Book Name: Open Source Intelligence Methods and Tools
Author: Nihad A. Hassan, Rami Hijazi
Publisher: Apress
Topic: OSINT, Information Gathering, Methods- Tools-Tricks
Level: Beginner-Intermediate(Closer) (Personally)
Hi everyone! I’m here with a new book review. Firstly, thanks for this awesome book and for giving me a chance to review this book. I want to start with answering some questions about this book. Let’s start!..
How is this book’s narrative style ?
I think everyone can understand this book especially newbies. Authors are describing lots of things basically and understandably.
How is this book’s design and context?
You can find a studied design in this book both in terms of visual and content. For example, you want to learn how to search on the dark web, you should know something about it. Authors are giving these pieces of information before to start searching the dark web.
Can ı learn something with this book or can ı use this book for reference ?
Absolutely, Yes!… If you want a reference book or if you want to a pill for OSINT, that’s will be a true choice for you.
Review Section of Book, What is my opinion ?
In our century, information is a big deal, is a weapon, is a power. Companies, people, computers, IoT machines, all of them contains and gives lots of information about you (or target). Okay, you know that. Alright. How much information can you collect?
If you want to be a security professional or a hacker (Whatever you say 🙂 ), you should know how can you find information about your target. You must know how to search!. Everyone knows search engines but you, you must know how to use them advanced. You must know where can you find pieces of information. Let’s look at content this book.
Firstly, the book starts with explain some basics and terms like types of osint, organizations, categories, etc. You will learn basics of privacy, some law information about osint in first chapter.
In second chapter, authors explain threats like malwares, social engineering. You will learn how to prevent this attacks and how to be more secure. Also, you can find some visualization tools and tricks for osint datas. And more (Virtualization, encryption, secure mails, and providers, etc.)…
Now, welcome to the darknet. You can find how to work tor, ı2p networks, VPNs with details. You can find some important tips about darknet and usage, recommended 🙂
I said some things about search engines, before. You can find these usage examples and tricks in this section. Advanced search engine options, news, RSS feeds and usage, searching files that you want to find, etc. You should be master a little after reading this section. You will find what you want to find easier than now.
Social media (Chapter 5), an important source for osint. What can you find with these? I will say, may be everything. Generally, people don’t care about posts. But nowadays, we use high-quality cameras for personal usage. If you don’t care, you can’t see a password into the clipboard or table, but hackers can do it. Sometimes, people give this type of important information on the gold tray to the hacker. Or you can find family information for password guessing. Why shouldn’t your target’s password {Dog Name}{Child Birthday}? Or if you find want to find surname before the marriage, why don’t you try to find uncle’s surname?, etc. You will be find these types of knowledge and you will learn how can you find it.
People Searches, this like the social media part. Important and efficient for social engineering, this increases your success rate. Interests, jobs, friends, fears, usernames, financial records, crimes… Try to find everything which you want to know. You will learn how to do it.
You found a flight ticket, you can find the plane’s location. Or you can want to find where the video uploaded from. You will learn GPS and Location-based information. Like finding who sending twits near you. Like guessing locations with sun state. Like webcams which you want to where you find to find. In chapter 7, Dive into locations and GPS.
There is a technical section for information gathering in this book. Website archives, emails, subdomain findings with google, whois information, site cloning, IP Tracking, etc. You will learn the technical side of osint and tools for this type of information in chapter 8.
And the latest chapter, you read and you learn tricks and tools while reading. And then? Then what you can do? In this chapter, the authors are explaining to you what can you do later, and giving tips on the process.
I love OSINT and finding some things about the target or anything. Also, I like to read books like that about OSINT, Security, and Privacy. I think this book can a reference book for tools if you know OSINT before this book. Even if you have no idea, you may start with this book. Thanks again to Nihad for sending a copy of the book. I would like to state that I am proud to examine such a well-designed book.
Thanks for your time and your interest. Berk KIRAS – Cyber Security Consultant