Visit the Open Source Cyber Intelligence - Introduction Training course recordings page
WEBVTT
-->
would be compromised so for example let's say so i'm gonna pay let's say let's see if we do it
-->
because i want you to be able to see what it looks like when the data is corrupted
-->
it would be nice to see for you to be able to see the different types of instances but
-->
so basically for example let's say we we came to google we searched for that and now
-->
we're left with these logs right so so for example i use the 3xc client that you're looking at
-->
on your page right and this is what it looks like when you gain data from
-->
shodan are you able to hear me 3x 3xc web client you may have to click it by his name
-->
if you want you you could take norm normberg out of it can you back would you yeah i'll say so if
-->
you just click on 3xc it won't allow you to wow i think it's the internet connection something
-->
it's the internet is just isn't working great for us and that's fine so see how here we see
-->
all of that data i was talking about the the domains you see how you can see the product
-->
you can see basically all of the breakdown for it not only do you see that port but you see
-->
what that port is communicating with you see is you can see every piece of key identifying
-->
information on it so what we're looking at now will be public evidence of exposed data of some
-->
sorts right for the for the for the tents and purposes of what we're talking about
-->
so in cyber security and open source intelligence we use showdown because sometimes people attempt to
-->
provide us doctored logs and we can always go behind them and see if it's true based on
-->
the information we found online so let's say if we stick right here with google right
-->
so you start with like how we just we enter the name right through a backspace one
-->
so you enter name and we choose 3cx right so we back at the same place what you'll find is like
-->
we have our ports that's open right we know that we got our open we know we got our rdp here right
-->
and that we have some iot to military devices right that's showing http responses so that's
-->
information we have here and we're seeing how it's done individually for each port see how we have
-->
their protocol in which they're engaging and communicating on the next thing you would do
-->
after this is that you would essentially you would filter for risk right because from here you would
-->
go in and you would search for whatever the key words that was given to you by your client right so
-->
confidential whomever the person they may have been looking for as the perpetrator anything that
-->
would give them access to knowing one step closer who that who the person was that did the thing
-->
so based on the information that we have now right we've come across a device id
-->
we've come across the ports we've even got geolocation ips right we even got our
-->
as autonomous service number right so that right there would be what's considered a forensic grade
-->
open source intelligence search does that make sense does does being able to find this type of
-->
information help you so now we're going to change your thinking a little bit right so now imagine
-->
that you're analyzing a breach in eastern europe right there's a suspicion there's a suspicious
-->
geopolitical uh ip address that just seems to keep on coming keep coming from that area right
-->
so what you would do is you would use tail net enabled routers right to see if it's still
-->
responding the reason why you would do that is because it's outside of your country and you
-->
would want to be able to find out how continuously that that network is communicating outside of this
-->
space does that make sense did it one more time okay so from there what you will look at is your
-->
dns naming conventions right you will look at the default usernames and the banners and then you
-->
will look at the server headers right and that would tell you things like if there's local
-->
exposure if it's possibly residential it's somebody that's actually here that's just using
-->
a cloud server in another country or if it's a isp managed router that's just not hard
-->
right but we really end up finding out is that the attack surface for social engineering
-->
and then potentially what's considered what's a c2 foothold for ongoing surveillance right so
-->
the reason that we got to that is because it's something that's outside of our outside of our
-->
country right and is using an attack surface to gain it's using attack service to basically to
-->
communicate false information back to us right and that c2 foothold is what's used for surveillance
-->
so it's basically one of the things that they say in cyber security is every banner is a
-->
breadcrime and every part of the story so for the next five minutes right i want you to work on a
-->
prompt and i want you to reflect on it right so the next five minutes i want you to search for
-->
publicly exposed elastic search server in our country you think you can do that okay i'm ready
-->
when you are yeah yep that's yeah that's gonna be that you probably have about another 30 minutes
-->
before you get there so the reason why we go through all of this data here i'm sorry social
-->
media is the only thing that you're looking for so once you get the information off of social media
-->
what would be your expectations from there so you want to so you want to are you so you're looking
-->
to be able to use open source intelligence with social media the information that you would gain
-->
would still have to be put into these systems in order to be able to understand them because i'm
-->
not sure i'm not sure what this class was pitched as because like when we think about open source
-->
intelligence is more so using the public information but more of the public information
-->
information labs outside of social media than within social media right so within like let's say
-->
after going through these systems the final part is social media because well we all use social
-->
media we know how we use social media but these systems are what you put the information you get
-->
out of social media into to get the information that you're looking for right so there's there's
-->
nothing directly in facebook so there's nothing directly in facebook that's going to give you the
-->
geo location of a person you're still gonna have to come take that data away from facebook and put
-->
it into one of these instances that we're talking about now to get the location or the server or
-->
the ip address does that make sense but if there's something specific you're looking for like i said
-->
i don't mind changing course we have roughly an hour and 45 minutes i'm more than willing to give
-->
that directly to whatever it is you would need so if you want to learn open source intelligence
-->
directly regarding social media we can do that is that what you're looking for what information are
-->
you looking to acquire from social media you just want to be able to protect yourself are you looking
-->
to be able to so you want to use open source so you want to use social media so this is this is
-->
how i would imagine social intelligence would be used in school right this is how my my oldest son
-->
uses social or social intelligence right so he just graduated with a mechanical engineering degree
-->
from north carolina ant what he would do is let's say his professor gave him a subject matter to work
-->
on he would use google dorks right by going into google he would isolate everything away from google
-->
they had anything they didn't have anything to do with mechanical engineering and then he would he
-->
would he would conditionally break it down right so once he had all of that information about
-->
mechanical engineering isolated then he would break it down based on the curriculums that they
-->
provided right he would break it down based on like all these different all these different
-->
indicators that he was specifically looking for right but when it comes to school and education
-->
