Osint Exercises

[Tina Popielarczyk]

These OSINT exercises, also referred as challenges, provide an opportunity for you to practise your skills, explore new methods and techniques, and above all, have a lot of fun (always for free)! They all focus on the three essential skills I believe are crucial for becoming an excellent OSINT analyst: how to find data, how to verify data, and how to analyse data.

Within each exercise page in the list below you will find a task briefing, and a set of questions for you to practise your skills. The difficulty levels range from easy to hard, catering for both beginners (?) and OSINT experts (?️). Each exercise page contains a link to a YouTube video where I provide the solution and a comprehensive walkthrough, guiding you from the task briefing to the answers.

At no point you will ever need to contact anyone or obtain personal information from online users. Please refrain from harassing or stalking people!

Predicting the release frequency of these exercises is a bit tricky. It really depends on how busy I am, the complexity of the exercise, and the number of tasks in a page. Typically, creating each exercise, including recording and editing the walkthrough, takes me about three weeks. I really cannot make any promises on how often they will get released. In the first 12 months since creating this page, I released 22 exercises with a total of 44 tasks, averaging a new exercise approximately every 2.36 weeks.

This week a major part of this episode has to do with an important change that is coming up, the phase-out of older extensions, due to major changes within the Chromium based browsers. I have taken it upon myself to start creating a list of extensions that might stop working once this change is pushed, and a link to that list can be found here.

Sofia Santos [ ] created yet another OSINT exercise, and it is number 27 already! This one is for the beginners within the field of open source investigations, and can be solved rather easily with the right searches. What I love about these exercises, is that she mentions how difficult the questions are for beginners, and for seasoned investigators. And to check your findings, she also posts a 'walkthrough' on YouTube right away, explaining how it can be solved. This way you learn how the thought process within open source investigations work, and can learn how to pivot from one finding to another.

The show Hunted has been running for several years in the UK and other countries. Even though a lot of the techniques used are sped up for the show, all required legal paperwork is removed, and based on the Dutch episodes I saw some years ago, legal warrants are given fairly easily. But still, a lot of the techniques portrayed in the show are real. In that way, it does give a good insight in how law enforcement, or investigative bureaus work. In this interview, Daisy Hickman [] is being interviewed on Baker's Chatcast about her career, and her experiences in Hunted.

Benjamin Strick [ ] has been scrutinizing a CCN interview with a Haitian gang leader, and has been able to find the exact location where the interview took place. Even though the location might have been known by law enforcement already, the article shows how he worked, step-by-step, to find the actual house. And since Haiti doesn't have street view, nor does it have a lot of third party captured imagery, most will have to be done via satellite imagery. Another great example how geolocation of video or images can be done, with some basic tools, and enough perseverance.

An important change within Chromium based browsers is about to start very soon, the phase-out of the so-called "Manifest V2" extensions. A manifest is a framework for extensions, and has been in use for many years already, despite some security issues that could occur due to its nature. The V3 is already active, and is in use by a lot of extensions already, but this might change very soon. One of the biggest changes could be that ad-blockers won't be as effective, due to the fact that updates in the list of domains will go through the Chrome web store, and have to be approved first, while it now is done by the extension itself in the background, sometimes several times a day. But there are also other

As you can see, there are some well known extensions on that list, and it is very well possible that certain extensions will stop working all together in the near future. This means that new extensions will have to be developed, workarounds need to be found, or maybe even switch to a different browser. One possibility is to test out Thorium. There has been requests to keep the support for Manifest V2 for several years within the Thorium community, and the developer has mentioned more than once he will do his best to delay the phase-out as long as possible, until the code is fully removed from Chromium.

Brave Browser isn't a solution either, since they will also start implementing the change very soon. The only advantage with the Brave Browser is, that they have their built-in Ad Blocker. But if blocking advertisements is your only concern, you might as well look at completely different options, in my opinion!

So what will this mean for open source investigators, that rely heavily on extensions within their browser? Well, you can always switch to Firefox, because after some quick searching, I have found no mention of Firefox dropping the support of Manifest V2. The only problem is, that Hunchly will not work in Firefox, so if you really need Hunchly, you are out of luck and might need to use two separate browsers, and only capture half the pages you visit.

While writing this section, I did some checking, but life of course take unexpected turns, so I spent half a day cleaning up the kitchen after a blocked drain. But when I went over some notes, I did find some positive news after all. Because it seems that the beta version of Tampermonkey runs okay with some user scripts that I have installed. And within the release notes of Chrome 124 Enterprise and Education, I read that another beta version, of a User-Agent Switcher, is also update to Manifest V3. It is still possible that certain extensions will break, or stop working, but

For now, I will be actively looking for solutions, or replacement extensions, to fill certain gaps. Do feel free to share good alternatives for browsers, or extensions, with the community so we can help each other out!

I already added the meme for this week, well before I remembered I needed to add a section about the disappearance of Manifest V2 from Chrome... Not sure whether the outcome will be as catastrophic as this meme depicts, but I guess we'll find out!

The game takes the interrogation format and gives it a retrospective twist. Live-action video gives the experience a sense of realism, making the game feel like a real police procedural. And the clever mechanism of using keywords from the footage (there are also transcripts in true investigation style) adds a dimension of grittiness to the whole plot.

This one is actually just a Twitter (X) profile, but hear us out. These guys share daily OSINT puzzles that test your geolocation and software skills. Although the premise is simple, the page has made quite a splash in the OSINT community. Besides the challenges, they also share valuable tips, solution reviews, and helpful scripts for conducting practical intelligence work.

This one wears its credentials on its sleeve. OSINT researcher Sofia Santos shares challenging exercises that allow you to flex your investigative muscles. The tasks vary in difficulty but will get you to access all you know about open-source intelligence and will no doubt help you nuance your investigative skill set.

A large amount of personal and very incriminating data is currently stored on websites, apps and social media platforms. Users often update these data daily, and this data is open source. This information can become evidence for citizens, governments, and businesses to use in solving real financial, employment, and crime problems with the help of a professional information collector. To respond to this new situation, it is important to have well-trained staff. The fact that many authorities and companies work with very sensitive data makes it necessary to train their employees in Open Source Intelligence (OSINT). Motivated by these facts, a practical training concept is developed that enables the creation of practical exercises. The focus is on the practical implementation of OSINT tools and methods. In the new course, participants learn legitimate and effective ways to find, collect, and analyze this data from the Internet. We have developed an introductory course for a Master level program in Open Source Intelligence (OSINT). Students learn up-to-date, hands-on skills, techniques, and tools that law enforcement, private detectives, cyber attackers, and defenders use to search the vast amount of information on the Internet, analyze the results, and build on interesting data to find other areas for investigation. Our goal is to provide the OSINT knowledge base for students to succeed in their field, whether they are cyber defenders, threat intelligence analysts, private detectives, insurance inspectors, intelligence analysts, law enforcement, or just someone curious about OSINT. Throughout the course that consists of 11 exercises, students will participate in numerous hands-on exercises using the OSINT tools and techniques that form the basis for collecting free data from the Internet.

Train soldiers, civilians, contractors, and, potentially, foreign partners in the collection and exploitation of PAI, OSINT reporting, dissemination, coordination, or cueing, integrating with other intelligence disciplines.

Help the OSINT community in understanding tools and techniques to support the methods, techniques, and skills used by intelligence professionals and analysts for intelligence gathering from publicly available sources

3a8082e126