This year’s WWHF quickly became WWTF as I sat through Mishaal Khan’s Next Level OSINT course during pre-conference training.
Over two days at the Deadwood Mountain Grand Hotel in Deadwood, SD, Mishaal amazed a room full of wide-eyed students as we found celebrity voting records, identified the real names behind aliases, and tracked down unregistered sex offenders. Using Mishaal’s OSINT techniques, a social media star who claimed to be completely anonymous was demystified in minutes.
While later I would be convinced he is the digital Batman, Mishaal began the course by quoting Uncle Ben from Spider-Man: “With great power, comes great responsibility.” Like Batman, Mishaal wields a dizzying array of tools to help him track down bad guys, find missing persons, and solve human mysteries that only those with superhuman abilities could solve.
pwned
Screw going to the dark web. You can find the latest breaches on the open web for nefarious and ethical hackers to sort through at will. Sites like haveibeenpwned.com will show you what company breaches contain an email address. You were an AT&T customer? Congrats. The world knows your social security number. Did you want to keep that divorce a secret? Oops, your new fiancé now has the court record that proves it.
While it may sound like he is more Two-Face than The Dark Knight, Mishaal advocates using these OSINT powers for good. You’ll want this knowledge if you’re on a red team engagement and need to prove how vulnerable executives are to doxing. Use these tools to craft deliciously deceptive phishing campaigns for a pen test.
Hell, use them on yourself to find out how vulnerable you are because I guarantee your data is part of a breach, or in tens (if not hundreds) of people search sites that contain your entire address, phone, username, and email address history.
OPSEC and Privacy
In addition to sharing his knowledge and tools for offensive purposes, Mishaal could have easily added another day to his course to cover what’s known as “OPSEC,” or Operations Security. Colloquially, this means covering your tracks. When signing up for sock puppet accounts on various platforms like LinkedIn and Facebook, it’s best to leave no trace of your location or identity.
Unbeknownst to most, your IP and other metadata are collected whenever you sign up for a site or service, leaving you vulnerable to tracebacks. Therefore, you’ll want to sign up using a cell connection or a VPN. However, many sites can sniff out a VPN connection and deny access. Using TOR can also work; however, this also has limitations, at least when registering for the first time.
To take it a step further, Mishaal offers a do-it-yourself privacy service at www.operationprivacy.com, where he gives you three service tiers: Conscious, Serious, and Ghost. There, you can customize your level of data protection across the web by following his recommended actions.
GEOINT
In his subsequent GEOINT, or geography-related OSINT talk, Mishaal used various sites and tools to examine pictures and determine their location or the person captured. Using image searches across multiple engines, he could find an individual even if their face was covered.
Displaying a large desert image on the monitor, Mishaal asked the room, “Who can tell me where this was taken?”
“Egypt!” I shouted with pride, noticing the sphinx and Egyptian spire. Someone else shouted, “Vegas!” I quickly laughed at myself as I saw the tram with the words MGM GRAND written in bold. Mishaal then used a site called ShadeMap to determine the month and time of day someone had taken the picture.
Sometimes, people challenge Mishaal’s social media skills by uploading a picture and asking him to find the location. In the example shown to the class—a shot from a passenger jet window of the land below—he walked us through his analysis of landscape features and research techniques that led him to the answer.
Conclusion
While Mishaal may not don a mask and cape as he digitally hunts down criminals, his collection of online gadgets and spidey sense certainly gives him a superhero mystique. I’m sure he inspired more than one person in his audience to become an OSINT vigilante and made us all aware of how easily we could be pwned.
While scrubbing your personal information from people search sites may be possible, the current and inevitable future data breaches make it harder and harder to remain anonymous. Therefore, Mishaal recommends that we all freeze our credit reports and set fraud alerts wherever possible.
Furthermore, if you are a high-profile celebrity, CEO, or public figure, consider enlisting Mishaal’s privacy services. Humans remain the weakest point in any cybersecurity defense, and complex phishing and whaling attempts are rising. In the wrong hands, hackers could use your publicly available data to elicit sensitive information or credentials.
For more information, visit www.mishaalkhan.com and take his Next Level OSINT course the next time it’s available.
Featured Courses