it's it's kind of different right when you talk about facebook and instagram and things like that
-->
because it's more so in the context of there's nothing to reference right like say for example
-->
it would be illegal for you to go into facebook and then use facebook information to try to track
-->
someone right outside of legal and law purposes so that's a lot of times like in cyber security
-->
before we begin even navigating certain things we get what's called a scope right we have to
-->
have permission to touch that network does that make sense so i guess to get a better understanding
-->
in regards to open source intelligence and social media would you are you looking to protect
-->
yourself are you looking to understand how you can use social media and open source intelligence
-->
specifically so in regards to social media it's it's multiple different things you can do with it
-->
right it's about us staying within legal realms right so what you can't do is is is have a
-->
situation where someone's stalking someone on social media right that's a crime
-->
so that's why i guess i'm trying to understand i'm kind of trying to understand
-->
what what spaces in which we're looking to navigate this regarding social media because
-->
social media becomes a gray area when you're talking about infringing on other people's
-->
personal spaces does that make sense so uh i guess i just need a better understanding for
-->
what specifically you want to know because i have no problem going over it it's just that i don't
-->
want to put you i don't want to put you in a compromising position right where i'm communicating
-->
these steps to you but the end result is that you gain this information show it to someone and then
-->
it becomes a legal issue does that make sense so for example right i'm a i'm a i'm a cyber security
-->
professional right uh my best friend isn't my best friend could be nosy and not thinking
-->
anything about it he could pick my phone up and start going through my photos or going through my
-->
emails which doesn't sound like a big deal until you realize that there's a law called ecma that
-->
federally prohibits that right so even in a world where people cyberstalk even in a world where
-->
people go online and they copy paste people's pictures even in a world where we do these things
-->
they're actually illegal right there's actually there's actually laws against these things
-->
right that's the reason why i guess i'm trying to better understand the
-->
open source intelligence of social media aspects you still with me so we want to go over facebook
-->
twitter and instagram you can spend the last hour on that that's not it's not an issue i have
-->
a problem with just want to get one of a senate other understanding if you want to use osin with
-->
twitter what that's probably going to be best for is real-time location and event tracking right just
-->
based on how people use twitter right you can have sentiment analysis and grievance monitoring
-->
right with certain things go on you can use open source intelligence to be able to see
-->
how that thing is affecting different places in the world you can use it for identifying
-->
affiliations threat actors and protest groups right you can look and see if there's a campaign
-->
going on for uh spca in one region of the country versus another region of the country you can
-->
collect data in all kinds of ways right you can track leaks you can track whistleblowers you can
-->
check uh hacktivist chatter does that make sense or is that is that going in the direction that
-->
you're looking for are you sure because it doesn't sound like it's what you're looking for
-->
you sure i i don't i don't want you to feel like you're not getting your money's worth so
-->
i want to be able to assist you however which way you need like it's not a it's not a conflict
-->
for me to go over like twitter or facebook and stuff like that but i also have to i have to warn
-->
you beforehand right that this is just an introductory course right this this is no way
-->
that it could go over all the legalities that you got to stay within when using social media
-->
right for osman so as there's no way it could go through like all of the metrics that you need to
-->
be within right that's it would be unfair to say that someone would tell you that they could do
-->
that in eight hours does that make sense so it's like for example i can show you how to do things
-->
for a company i can't show you how to do things specifically for a person could you see how they're
-->
different like a company can hire me and say hey junius we have a competitor that we want to do
-->
a market analysis against right that i can do that but a person can't hire me and say hey junius i
-->
want you to do an analysis against this person right because like now i'm infringing on these
-->
per this person's rights at that point like for example you wouldn't want someone to be able to
-->
come to me and say hey i want to i want to be able to investigate evelyn and then there not be
-->
an actual like reason or a scope or something behind it does that make sense i guess you gotta
-->
to help me you gotta help me here because it doesn't sound like you're liking this training
-->
so i just need to know how you want me to course correct you want to go over open source for social
-->
media in what realms are you looking to act using showdown we're going to basically create a model
-->
right now what i can say is this everything i'm showing you for companies can be used for people
-->
and that's about as far as i can go with that if that doesn't if that makes sense 11 30. i'll give
-->
you an hour and a half of facebook and twitter and social media so just to give you a quick
-->
breakdown right for the information we're going to cover here now none of this right here is going to
-->
be on the slideshow and it's not going to be in your training manual so if you want to take notes
-->
on this part it's probably going to have to be written down does that work for you so we're going
-->
to start with facebook all right so in regards to using oh so this is what we're going to start
-->
with these are the things that facebook would be good for for or osa right so your identity
-->
confirmation right you can cross check aliases there you can look at real names you can look at
-->
usernames right you got relationship mapping right you can see who are friends who are families
-->
who's co-workers right it creates what's considered an exposure net you get to see who has devices
-->
that potentially could interconnect you can see who has maybe access to another person's password
-->
which device may have someone else's wi-fi access the source right you also get your timeline
-->
reconstruction right you got your posts you got your photos you got your check-ins like this right
-->
here will be give you what's considered a behavioral timeline is this more so stuff
-->
what you're looking for all right so example of identity confirmation right let's say that
-->
someone sent you a weird message it didn't have a name but it did have a face you could take that
-->
picture you could cross you could cross reference that picture on facebook and if there's a
-->
similarity between the two faces it would give you an identity right identity confirmation right
-->
let's say now you have this identity you have a name but you don't really know who and how you
-->
might know this person right so the next thing you would do is you would click on that person's
-->
friends families co-workers right that would create a further exposure next right
-->
the people look familiar but you really don't know where or when you know them from so you
-->
start looking through your posts and the photos and their check-ins right so from from there you
-->
begin getting what's considered a behavioral timeline right so that's your timeline reconstruction
-->
right so then from there you get your pretexting data right so that's where you find like birthdays
-->
pets hobbies right your pretexting data is the things that's the logic psychologically going
-->
to be in the back of a person's mind that could potentially be like password clues or like phishing
