The OSINTion

In this episode of Joe and Gourd's podcast, Tony Hunt talks about his role in Operation: Safe Escape.

In this episode, we primarily talk coffee, which is Tony's other business. Kona, Colombian, Cuban, Turkish, and other exotic varieties. Whether you drink coffee for flavor or effect, this is an eye-opening episode for you!

Tony's Links:

• Twitter: https://twitter.com/tony_hunt
• LinkedIn: https://www.linkedin.com/in/tonyhunt1/

Operation Safe Escape Links:

• Web: https://safeescape.org/help/
• Twitter: https://twitter.com/ospasafeescape
• LinkedIn: https://www.linkedin.com/company/operation-safe-escape/

The OSINTion Links:

• Podcast: https://osint.mobi/podcast
• Twitch: https://twitch.tv/theosintion
• YouTube: https://osint.mobi/youtube
• Spotify: https://osint.mobi/spotify
• LinkTree: https://linktr.ee/theosintion
• Patreon: https://osint.mobi/patreon

The OSINTion Training:

On-Demand:

• https://academy.theosintion.com

Live Training:

• https://www.theosintion.com/courses

The OSINTion Communities:

• Discord: https://osint.mobi/discord
• OSINTelligence: https://osint.mobi/osintelligence

Joe's Links:

• Twitter: https://twitter.com/C_3PJoe
• LinkedIn: https://www.linkedin.com/in/joegrayinfosec

Purchase Practical Social Engineering:

• https://osint.mobi/pse-nostarch
• https://osint.mobi/pse-amazon

Joe and Gourd bring on two covert entry specialists, Brent White and Tim Roberts, to discuss intelligence report writing and covert entry. The guests provide tips and best practices on the topic, which is especially useful given the growing prevalence of human intelligence. We dive into covert entry and physical pen testing war stories. The conversation covers everything from evidence collection to commendable practices and word count for reports. Brent and Tim share their wealth of experience in the field of covert entry and pen testing, providing useful insights into the process. They explain the importance of maintaining a professional appearance on the job and the importance of having the right equipment. They also discuss the best practices for evidence collection and the need to document every step of the process. 

Brent and Tim emphasize the importance of having a clear structure and flow to the report, as well as keeping the word count within an acceptable range. Additionally, they discuss the importance of providing sufficient detail and context when writing a report, so that the findings can be presented in the most effective way. As the conversation progresses, the two specialists provide their war stories of past jobs, offering an entertaining and informative look at the world of covert entry and physical pen testing. They also emphasize the need to always consider ethical implications when conducting a pen test, as well as the need to remain within the scope of the test and not to cross any legal or moral boundaries. As the conversation draws to a close, the guests leave the audience with valuable insights into the world of intelligence report writing and covert entry. 

Contacting Brent & Tim: 

• Twitter: https://twitter.com/brentwdesign 
• Web: https://wehackpeople.com 
• IG: https://www.instagram.com/covertentry 
• IG: https://www.instagram.com/n1nj4t1m 

The OSINTion Links: 

• Podcast: https://osint.mobi/podcast 
• Twitch: https://twitch.tv/theosintion 
• YouTube: https://osint.mobi/youtube 
• Spotify: https://osint.mobi/spotify 

The OSINTion Training: 

On-Demand: 

• https://academy.theosintion.com 

Live Training: 

• https://www.theosintion.com/courses 

Upcoming Training from The OSINTion (Individual Courses): 

• April 1, 2023: 1200-2030 (ET) Intelligence Investigations: Business https://osint.mobi/april-business-course 
• May 6, 2023: 1200-1600 (ET) IMINT, OCR, and Video Analysis https://osint.mobi/may-imint-course 
• May 6, 2023: 1200-1600 (ET) REGEX for Intelligence https://osint.mobi/may-regex-course 

Upcoming Training from The OSINTion (Bundles): 

• Payment Plans: https://osint.mobi/2Q2023-bundle-payment-plan 
• 1-Time Payment: https://osint.mobi/2Q2023-bundle 

The OSINTion Communities: 

• Discord: https://osint.mobi/discord 
• OSINTelligence: https://osint.mobi/osintelligence 

The OSINTion Links: 

• https://linktr.ee/theosintion 

Joe's Links: 

• Twitter: https://twitter.com/C_3PJoe 
• LinkedIn: https://www.linkedin.com/in/joegrayinfosec 

Purchase Practical Social Engineering: 

• https://osint.mobi/pse-nostarch 
• https://osint.mobi/pse-amazon

Joe and Ray discuss how OSINT is used in offensive security scenarios, focusing on the importance of doing in-depth research. In order to properly use OSINT, Ray explains that it is essential to identify and map out the risks associated with an organization, as well as to do research to understand the company's structure, assets, and resources. He emphasizes that it is important to look at where the information lies, in order to get an idea of who the key people are within an organization. This could include looking for patterns in social media accounts, websites, and other sources to uncover insight on those individuals. Ray also advises that when doing the legwork, it is important to not only look at public sources, but to dig deeper. By using OSINT, companies can better understand their adversaries and develop a more effective security strategy. He further explains that it is important to constantly monitor the situation, as adversaries often change their tactics or target different areas. With the right tools and strategies in place, organizations can stay one step ahead of potential threats and be better prepared to respond. 

