Open-source intelligence (OSINT) covers the techniques and procedures practiced to retrieve targeted information from open-source networks containing immense amounts of data. This course teaches participants how to collect and analyze information using various tools and unique methods, and apply targeted cyber intelligence to defensive operations in order to proactively act on threats. Students will be further exposed to collecting information from the Darknet, social networks, classifying diverse sources, and creating their own automated tools for a more advanced data gathering process.

The course targets participants with a foundation knowledge in computer networking, who wish to operate a SOC on the analyst and incident responder levels, or individuals who serve as corporate security analysts. Primarily:

  • Tier-1 SOC analysts and operators
  • Incident responders
  • System/network administrators
  • IT security personnel
  • IT personnel migrating to IT security
  • Linux basics
  • Python basics

64 Hours

Cyber Security


Certificate: No

Price: contact us for more details

Leave your details

Course Outline


  • Providing students with all-source methodology of employing open-source intelligence gathering.
  • Discovering the tools, techniques and technologies needed to generate highly relevant intelligence.
  • Creating tools in Python for precise and customized data gathering.
  • Understanding how to collect information from various social networks.
  • Exploring the Darknet for its “undercover” information bases.


The course includes a module dealing with accessing and obtaining information from the Darknet, which might require some additional funding for purchasing databases.


Course Outline


Module 1: Introduction to OSINT – 6 hours

The first module will introduce participants to fundamental concepts of open-source intelligence and cover the very basic data collection techniques. Students will set-up the virtual lab that will serve them throughout the course for data collection, anonymous browsing and more. During this module, some ethical and legal aspects of OSINT will also be mentioned.

  • Becoming anonymous
    • Building your own lab
    • Using a VPN and VPS to stay anonymous
  • Reconnaissance basics: collecting information
  • Open-source intelligence terminology and definitions
  • Gray areas and ethics in OSINT
  • Categorizing and cataloging information


Module 2: Tools and Search Engines – 8 hours

Throughout this module, students will get to know some practical tools and search engines they will handle during the course for collecting data. They will deepen their understanding between various information sources, and will focus on gathering data from social networks. One of the key capabilities participants will gain during this part, is setting-up search engines and OSINT tools to work more effectively using automation.

  • Metadata basics
  • Types of OSINT sources
    • Top websites for OSINT
    • Mastering Google
    • Google dorks for OSINT
  • Introduction to basic bash automation
  • Extracting information from major social networks:
    • Facebook
      • Facebook search
      • The public an private profile
      • Multiple profiles
    • LinkedIn
    • Twitter
    • Instagram


Module 3: Python for OSINT – 20 hours

During this module, students will take what they have learnt so far one step ahead, and learn to construct their own tools, to be used for collecting open-source intelligence. This will give them advanced capabilities of handling Big Data and filtering through huge amounts of information to quickly and accurately reach their target. Participants will write their tools in Python, using various advanced modules. By the end of this stage, students will have a significant added-value in conserving and analyzing data using tools they have created themselves.

  • Storing data: introduction to Big Data
  • Numpy basics
  • Indexing
  • Functions
  • Panda basics
  • Panda bperations
  • Panda data frames
  • Panda filtering
  • Building your own OSINT tools:
    • Crawlers
    • Scanners
    • Databases
    • Alerting systems
    • IRC channels

Module 4: Advanced OSINT Tools and Search Engines – 12 hours

In this module, students will become familiar with a wider and more advanced array of OSINT tools and search engines. They will understand how to use metadata, and maximize the use of different filtering and customization options for searching. This will give them capabilities of identifying further information that may not be disclosed in a standard Google search. During this stage, participants will practice each tool and test its capabilities. By the end of this session, they will acquire advanced capabilities of locating and extracting information, and getting as quickly as possible to as much of the desired information.

  • Advanced metadata
  • Mastering Google search engine:
    • txt
    • Google advanced search
    • Geographic information gathering
    • Seacrhing in different langauges
    • Building a Google custom search engine
    • Reverse image search
    • Legal concerns and privacy issues
  • OSINT tools + exercisises:
    • Openrefine
    • Maltego
    • SpiderFoot
    • Foca
    • Maltego
    • Creepy
    • TinEye
    • Recon-NG
    • EXIF
    • Passive Recon


Module 5: The Darknet – 10 hours

The Darknet is considered the most prominent source of huge amounts of relevant information that is not accessible through the usual network. During this module, participants will learn to use the Darknet, how to pinpoint to the information they are looking for, collect it, use avatars, purchase databases with sensitive information, and activate different automated tools for browsing and extracting information from the Darknet.

Note: some funds are required for purchasing databases and other information on the Darknet.

  • DarkNet overview
  • The Tor browser
    • Installation
    • The UI
    • Onion websites
    • Hidden services
  • URLs crawlers
  • DarkNet crawlers
  • DarkNet search engines
  • Buying and analyzing databases from the DarkNet
  • Lab: buy a darknet databse and create your own tool to parse through it and extract sensitive information about the target.


Module 7 – Threat Intelligence – 8 hours

The final module will focus on understanding the landscape of threats and how what defense mechanisms against them are needed. Students will learn how to identify when their organization is the target of an attack, and be able to assess the risk level according to different parameters. They will also study the different products and platforms available on the market to assist the threat intelligence process.

  • Introduction to Shodan
  • Gathering intelligence about an organization
  • Determining the risk level
  • Indicators of compromise
  • Advanced Nmap scanning:
    • Flags and capabilities
    • NSE vulnerability scan
  • The power of misinformation
  • Creating honeypots
  • OSINT and threat intelligence products