-->
vectors right then you're going to have like basically like your a breach investigation right
-->
so let's say you didn't found out this person's birthday you know that they got a pet you know
-->
they got certain types of hobbies it still ain't clicking right so you would then try to figure out
-->
who were friends in your group versus who are friends in their group right you would start
-->
taking the information that you've you've compiled on them and you will cross-reference
-->
against yours right and you would do in our industry what's considered a breach investigation
-->
right you're going to try to figure out who know what who knew when who knows who and who shares
-->
internal information externally right and then from there you're going to have what's considered
-->
your inside threat discovery right in the commission of asking all of these people who
-->
know what in the commission of all of these things you're going to get enough information beforehand
-->
to know one how you know the gentleman that was in the picture that sent you the information
-->
and you're going to know how to approach it does that make sense
-->
all right so like that's those forms of open source intelligence is what
-->
facebook could be good for right so again it's going to be identity confirmation relationship
-->
mapping timeline reconstruction pretext and data breach investigation and inside the insider
-->
threat discovery right so facebook osin is just not about spying it's also about correlating
-->
digital behavior with the text the technical exposure right every post is a clue every
-->
friend is a connection every tag is a tap tap right so your step-by-step process using facebook
-->
would be one you want to one you want to locate the facebook profile now neither one of us are
-->
going to be able to do this because we're one having an issue with this virtual machine but
-->
then also too we probably don't want to log into facebook right so the first thing you could do is
-->
once you find the profile that you're looking for you could do like say for example you could go into
-->
google that's like i'll show you on google now right so you go to google and then let's say
-->
remember we did site facebook instead we do facebook.com right and then you could go
-->
what we want to do uh and then you'll see it's going to pull up all the information
-->
on whatever that search you're looking for is right so you could go up here you could put
-->
it is going to give you every John Doe identified on Facebook so it's it's really no sim it's no
-->
different than what I was showing you before it's just now you're just doing it using the name
-->
Facebook does that make sense so let's say for example if somebody did something you didn't
-->
have a name but you had an email you could go we just want to throw something right in my bed
-->
let's use facebook let's use twitter and now it showed you every page that references twitter
-->
on facebook right so yeah you said that one time yep uh-huh so because of how it uh indexes pages
-->
you can have pages that are still stored from 15 20 years ago that still references that's twitter
-->
the ad symbol oh so i put the at.com because that's going to reference any user using the
-->
twitter.com domain yeah so it could be like yeah so think about it like this right
-->
yeah so think about it like this right when you set up your you set up your facebook when
-->
you set up your facebook profile you use an email that email is usually stored within your facebook
-->
profile so if you do this google dork search for all of the email addresses that use google.com
-->
for example right it's going to show you all the emails that she uses that's using
-->
uh without google.com in their account like for example and now it shows you
-->
each one is referencing google in the demo on facebook see how it's see how it's just
-->
it's just indexing right so it's just isolating all the information the way that's going to
-->
reference the thing you're looking for so let's say for example if you were looking for a name
-->
right so let's say that's a very peculiar name vernon troy right just throw a random name out
-->
there it'll show you all the random troys on facebook uh-huh so let's say if their actual
-->
name is vernon troy or their facebook page is profile is referencing vernon troy then that's
-->
what is going to rank you but it's the same way don't matter what site you are using right so
-->
the tools that i use you all the tools i've been using you all day they're the same thing right so
-->
even if we do x.com right there's only one vernon troy on x right if you want to do instagram
-->
so the steps and the tools that i've been showing you throughout the throughout the course
-->
it's it's it's all it's just i'm showing you the format and the structure it's it's on you have to
-->
go in and put whichever sites you want to use does that make sense okay but like let's say if for
-->
example you were let's say you had a case and you were looking for someone right there's there's way
-->
more stuff that you can use in that right you have you have people yeah yeah this is what you
-->
want to use for identification right so you got people that's an option right you have social
-->
searcher you got Intel X and another one that people don't think to use are the email to email
-->
the facebook id but that would show you like to figure out which one is facing towards facebook
-->
right so let's say for example you could go to say site facebook.com icloud.com
-->
and it's going to show you every time icloud has been referenced somewhere in this sea of of
-->
directories in the sea of directories there's going to be something that's going to have a list of
-->
every person that uses at icloud.com on there for their uh icloud log i mean for that facebook login
-->
the way that we use validation in this is like we look for email reuse and username collisions
-->
across like linkedin twitter github facebook does that help you so now the next thing i always
-->
communicate to people are or i communicate to clients is extract publicly available info from
-->
the pro they're from the profile right so we're gonna find uh see what kind of profile let me
-->
matter we're gonna run with we're gonna run with uh vernon troy all right so we're gonna run with
-->
vernon troy you can you can look for my page if you want to so we're gonna run vernon troy right so
-->
the next thing we want to do is we want to extract all publicly available information on
-->
vernon right so we want to go look at his about tab let's say that he had a job let's say he
-->
have photos and videos he had posts he had check-ins tags friends lists right so then about tab is
-->
always going to show you like your birthday your family your workplace the city relationship
-->
these things can be used for what we consider password vectors right they're usually the
-->
things that people look back to to say it's just easy reference for a number or space right
-->
your photos and your videos are going to show you the backgrounds of sometimes internal offices
-->
security badges devices on a business level on a personal level it might be access to credit card
-->
numbers it might give you access to a location where a person may be it might give you any
-->
pertinent information to get you one step closer than knowing who that entity is what they're doing
-->
whatever the source are right your check-ins are going to give you your like geolocation evidence
-->
right that's how you're going to know that it's not a person just lying and saying they're somewhere
-->
they really aren't there's going to actually be a a piece of metadata that's going to indicate where
-->
what server i mean what cell tower that that ping came from right depending on the people
-->
that's tagged in certain posts you can tell if they're like actually close friends if they're
-->
work associates if they're just people who hang out for certain events or that's the person that
-->
you could use as a pawn in the social engineering aspects of it right then you have your friends list
