Clicking shit for OSINT curious purposes

Hi, my name is Dutch_OsintGuy. Why? Well… I am Dutch, I do OSINT and I am a Guy.

I’ve been in the infosec field for over 20 years as an All Source Analyst specialized in Open Source Intelligence. I teach OSINT classes, give lectures and talks about OSINT. When I think of it, basically I just eat, sleep and breathe OSINT 24/7.

Clicking shit

Automatically that makes me a OSINT curious person 24/7, 365. And with that I have a few lessons learned over the past years. Being OSINT curious means (at least to me) “clicking shit” that gets your attention. Why? Because if you don’t click you don’t know what will happen next when you click. Maybe a new page, pop-up, username, link is what you will get. And from that you will get new point to click on and investigate.

And by “clicking shit” you learn, over the years, where to click and where not to click. When to click and when not to click. By this I mean you learn how the most websites and social media platforms are structured. Once you know this you know where to click to gather that extra information you need to take your investigation that one step further.

Clicking shit with caution

What you also learn by “clicking shit” is that the internet is a malicious and creepy place. So sometimes you do not want to click a certain link, or click that PDF with download links to prevent your research system getting compromised. So you learn to run Virtual Machine environments (ex: Virtualbox or VMware) to “click shit” in a more safe way. Or you learn to scan documents first for malicious content before clicking or downloading them. Or you learn how to view certain websites via a cached version like google cache or internet archive. Also click shit with caution when it comes to OPSEC. Think about your device fingerprint before you click. Maybe think of the timezone you are in when you click. What kind of connection (mobile, broadband, tor) do you use when clicking shit? Do you use a VPN on top of those?

Clicking shit in a structured way

One of the best lessons learned for me personally by “clicking shit” is that you learn when to stop clicking randomly without keeping track of each and every click. Once you learn how to click in a structured way you will be able to create your own crumb path and always be able to explain to yourself (or even more important, to your client) which path you took at what moment based on what decision.

Summing it up:

  1. Click shit in a structured way
  2. Click shit with caution
  3. Click shit with OPSEC in mind
  4. Click shit and be the knower of things!