user names, avatars and reverse search images and additional public data.
Participants will then move into social media data, geolocation, mapping and imagery. Discussions during the third day will provide participants with a better understanding of search engines and data from social media applications, particularly Facebook, Instagram, Twitter and LinkedIn.
Session four will dive into interconnected OSINT issues, starting off with internet protocol addresses, domain names and Whois, followed by a discussion of the OSINT application of wireless network information. The session will also cover modules about searching international government websites for OSINT data and supporting business processes with OSINT.
On the penultimate day of the training course, participants will explore the dark web, with emphasis on the Freenet, I2P, and Tor networks. Session five will also teach the importance of breach data in investigative cases and examine how to track vehicle searches.
The course will conclude with a capstone capture-the-flag event, where participants will be divided into teams with the objective of collecting specific OSINT data about certain targets.
Throughout the duration of the course, participants will work on completing over 20 hands-on exercises using the live Internet and dark web.
SANS Institute is hosting the course for cyber incident responders, digital forensics analysts, penetration testers, social engineers, intelligence personnel, private investigators and human resources personnel.
The course will be led by 20-year IT veteran Micah Hoffman. Since 1998, Hoffman has been helping the federal government, commercial, and internal customers discover and quantify cybersecurity weaknesses within their organizations.