-->
right if that's visible it helps you create a social map of like how they're influenced or
-->
what their risks are so from there the next thing we would do is we would scroll down and we would
-->
see troy's timeline right and toys timeline toys toy toy's timeline will help us reconstruct like
-->
from his post history like the dates the frequency of how much he posed the subject matter
-->
right things like that that will help us give us a better understanding of how he
-->
navigates and how he moves right that's going to tell you if there's any more insider threats
-->
that's going to validate any alabas you might need to be able to check out
-->
it's going to give you an understanding in the state of mind before and after the incident right
-->
and then it's going to help you build out a pretext profile for like red team engagements
-->
so this is where you're going to build your profile before you begin to use
-->
red team contact in context right so you're going to learn about the person you're going to learn
-->
about their job you're going to learn about what they do at their job you're going to learn about
-->
them going to school where they went to school at you're going to learn about their friends
-->
you're going to learn everything that you could put together to get a basically a psychological
-->
profile of how this person is moving and interacts in the world without you even communicating with
-->
thing right so let's say we will just throw for an example let's say that troy is a contractor
-->
at a federal government agency right and his pattern is november 2023 he posts photos in
-->
the server room with new gig big responsibilities right like he's showing the people that he got a
-->
new job right then we see him in january 2024 so we're talking about less than three months later
-->
he says i'm out no more overtime for peanuts right now in february he's posting again and
-->
it says client sees unexplained data access and logs tied to that exact system right so
-->
this timeline right here will show us to connect motive access and timing to support that forensics
-->
timeline right so we know in november he was excited about his job we know in january he got
-->
fired and then in february all of a sudden now they're having breaches right that would be
-->
circumstantial evidence in the case makes sense on the opposite side let's say you got a person
-->
that tells you they've been single for the last three years right you really really like them
-->
you feel like things are going somewhere and then you look back for some odd reason it's a
-->
random day you just find you have a free time and then you look back 18 months and you realize
-->
oh he was dating someone right that would be seen as like a breach wouldn't you agree
-->
makes sense all right so once you gather that information the next thing you want to work
-->
towards is building like your relationship and your network mapping right so let's say for example
-->
you would manually if you go do it manually like you would click through each friend you would click
-->
through their mutual friends you would click through their tag post right you would get
-->
relationships with spouses same names work in the same organizations you would get employer
-->
crossovers the people that's on their timeline that work together their travel campaigns your
-->
patterns stuff like that and then let's say for example you could use more ego and social links
-->
or you could use your spider foot by yourself to automate like the relationship graphs does that
-->
make sense so you could essentially go into more ego and it would it would give you the ability to
-->
it would map out all this out for you automatically based on just that profile
-->
another one that's good to use is called hunchly right and hunchly um can you use that for like
-->
document trails and stuff like that so and using these right you will learn that like when no like
-->
when one no post five others gonna react right so what you'll happen to see is for each post
-->
if it's a person that's generally active they're gonna i mean yeah you're gonna have like four or
-->
five comments right as you continue to go through those comments you're going to start seeing the
-->
people who comment the most you're going to start seeing them show up in a certain type of way it's
-->
going to give you a fabric about this person's relationship online right so from there that's
-->
when you want to start into like looking for your wrist flags right you'll look for your
-->
indicators of hey this may or may not be the way to go with this thing right so
-->
some of the risk flags that you should look for like in the open source intelligence when using
-->
social media is like a public friend list right no one's friendly should be public in 2025
-->
right that's network exposure and that's great for like fishing and social engineering which are
-->
the things we're talking about now right you really don't want your real-time check-ins to be
-->
you don't want those to be available because those give you like what's considered location
-->
vulnerability right so what you don't want to do is have the person that's watching you on facebook
-->
see your check-ins saying you're out of the state or you're out of whatever and now they have full
-->
access to your system right another thing that would be a risk is complaints right like complaints
-->
always lead to potential insider threat or a burnout risk right so when you start seeing
-->
people get online they start complaining about their relationship or they start complaining about
-->
their job those can be insider threats right because now you're exposing information that
-->
shouldn't be made known publicly right another thing you can look for is visible family information
-->
right that's the that's the thing that's always going to be fell back to when it comes to the
-->
password reset right private photos with internal system views right so like let's say i gotta i have
-->
private photos but my private photo can't be seen but it can show how many times i've looked at it
-->
or the people who are allowed to look at it have been able to view it right that'll show you like
-->
a leak of sensitive data so maybe sometimes you're not trying to gain access to one person right but
-->
you're trying to gain access to another person through them right so your private photos and
-->
your internal system views would be a weakness in that right and then surprisingly how people
-->
share external links like that's also a big thing too because you can always pass back and forth
-->
malware and malicious campaigns that's all i mean does that help what you're trying to find
-->
or do you want like the actual like the cheat codes that's what you're trying to get me to give
-->
you i mean how how well are you with uh how well are you with code i can give you a few things
-->
on a scale of one to ten what would you say is your level of comfortability with with uh with
-->
programming uh-huh well i'm thinking for the things that you're looking for you would have
-->
to build individual scripts so like for example uh let's say basic identification on facebook
-->
right the cheat sheet really would be you going to google and going to site colon facebook.com
-->
and then putting that first and last name in right because like facebook security isn't going to give
-->
you enough access to get the things you're looking for in open source intelligence on the
-->
on the front end right but you can gain access to these things on the back end so it's like
-->
it's way easier to find a link through google that'll give you broken access than it is to
-->
give you a to find a broken link through facebook that gives you gives you access does that make
-->
sense so like when you go to the page like your basic identification information is going to be
-->
like your full name right if you're going to google you can always do like i said the site
-->
facebook.com then first name last name you could also go in and you could type like
-->
