Intro
I decided to take the plunge and signed up for the online OSINT training and certification in early 2021 and I learned quite a bit more than I expected. Michael, Jason and many of their community are active OSINT instructors and/or practitioners, so they are at the absolute bleeding edge for this specialty; and will be for many years in the future.
As a disclaimer, this post is based on my personal experiences, opinions and the state of the online training at the time of my participation. I plan to be a member of the Intel Techniques training community for a long time, but I am not commercially affiliated with Intel Techniques, nor will I benefit monetarily if you choose to sign up.
With the disclaimers out of the way, this post will cover the following;
- Who is this training for?
- Overview of the training itself
- Impact on my Direction
- Closing thoughts
Who Is This Training For?
An argument could easily be made that principles from these lessons should be understood by every person who accesses the internet, so that they can understand how data is collected and used, and so that everyone can take more control of their privacy. It’s my option that the Intel Techniques course and certification is for those looking to break out from being an OSINT researcher or specialist, to a highly capable analyst and team lead.
The training (while medium-to-highly technical) has a heavy emphasis on documentation. It’s also a stated objective of the primary instructor (Jason Edison) to enable the student to establish a series of repeatable OSINT process, which is both scalable and effective for a broad range of investigation types. With this, it’s pretty clear that if you seek to gain a deep understanding of the OSINT field and become a designated analysts as a corporate or threat intelligence professional, or within law enforcement, three-letter agencies and other government entities; there is much much for you to gain from both the training, certification and their community.
I also add that in my experience with corporate intelligence and due diligence, your executive team will be looking to you and your team as Subject Matter Experts(SME) for an intelligence product, versus simply assembling publicly available information or backed by a hunch. As a hiring manager, I would look at a candidate with the OSIP or certificate of course completion pretty seriously for intelligence due-diligence and other business roles, because I know that they have developed the skills, processes and infrastructure needed to begin training in our way of doing things. Further, I know this candidate is an asset toward our goals in professional risk analysis.
The Training
The purpose of this training is not simply to enable the student with skill set necessary to conduct successful research with various open-source tools and systems, but to develop a repeatable investigation and analysis process which can be tailored to meet your specific needs. I had a pretty good grasp on Intel Techniques approach (or at least did not start from zero) as I had purchased and studied Open Source Intelligence Techniques and Extreme Privacy: What It Takes to Disappear in the months leading up to my enrollment.
Upon enrollment, you will have access to three different areas of training: The lessons, CTF challenges and Matrix chat. Your primary instructor is Jason Edison, who has clearly been an active practitioner for quite some time. For context, it is probably worth mentioning that his experience is mostly LEO (I believe that it was cyber-crimes division) and he alludes to some 3-letter experience, so he comes across as highly professional, constructive and someone who you could learn a lot from for a very long time – especially if you are hoping to head in his direction.
The lessons are mostly video training, which progress from creating your first OSINT machine, setting up your tools and privacy settings, teaching you how to use them and how to document your findings. It’s worth mentioning that their training style is close to Offensive Security’s, in that they cover the topic, demonstrate the topic, then ask you to demonstrate your grasps with CTF’s. There are also member write-up’s (usually pdf’s) which you can view or download, and a chat where you can ask questions to other students, the authors or Jason and Michael Bazzell themselves. This will probably sound redundant to some, but be sure to search the history logs for your question before asking in the open chat. You’ve been warned!
Once you’ve completed the lessons (especially if you’ve announced success with the certification) the chat is a great area to team up with active practitioners for research into new tech, methods and techniques. This reminds me of something I heard about the SANS Institute, in which the instructors are required to be active practitioners from the field in which they lecture, not just pure academics. Likewise, Michael, Jason and many of the chat members are active practitioners and a large part of the evolution of the OSINT field.
The CTF’s are like pretty much any other, but the hints are not as helpful toward solving the challenges as those seen in picoCTF. Worded differently: picoCTF hints are part of the learning process whereas Intel Techniques hints are there to remind you of the lessons and to encourage you to think outside of the box. If a CTF is too difficult/impossible at first, I would recommend taking a break, continuing your lessons and re-approaching again later. You will likely fly through several of these challenges per hour once you’ve completed the training. I think that my personal best was something like 5 or 6 in an hour on the easier ones, but no more than 30 – 45 minutes on the tougher flags.
Impact on my Direction
I’ve always found it easy to don the adversarial mindset when needed, but this course helped me develop working knowledge for a category of risk to organizations, their people and assets, which I had only previously scratched the surface of – and you’re probably barely doing this too. From the outside looking in and like any beginner (myself included) will also say about the OSCP: it’s tough to imagine the depth of knowledge and experience you will gain from this course.
Another big take-away for my journey was in working for hours upon hours within separate steps of a complex workflow, each contributing to the end goal (or flag). This opened my eyes to the necessity of complex process automation, and their CTF’s were detailed enough, and the tools vast enough, to grant robust mach-ups for my Python and Bash scripts – a skill which I would bring to my OSCP and other security journeys.
Closing Thoughts
Having completed many HackTheBox and TryHackMe challenges related to OSINT in the past, I admit that I was skeptical with just how much value the course could bring to me. After all: Everyone has some OSINT capability these days and I had been successful enough with the reconnaissance phases of the cyber kill-chain to this point. However, in completing the course, you’ll be exposed to a much greater depth (and breadth) of knowledge in within the field.
Comparing my personal capabilities before and after the course with the analogy of “walk vs run” or “day vs night” would be an understatement. This course helped me understand the difference between online search queries which gain information on a target, and structured open-source intelligence collection and analysis. Frankly, the two are not even close to being in the same league.
I would highly recommend Intel Techniques online training to anyone interested to learn more about OSINT, or those who want up-to-date / maintained resources that will assist you along the way. The online community (in the matrix chat) is almost of equal value, in that it is chalked-full of problem solvers and active practitioners whom are highly focused on the OSINT and privacy topics. A special shout out to Jason Edison, as he is also a fantastic instructor for students of any experience level.
At the time of this writing, one year access to the online training, CTF’s, chat and certification was under 1,000 $USD, making it one of the best value purchases that I’ve made in the past few years.
More information and signup portals can be found at www.inteltechniques.net