About this Video

• Video Title: Learn Next Level OSINT!
• Channel: John Hammond
• Speakers: John Hammond, Michelle Khan
• Duration: 01:03:39

Introduction

This video is a live stream from John Hammond's "Just Hacking Training" series, focusing on Michelle Khan's new advanced OSINT course, "Next Level OSINT." The video showcases new course content, including free previews, and discusses related topics like operational security (OPSEC).

Key Takeaways

• New OSINT Course Release: Michelle Khan released "Next Level OSINT," the final installment of her OSINT course series, covering advanced techniques. A free preview is available.
• Free Course Previews: Just Hacking offers free previews of various courses, allowing users to sample content before purchasing.
• Increased Upskill Challenges: The platform now boasts over 20 free upskill challenges.
• Integration of Kali Linux and VPN: Michelle Khan's advanced OSINT course utilizes a Kali Linux machine and VPN access for hands-on learning.
• Practical OSINT Techniques: The course emphasizes practical application over theory, demonstrating real-world scenarios and tools.
• Importance of OPSEC: The video stresses the importance of operational security, especially when conducting sensitive investigations, and references a separate OPSEC course.
• Multiple Avenues for Monetizing OSINT Skills: The speakers discuss various career paths leveraging OSINT skills, including penetration testing, journalism, and private investigations. The financial rewards of these skills are also highlighted.

In Michelle Khan's demo, she uses several tools and techniques:

• Kaido: This tool is used to send automated requests to the O'Reilly Auto Parts API to search for vehicles based on partial license plate information. The demonstration highlights Kaido's ability to handle many requests without being throttled, unlike the free version of Burp Suite.

• License Plate Number Search: She demonstrates searching for license plates using Google and leveraging the information obtained to craft targeted API requests.

• Data Breach Analysis (Ripgrep): Michelle uses ripgrep to quickly search through a large (5GB) CSV file containing a data breach for specific license plate information.

• VIN Number Lookup (Kelly Blue Book): She uses Kelly Blue Book's API to convert a license plate number to a VIN number, which is then used for further investigation on Google.

• Email Address Lookup (Olehei): The tool Olehei is used to check if a given email address is registered on various websites, illustrating how to quickly determine an individual's online presence.

• API Interaction (Postman): The use of Postman to interact with an API requiring headers and API keys for a UK vehicle license plate lookup is shown. This demonstrates a more complex API interaction than simple GET requests.

Offline OSINT Techniques:

The video mentions several offline OSINT techniques:

• IVR Manipulation: Manipulating Interactive Voice Response (IVR) systems to obtain information from automated phone systems.

• Accessing Information at Libraries: Utilizing resources available only at physical libraries.

• Accessing Voter Registries and Government Offices: Obtaining information from physical government offices (not available online).

• Obtaining Information from Obituary Records: Accessing obituary records that aren't readily available online.

• Radio Monitoring (SDRs): Tuning into Software Defined Radios (SDRs) to monitor law enforcement or emergency radio frequencies.

• Android Emulation: Using Android emulators or virtual environments to access information from mobile applications.