you could find what the email address is right same concept you could do phone number the same
-->
way you could do a username the same way you could do name check and location right if you
-->
were looking to find like profile information to extract right that would just be your about
-->
information your about section which would be again your birthday your school your workplace
-->
your friends that would be your mutuals your frequency stuff like that right it's just your
-->
the profile space is what you would you would extract right and then from there you would
-->
usually just you would try to find like the information that you would collect you then
-->
would just go back to google and then you would do your searches right you would do your search
-->
for the e based on the email address the person the photos the pages that they've liked or the
-->
information that they've liked their hobbies stuff like that as well as like the posts from like their
-->
locations and stuff like that right so from there i think i went through a few of the tools with you
-->
you could use intelex right and that would just be able to search like the facebook coaches the
-->
facebook post images in the metadata for you you could also do more ego and the social links right
-->
because that would give you graphical relationships and extract profile data metadata right you could
-->
then use hunchly right and that would give you the evidence capture like with the full audit trail
-->
right so let's say if you knew that person is complete like you knew their entire link for their
-->
facebook page you could put that in hunchly and hunter is going to break everything down for you
-->
about that right so another tool would be your exit tool right and that's the tool that you
-->
would use to scrub or inspect the photo metadata right and then as i showed you people and scope now
-->
like that'll show you like the names the phones the emails social accounts for people that
-->
is also along that would give you additional information alongside the information that
-->
you you provided right and then you have name checking what's my name right and that's just
-->
reverse engineering for usernames across social media platforms make sense so like the defenses
-->
that you could have against these things because i feel like you need to know those as well right is
-->
that you can set your friend list to only me you just you would remove the birthday and location
-->
from your public profile you instead of doing real life the real-time check-ins if you must
-->
if you must do a check-in do it after you leave the location that you're at
-->
like any unused accounts that you have deactivate or just purge those old old profiles
-->
any any sensitive work photos that you have delete or blur any information that could be
-->
critical to your workspace and then just with your password clues and your post just avoid posting
-->
anything that you know that you would reference as a password so i guess now we can move to instagram
-->
does that work for you is this better is this information better for you you sure
-->
okay because i don't want to have to drive down the street and come give you a personal tutorial now
-->
so let's see site again site you could do instagram.com and then we'll say Adam
-->
Scott I believe the network is blocking it but let's just say for example right
-->
when the purpose of Instagram open source intelligence would be like your
-->
identity linkage right the same kind of similar to how we did with Facebook you
-->
be able to match aliases usernames bios and profile pictures across platforms right you could
-->
also use your geolag your geolocation mapping your geolocation mapping right which will give
-->
you your real-time historical travel and post locations right you can do routine prediction
-->
based on the time of day a person posts the habits that they have and their behavior cycles
-->
right you can instead extend your social media your social network mapping right now you see
-->
which friends do they have across multiple platforms you get to see how these friends
-->
interact like and communicate you get to see if their comments change between the two spaces and
-->
then you start to reveal like what type of relationships people have right you then again
-->
also you have your image analysis which is like your screens your locations your stickers your
-->
uniforms and backgrounds it could be a street sign it could be a store location the source right
-->
and based on these things right you didn't also find your like the behavioral aspects of like
-->
risk detection right when you start finding people who brag or they dress a certain type
-->
of way online they're very very flashy or bamboyant even on the opposite side right
-->
people tired of their job tired of relationship emotional cues things like that right instagram
-->
reveals the rhythm of life where people go who they what they value and when they're the most
-->
vulnerable ocean is here about it's here mostly here is about connecting the visible with the
-->
behavioral does that make sense so the elements of recon and open source intelligence that would
-->
be most important and pertinent and so and instagram would be your username right because
-->
then you can again cross match those your bio is going to give your email aliases jobs
-->
hashtags pronouns and some of your hidden domains that you might not be wanting to provide
-->
to people right your profile photo can be reversed social reverse search to see if there's any
-->
cross-platform matches right so you can take a profile picture you can load it into google how
-->
i showed you earlier it's going to show you every other instance of that photo when that photo
-->
showed up and how long it's lived there right you could also take that photo put it into the
-->
internet archive and see if it's shown up anytime in history as well right so it just gives you an
-->
opportunity to get a a much larger a much stronger fabric in your threat in your threat model so like
-->
some of your search techniques for example right let's say you wanted to know if a username had
-->
been reused certain amount of times or how long a person has hold that held that name then what you
-->
could do is you could use like namecheck.com right or you could do what's my name.com right
-->
and what they'll do is they'll do a reverse engineering the name and they'll tell you how
-->
long each space has held that name right the next space that you could do is the email adjustments
-->
provided to your instagram to the instagram account could be used for an email lookup
-->
which would allow you to you could use uh remember i showed you intellix and pimple you could use
-->
those two for reverse engineering email lookups um again location-based recon which is going to allow
-->
you to use the hashtags this go around versus with facebook right so depending on the type of
-->
hashtags a person's using how consistent they're using them they could be building for a brand
-->
they could be so they could be just self-reflecting it would be anything that would give you the upper
-->
edge and knowing and understanding information that being provided to you right so image-based
-->
intelligence right because of the way that the way that instagram is used and the way that we
-->
navigate it right it's going to be what's considered image-based intelligence right so
-->
your image elements is going to are going to be like for example your background objects and the
-->
thing you're going to be looking for like screens id badges whiteboards brand logos on the business
-->
side but on the personal side you're going to be looking for uh addresses uh magazines in the
-->
background any any piece of pertinent information that would give you an idea of how to model this
-->
person or this idea right so from there right tattoos stars type of shoes right it might sound
-->
strange and it might sound odd but with the amount of biometric identifiers that are across the world
-->
right now it's very easy to like attach these i could find these type of things pulled out of
-->
