Getting Started with OSINT
LinuxSecurity asked Danchev how he got started with OSINT. Writes Danchev, “In 2008 I earned the privilege of getting invited to an invite-only conference event at the GCHQ which I attended with the Honeynet Project. Since that time, I’ve made numerous valuable contributions to the U.S Intelligence Community as an independent contractor and through the research which I've been publishing at my personal blog in terms of high-quality and never-published before OSINT analysis as an independent contractor.”
Dancho tells us of a time when he was going through FOIA requests and in particular publicly released and classified information, visiting and browsing the CIA's official Website, and came across the following quote courtesy of President Nixon at the time - “What use are they? They’ve got over 40,000 people over there reading newspapers.” He says this got him interested in OSINT and helped him shape the future of his career as an Intelligence Analyst and OSINT analyst working under NDA as an independent contractor.
For this project, Dancho attempted to collect as much personal information as possible, including IoCs (Indicators of Compromise) websites including personal account information and email addresses.
His research resulted in publishing a list of thousands of email addresses and ICQ numbers of cybercriminals responsible for stealing credit card and CVV numbers, among other personally identifiable information (PII).
Danchev said he learned early on in my career that the best way to learn in the security intelligence world is to join a local hacking and security community. The security community rewards hard work and diligence. Prove that you can speak authoritatively on a security topic, manage a project, and build a community around it, and you will be recognized for your efforts.