Links Discussed:  

• Dehashed: https://www.dehashed.com  
• HaveIBeenPwned: https://www.haveibeenpwned.com  
• SecurityTrails: https://www.securitytrails.com  
• View DNS: https://www.viewdns.info  
• DNS Dumpster: https://www.dnsdumpster.com  
• Snapchat Map: https://map.snapchat.com  
• Trace Labs Kali: https://www.tracelabs.org/initiatives/osint-vm  
• Raspberry Pis: https://www.raspberrypi.com/  
• Free Digital Ocean Credit: https://m.do.co/c/ab5f75969c8a  
• Phone Infoga: https://github.com/sundowndev/phoneinfoga  
• CSI Linux: https://csilinux.com/  
• Flare VM: https://github.com/mandiant/flare-vm  
• Parrot OS: https://www.parrotsec.org/  
• Kali Linux: https://www.kali.org/ 
• Axiom: https://github.com/pry0cc/axiom  
• SANS SIFT: https://www.sans.org/tools/sift-workstation/  
• Volatility Framework: https://www.volatilityfoundation.org/  
• Shodan: https://www.shodan.io  
• Michael Bazzell's Extreme Privacy: https://inteltechniques.com/book7.html  
• Michael Bazzell's Website: https://inteltechniques.com/  
• Joe's Podcast with Michael Bazzell: https://osint.mobi/michael-bazzell-podcast  
• Joe's Podcast with Justin Seitz: https://osint.mobi/justin-seitz-podcast  
• Justin Seitz's Hunchly: https://www.hunchly.com  
• Justin Seitz's Python for OSINT Training: https://www.automatingosint.com  
• Imagga: https://imagga.com/  
• Infoga: https://github.com/The404Hacking/Infoga  
• Joe's Podcast with Joe Vest: https://osint.mobi/red-team-podcast  

Contacting Rey:  

• Twitter: https://twitter.com/reybango  

The OSINTion Links:  

• https://linktr.ee/TheOSINTion  
• Twitch: https://twitch.tv/theosintion  
• YouTube: https://osint.mobi/youtube 

The OSINTion Training: 

• On-Demand: https://academy.theosintion.com  
• Live Training: https://www.theosintion.com/courses 

In this incredible episode, The OSINTion and WeHackPurple team up to explore the fascinating world of Information Security. Joe Gray of The OSINTion and Tanya Janca of We Hack Purple will dive deep into topics such as Application Security (AppSec) and Open Source Intelligence (OSINT). They will also share stories of their experiences at conferences and discuss organizations that help women and people from underrepresented groups break into the Information Security industry.

Don't miss out on hearing Tanya's incredible OSINT story that blows Joe's mind! Joe and Tanya may have something super exciting to reveal to the world as well ;-)   

Other streaming platforms:  

• Twitch: https://www.twitch.tv/theosintion
• YouTube: https://www.youtube.com/@theosintion9198
• Live Courses: https://www.theosintion.com/courses 
• Discord: https://osint.mobi/discord     

Links to Women and Underrepresented People Groups in Information Security:  

• Women's Society of Cyber Jutsu: https://womenscyberjutsu.org/ 
• WoSEC: https://www.womenofsecurity.com/ 
• WISP: https://www.wisporg.com/ 
• WyCyS: https://www.wicys.org/   

Links to Women and Underrepresented People Conferences in Information Security:  

• The Diana Initiative: https://www.dianainitiative.org/ 
• Day of SHEcurity: https://www.dayofshecurity.com/ 
• QueerCon: https://twitter.com/queercon?lang=en   

Contacting Tanya:  

• Twitter: https://twitter.com/shehackspurple 
• LinkedIn: https://www.linkedin.com/in/tanya-janca/ 
• TikTok: https://www.tiktok.com/@shehackspurple 
• YouTube: https://www.youtube.com/shehackspurple   

Contacting We Hack Purple:  

• Web: https://wehackpurple.com/ 
• Twitter: https://twitter.com/wehackpurple 
• LinkedIn: https://www.linkedin.com/company/wehackpurple/ 
• YouTube: https://www.youtube.com/wehackpurple 
• Community: https://community.wehackpurple.com/ 
• Academy: https://academy.wehackpurple.com/

This is a kick-off episode to introduce the new podcast format. We speak to us importing Joe's previous podcast, Advanced Persistent Security, to the platform as well. Finally, we set expectations for the show.