metadata on instagram so then another thing you can look out for is like visible screens right
-->
what type of software are on these screens what is a person watching is this person chatting can
-->
we see any internal tools whatever the case might be right and then the one of the most important
-->
ones to me are clocks and watches right a clock and a watch is going to specifically give you a
-->
piece of time in history with that right like these screenshots and label photos like screenshot
-->
when you when you're collecting this information you don't want to do anything with it you just
-->
want a screenshot and you want a time stamp right because that's how you're going to present that
-->
data in your chain of custody so another thing you would look out with what you would you would
-->
engage with when trying to do osin on on instagram would be geolocation and routine mapping right so
-->
you're gonna have your geotech post that's gonna tell you what person is you're gonna have your
-->
consistent venues right like your your gyms your bars you're gonna have your libraries things like
-->
that you're going to pick up on when this person is going to the the coffee shop to go and get
-->
work done you're going to know when this person is going to feed the pets on the weekend it's all
-->
going to be shown to you based on how they navigate social media right you're going to also
-->
again be able to use those check-ins with the stories and you're going to be able to
-->
essentially create behavioral heat maps right because the things people place in their stories
-->
and the bubbles above their posts usually indicate what's the importance to them or what things
-->
they're willing to share with the world right usually these posts and these pieces of information
-->
are going to be attached to hashtags right so the worst thing you could ever do is have a hashtag
-->
like hashtag lax or hashtag delta airlines or hashtag spirit right because now the person knows
-->
based on you posting that tag the location that you're in like a good chance when you're going
-->
to be back does that make sense so like some of the things behaviorally that we look for
-->
right when doing a risk assessment with face with facebook with instagram right is like you
-->
you're usually going to find like emotional venting right you're going to find people bragging
-->
you're going to find party life you're going to find political and religious tags and then like
-->
so every now and again you're going to run into that sudden account wife right like you
-->
was following a person you was you you were you were looking you were gaining access and boom
-->
they just disappeared right so like those are the things that we need in a risk assessment right
-->
you could be looking into a person and that account could have been up for three or four
-->
or five years and now they're looking there's an investigation into them now they delete everything
-->
so now this is when you get this is when you reach out to facebook and you get them to pull
-->
the back end data for you make sense all right so like in this space like
-->
what you want to be looking for is usernames that match the alias or the spaces that you've
-->
already looked in right so we've already looked at facebook we looked at vernon troy let's say
-->
now we in instagram and showing up vernon choice here again it's 700 vernon troy profiles however
-->
this one has the same it has the profile picture of a picture that we found in vernon's facebook
-->
page right so now we've confirmed that this username and this person is the same person
-->
right another thing we would look at is like account is private but it still has like tag
-->
stuff visible right so you ever notice how you come to the account but the account might be
-->
private on instagram but for some odd reason if you end up coming back out to your like your main
-->
page and you start scrolling down you will find that instagram will glitch and it'll show you the
-->
person's information so like that's when you start having data leaks because of your friends
-->
so let's say for example you and i are in a picture your profile is personal my profile
-->
is not personal we both have the picture right your picture is no longer private because your
-->
your picture can be seen from via my page does that make sense all right so another thing to
-->
look out for is like your real time like i said again before real time posting just like with
-->
facebook you really don't want to give a person the idea of how much time they have to respond
-->
or defend or offend if that makes sense and you always want to watch out just i tell people if
-->
i'm ever doing anything with technology i try to if it's not work related i keep my phone away from
-->
it i keep everything personal from that space right because the last thing i wanted to be doing
-->
the screen record or i'd be recording something for a person and now something that shouldn't
-->
be out there is out there so the tools just like i gave you tools for facebook i'm gonna give you
-->
tools for instagram too right so you want to use your name check and what's my name right and those
-->
are going to help you with your username tracking across platforms right let's say you get to
-->
instagram and you find the thing that you're looking for you can put that name in name check
-->
and what's going to happen is it's going to give you all the other publicly facing profiles that
-->
use that same name right you can go to intelex again and then that would give you the historical
-->
and hidden ig content search right so that's going to be kind of like what you've seen on
-->
the wayback machine on the internet archive how it showed you the interaction and activity based
-->
on the on the on the on the material it's going to be like that again one that we haven't talked
-->
about is called pym eyes right or you can use what's called yandex reverse engine right both
-->
of them are facial recognition systems and it's just neck recognition there facial recognition
-->
system used for photo tracking and what you do is you extract your pictures from instagram right and
-->
then you would drop them into pym eyes and then pym eyes will give you every piece of information
-->
available about that person online anytime they was caught on cctv anytime that person
-->
uh swiped in the way the information is provided publicly the source right then again that
-->
information can also be put into more ego right and then it'll give you a graphical layout of
-->
how that person has moved and navigated and again access tools and hunched right so what you
-->
want to do is so basically you want to target you're going to find your you want to find your
-->
target profile you want your profile in that bio then archive whether it's by a screenshot
-->
or using whichever system or software you're going to use you want that username searched
-->
across other platforms you want your photos review for identify the metadata you want your
-->
tag posts and your locations to be reviewed you want your posting behavior to be mapped because
-->
you want to know what the frequency is of a person posting in the day and you want to know
-->
the time of day they usually post you want your you want their friends and followers to be grabbed
-->
as well and then you also want your key evidence to be locked does it fit your needs all right
-->
want to move to x so here's why x matters for osin right so you got your real time incident
-->
detection right you always have what's considered crisis chatter your breach announcements and your
-->
protest track and that's always going to happen first on x right another thing that you can use
-->
on there is your identity resolution right again move back to aliases usernames profile image
-->
matching right um you have your threat actor monitoring right you got your activist groups
-->
your disgruntled insiders your exploit discussions you also have your sentiment and motive analysis
-->
right you got your frustration your whistleblowing your target intentions and then you also that's
-->
