In recent days, the world has been shaken by an argument in the Oval Office between Donald Trump and Volodymyr Zelensky, which may indicate a radical change in the direction of US policy towards Ukraine. But while a sharp exchange of words does not always have to translate into the outcome of negotiations, journalists report that two disturbing changes have already occurred in the cyber sphere. […]
The US Intelligence Community (IC) is formalizing its approach to the use of open sources, as evidenced by the recently presented OSINT strategy for 2024-2026. The document outlines a clear vision for the future of the discipline, setting the stage for significant advances in how open source data is used for intelligence purposes. In this blog post, we will summarize key strategy concepts, […]
I recently had the opportunity to participate in the FIRST CTI Conference in Berlin, where I talked about how OSINT is not always as open as it might seem. Since the presentation included the methods and sources of specific analysts, I preferred to stay with TLP Green. In this post, however, I would like to present the main theses and problems that […]
Shortly after setting up counterintelligence.pl, I also started the RonanVM project, i.e. a virtual machine image adapted to conduct OSINT investigations. Unfortunately, I don't have that much time to develop the project at the pace of Kali Linux, but I had the opportunity to make some changes and improvements recently. Moving on to the specifics: I also encourage you to use, in my opinion, the project […]
The name of the blog obliges us, therefore, this time we deal with the latest events in the field of catching intelligence officers and fighting the operations they conduct. The opportunity for this was provided by the US Department of Justice, publishing indictments against a total of thirteen people accused of espionage, as well as Mandiant who published a report describing the detected Chinese outflow operations. IN […]
Observing the practice of the US administration in the field of political tools applied to entities responsible for cyber operations against the States, indictments are one of the most visible elements. In recent years, we have seen, for example, indictments against a GRU officer, Chinese intelligence, or more recently FSB officials. On the surface, it may seem that such actions do not [...]
In the previous post, I tried to present what types of cyber operations accompany military actions and how different types of operations are supposed to achieve their goals by different means. Some may have expected much more intense cyber activities in Ukraine, attacks on industrial networks or the massive use of wipers. Although there are no signals indicating [...]
TL; DR - If you need a pre-configured virtual machine for your OSINT investigations, take a look here for a ready OVA image that you can import into VirtualBox and have a clean system ready. There you will also find a list of tools and additional information about the project. And now the longer version ... Creating a virtual machine for [...]
Collecting information as part of OSINT is often based on finding traces of users' online activity, such as logging into social networks or using the same e-mail address to register on multiple portals. It must not be forgotten, however, that the same applies to ourselves when we try to obtain this information, often [...]
English 
Polish