How Persistence and OSINT Skills Led Me to a Star Trek Treasure

Recently, I hosted some houseguests for the holiday season, and it turned out that a few of them were big fans of the original Star Trek series. This gave me a rare opportunity to share something special from my collection that few people truly appreciate: an authentic Tribble prop from one of the most famous […]

SANS Webinar On SEC587 Advanced OSINT Course Updates

Super short blog post today! Later on this morning (for me at least) I’ll be giving a webinar called “Twenty New Labs, Infinite Possibilities: The SEC587 Overhaul”. You can register for the webinar here: https://www.sans.org/webcasts/twenty-new-labs-infinite-possibilities-sec587-overhaul/ Even if you can’t attend it live, registering gets you access to the recorded version.

Cursor: The AI Code Editor That Just Works

It started when my friend David texted me asking if I’d tried Cursor, a new AI-powered code editor. I hadn’t, but after he mentioned it twice in two days, I figured I should take a look. Within 10 minutes of trying it, I was convinced this was something different. What makes Cursor special isn’t just […]

Crack Smarter, Not Harder: Automating Hashcat with Cat Sitter

Anyone who’s taken a SANS SEC504 or now SEC587 class with me knows I love password cracking. But here’s the thing about password cracking – it’s a game of patience. Sure, sometimes you’ll crack a password in seconds. Other times, you’re playing the long game, watching your GPU churn through combinations for days. During my […]

Taking Control of Your Archives: Why ArchiveBox Matters

For years, Archive.org has been one of the most valuable sites on the Internet, not only for OSINT research but also for various other tasks. Many others and I used it to archive copies of information that we found useful and trusted that it would be there for us when we needed it. Archive.org has […]

YouTube Video Review of Defcon 31 Talk by Patrick Warren

Anyone who has ever taken an OSINT course with me has heard me say, “Metadata is in play far more often than people think.” To help demonstrate that, I often reference a talk by Patrick Warren from the Reconnaissance Village at Defcon31. Warren and his team (some fantastic people I had the privilege of spending […]

Making Fabric More Friendly: Windows Batch File Tips

I’ve already mentioned the Fabric framework, which attempts to minimize the friction between AI and users in several blog posts. I still plan on doing posts showing step-by-step how to install Fabric on different operating systems, but in the meantime, I wanted to show an example of shortcuts I use on Windows to make Fabric […]

Unpin Your Browser: Streamline OSINT Research with Obsidian Web Clipper

Anyone who has taken an OSINT class with me knows how much I love Obsidian. In addition to taking notes, I use it to organize my tasks, priorities, and other details for my SANS courses, business, and personal life. Like many practitioners, I rely on pinned browser tabs as temporary bookmarks for interesting content I’d […]

Hiding in Plain Sight Part Three: Watching the Watchers

The internet is constantly being scanned by various services – from search engine crawlers to security research platforms. While examining a public web server’s logs is one way to observe these scanners, not everyone has access to one. Thankfully, Greynoise.io offers a powerful alternative that lets us peek behind the curtain of internet-wide scanning activity. […]

Hiding In Plain Sight Continued

Let’s look at exactly how to configure GoWitness to blend in with normal internet traffic. The settings we’ll use aren’t complicated, but each one serves a specific purpose in making our scanning look unremarkable. The most important setting is the user agent string. GoWitness (version 3.0.5) lets you set this with the –user-agent flag. Here’s […]