when you get your timeline building right you got your behavior before doing it after certain
-->
things occur now that's on the business side on the personal side your real-time incident detection
-->
that's usually when you see things pop off right that's when you see that there's a consistent
-->
chatter or flow or there's a build up a certain thing in the community and now it's starting to
-->
spill over into social media specifically x right that's when x is usually where you're going to
-->
find out that something went wrong first right and that's usually when you're going to start
-->
being able to see where that thing went wrong builds into enough people that want to act right
-->
we've already covered identity resolution uh threat actor monitoring right uh sometimes you
-->
want to be able to keep an eye on a person just in case right so let's say for example you had a
-->
post you made someone made a joke you really didn't find it funny it wasn't it was offensive
-->
it just didn't seem like it landed well right you might not want to block that person but you might
-->
just want to wanted to them differently right so that might go from you seeing that post on
-->
your page that they responded to that you didn't like to you may be going to their page to see if
-->
there's a consistency in them posting that way right maybe it's person trolling maybe it's a
-->
person really feels these views feel these views but that's one of the things that we end up using
-->
x for a lot right uh sentiment and motivative analysis right uh you can usually kind of tell
-->
when a per how a person ticks based on their twitter account right you can tell if a person
-->
is pretty happy-go-lucky you can tell if a person is going to flow you can tell a person
-->
is high strong based on how they navigate twitter right and based on these things you build a
-->
timeline that would give you enough information to begin your uh your social your social engineering
-->
scope so one of the things i tell people all the time is like x is often well truth is often hidden
-->
between the hashtags and x so you can't just capture tweets you got to capture timelines and
-->
tint and the digital behavior right like it's so easy to take something out of context there
-->
like it's just that you got to be hyper aware of it uh maybe if you want to be able to see how this
-->
works you can pull up your own personal browser and you go to your x account the same way we use
-->
the google dorking uh google dorking uses is the same thing you could do inside x but if you want we
-->
can see real time using google just continuing to dork that way so in google right i mean in
-->
in x for example right you could use the operator from right and it'll show you it'll it'll show you
-->
the views from that person does that make sense now if you use the to operator in in x then it'll
-->
show you who is sending messages who's sending tweets to that person right you can also add to
-->
that into that to or that from a sense or a until right so it that's considered what's called a date
-->
bound search right so if you put since let's say 2024 right it's going to show you every message
-->
from the beginning of 2024 up to present day based on that person being sent or receiving messages
-->
right if you put until it's going to give you everything up to that date and behind it right so
-->
that's just how date bound searches work does that make sense it's working it's sticking with you
-->
all right so these operators would go into the search box and twitter i mean x the same way we
-->
did with google make sense all right so the next one is of course you can use quotations
-->
and if whatever the exact phrase is it's going to search for that specific phrase or that specific
-->
topic um you can use near right and you can use near colon and then you can use a state and then
-->
that'll be what's considered a geo targeted tweet search right so then you could pull all the geo
-->
you could pull all of the posts from that specific area in a specific time if you wanted to
-->
right you could also go through and you can say like a boolean logic right so you can say
-->
this or that right you can say green or blue right and it'll it'll pull everything green
-->
or blue so like another thing that you can do is consider user enumeration right like
-->
enumeration is where you go to like information right that's the recon is gathering the information
-->
and gaining gaining all of the data that you're going to use for your search and then enumeration
-->
is gaining is is the research that you do to you still there okay all right so user enumeration
-->
would be the space where like now that we've extracted the data we're beginning to see what
-->
we can do with it right so let's say for example from your profile scan right you would have
-->
extracted your bio your your their url their followers and who they follow their join date
-->
their location right from their username reuse you would have gotten the information that you
-->
got provided from name check from the reverse image right on the photos you would have got a
-->
run avatar right you would have ran that avatar through google lens or yandex or pemex or pymaz
-->
i'm sorry and then you would have done email correlation right if that email was leaked then
-->
you could search for that account on spaces like have you ever heard of i have been pawned
-->
so there's a website out there that's named i have been pawned that we use for leaked data sets
-->
right and you could use that for email correlations right that's what we used to
-->
get found if you've been breached or if someone's user information and things of the sorts
-->
right you could also use that twitter id lookup and enumeration to convert the username to ids
-->
that could be used for like scripting and stuff like that so a few tools you can use with twitter
-->
or x is for example it's an open source tool that you can kind of create and build your own scripts
-->
for named twins so twin will allow you to scrape tweets followers bios and you don't even need an
-->
api to do that right then you got tweet beaver right tweet beaver will extract the followers
-->
for you and extract the lights the retweets the bio and the history but you do need the ip for that
-->
api for that so then you have social bearing right that's another tool that you could use
-->
that analyzes the tweet frequency the engagement and their keyword heat maps you then again of
-->
course have intel x that's always going to be a go-to hunchly is always going to be a go-to and
-->
more ego was always going to be a go-to so in intelex for this scenario right you want to search
-->
old tweets and deactivated accounts in regards to hunchly you want to be able to log your tweet
-->
threads and their timelines and the metadata with the audit trail that's provided with it
-->
and you want to use morph ego to be able to correlate to twitter accounts so from there
-->
right we're gonna go to your imaging your images and your metadata intelligence right so based on
-->
what in these things are you looking for right so in your posted images you want to be looking for
-->
again your badges your screens your monitors your internal docs your type of clothing how does a
-->
person see themselves how have they decorated their home is there a pet is there anything
-->
that's just laying around anything that you can use to create your map right you're going to use
-->
your pro you want to take their profile picture you're going to put that into google you're going
-->
to see if that profile picture matches anything else right you're going to take so let me show you
-->
through like google dorkman so for example let's say based on the things i communicated to you right
-->
you go from we'll say vernon choice but now it shows us every time on the instagram site from
-->
2025 from may 5th 2025 to present day every time that vernon troy is referencing instagram
-->
is this what you want to see i'm sorry what you mean uh you want me to log into instagram and
-->
and bitch and bur and action and do this did you put a space in between
-->
