“I love the smell of book ink in the morning.”
The best way to learn open source intelligence gathering and to practice cyber security is hands on – few can argue with that.
But every practical training will need even a small element of theoretical grounding – as much as I personally prefer to keep that to the absolutely necessary minimum.
Self study can be a very effective (and cheap) way of learning, especially if you identify good resources, created by reputable experts.
Here are some of my personal recommendations for books that I recently found useful for learning OSINT and cyber security stuff:
- Open Source Intelligence Techniques by Michael Bazzell – considered by many the gold standard in OSINT. It’s heavy reading (literally, the book is massive, hundreds of pages) but it contains a variety of useful resources on multiple aspects of OSINT. The focus is not only on finding and preserving online evidence, but Bazzell (ex-FBI investigator) also puts emphasis on operational security and digital privacy.
- Cybersecurity Blue Team Toolkit by Nadean H Tanner – a reference manual that contains instructions on fundamental open source and free tools such as ping, tracert, PuTTY, pathping and more. One important caveat – while a lot of the material is very relevant and solid, some of the content in this book is already outdated and it badly needs an update.
- Operator Handbook by Joshua Picolet – a better and a more up to date version of the above resource, by a different author. It combines red team and blue team knowledge and areas of focus, with OSINT being a rather small section. This is a great resource on many topics, from malware, forensics, to networks and detailed techniques of incident response.
- Nowhere to Hide by Daniel Huang – released only 3 months after the Capitol Riots in the US, this book details some OSINT and investigative techniques used by the FBI to identify the suspects involved in storming the Capitol. The book details 36 actual real case studies and discusses the methodology applied that allowed the FBI secure criminal charges.
- Investigating Cryptocurrencies by Nick Furneaux – written for LE investigators or those in similar roles in the private sector, this book will teach you plenty of what you need to know about blockchain technologies and investigating digital assets. Ample examples and links, coupled with some great advice on how to trace movements of funds on what many people call Finance 2.0 decentralized networks.
- Practical Cyber Intelligence by Wilson Bautista – the “practical” part in the title might be an over-statement, yet this book has some useful nuggets of information on the functioning of cyber defense operation teams, threat intelligence, and IT operations in a corporate environment. Contains some operational models and frameworks, ideal for somebody who needs to learn high level information on how these things are structured and what purpose they serve.
- OSINT for the Staffing World! by Dean Da Costa – last and the least, I was not sure whether to include this in the recommendations due to the book’s poor formatting and evident lack of proof reading. Still, it contains useful lists of tools and links to OSINT resources. It is primarily aimed at recruiters, but can be helpful to people sourcing information just about anywhere.
* * *
So this is it. Short and sweet this week, due to other projects happening in the background.
PS. I was asked to list some currently available online OSINT courses – I promise that when I find some time, I will do a deep dive into what is currently on offer out there and come back with some recommendations in the weeks to come.