have you refreshed your page try erasing it and placing it again uh it's fight poland
-->
instagram.com space from colon 2025 that's zero five that's zero five space yes can you attempt to
-->
use a different tab okay that's odd i'm gonna see if i can if i retype it will it come back site
-->
instagram dot com from
-->
came back from me uh we could try a different browser you want to type www.go.com that might
-->
work as well i don't got that here that's weird that's coming up for you now instagram yeah
-->
all right so as you've seen before like the four indicator showed us here right and then
-->
so sometimes depending on your metadata right i mean not your metadata sometimes based on like how
-->
you how you scour how you search the internet it may not show up the same right so let's say for
-->
example if we put news for example right news should look different from mass versus yours
-->
because how we view news is different does that make sense using that same example i want to change
-->
from to two right and it's going to give you all of those posts up to so now the posts have changed
-->
due to it being a reverse and the only thing that's still showing at the top is the similar
-->
is the same one here and we see that based on the date here still making sense you could also do
-->
you can also search for different types of you can search for users you see each time
-->
it's on instagram as well as you can see every time something was sent to them
-->
every time something was sent from them do you see what i mean when i say that the just the
-->
the ability to google dork doesn't change based on the venue because you can do all
-->
of these things through google so you can also go in and you can look for
-->
exact phrases as you've already seen i like to use quotation marks
-->
right you can go in and you can say near Tomic it'll show you all of the post near the Potomac
-->
you could do boolean right so you could go apples or just let me go here we'll see whatever picture
-->
it's going to consist of apples or oranges or we're going to see any post that communicates
-->
about apples or oranges on its x right we can do and it's going to provide you anything with apple
-->
and oranges so that's boolean makes sense as well so that what you wanted to see so we were okay
-->
all right so the same way let's say for example if i can find an image image from x we could take
-->
this image we can put it here and now i see how google uses that the reference and show us anything
-->
that's remotely close to it so we see that these are the same so this is the only time that this
-->
shows up specifically is this all right so now we know that this is the indicator for this piece
-->
of image right uh let me see if exit tool will work right now so the issue i'm having this is
-->
not wanting to let me log in anything but let's say for example we would take that picture we would
-->
put it into xf2 and then it would give us the metadata on the back side so it would tell us
-->
where it originally came from it would give us the geolocation for where it came from and it
-->
would also provide us with who the original owner was so you could erase that information
-->
and then it would just be lost until we found the picture again or you could manipulate the
-->
information and make it look like somebody that somebody else did it somebody else created and
-->
center so in that space right we get back to the pictures you want to talk about again the things
-->
that you can see in the image right because you can have you can hide data and photos right you
-->
always want to be able to see how many times that picture has been reused you always want to take the
-->
screenshot and get your times your urls and stuff like that and you also want to be able to
-->
present this information in a way where like whenever you want to engage with a person based
-->
on it you can right so now we're going to talk about like timeline analysis right we've talked
-->
about timeline analysis with facebook instagram with x is slightly different right so you're
-->
going to have what's like your pre-breach space right that's going to be before you had complaints
-->
that's going to be before they had issues that's going to be before that's going to be when
-->
everything was good they had at the height of their lives right then you're gonna have that
-->
time frame where something changed and things were different right you're going to be able to see
-->
where now complaints are starting to form you're going to start see now where maybe they dress a
-->
certain type of way but now they're changing the way that their they dress has changed
-->
right you're going to see the person go from being happy go lucky to now being stressed right
-->
right that's going to create a certain type of an analysis right from there you're going to start
-->
seeing how that person tweets right you're going to see how what type of mass they did that person
-->
is in and then you're going to also see like what type of patterns they're in right so for example
-->
sometimes people get anxious in the midst of situations they start deleting things right
-->
sometimes in the midst of circumstances people start to archive things right but you start to
-->
see that the page changes based on the feeling of the person and how they respond to it right and
-->
then you get to a space where if that person is stuck in that loop is what we consider like a
-->
repeat offender right it's always going to be the same rant they always hang around the same people
-->
that got the same rants and they only support the things that rant about the same people right so
-->
you never want to be in a space with your timeline analysis where you get to the point
-->
where you're looking at the repeat offender stage right where we're talking about like
-->
the similar rants affiliations and like the different ties or whatnot and
-->
mistake that for being the the overarching identity of the person right it's only a small
-->
time frame in that timeline does that make sense so like the things you want to look out for and
-->
this is like a person bragging about knowing certain things or doing certain things engaging a certain
-->
way um where x screenshots are always going to be important because that's all more times than that
-->
that's where your accidental leaks come from right uh always look for disgruntled or aggro
-->
aggressive tweets you're always going to want to post like you never want to post your work
-->
travel stuff in real time of course again and then your rapid account deletion right after an
-->
incident right like if you're trying to prevent a forensic trail that's always going to be the
-->
biggest red flag in anything so we was to go through let's say for example we go through a
-->
workflow with how you want to address something with x right you would first thing you want to
-->
do is archive the profile because things change way too quickly there right in that archive you're
-->
going to have usernames so you want to search those usernames across the rest of the platforms
-->
you also then want to turn around and you want to tweet you want that tweet timeline downloaded
-->
right you can either use twint for that or you can just manually scroll and highlight everything
-->
you just download it right from next you want to analyze that tweet timeline and you want to flag
-->
all posts that would be considered like behavioral or a risk or anything that would be uh indicated
-->
for how that person's behavior this paper is navigating life right so from there you would
-->
essentially find out who their followers or who they are following and then you would put them in
-->
these categories based on the affiliation and then from there based on the people you found
-->
you do your image content cataloging right so you start finding your screen you start taking
-->
your screenshots you start looking for locations you start going through your metadata and the
-->
source to get your timeline right and then once your evidence change is maintained just engage
-->
however you see fit whether that be litigation whether that be confront confrontation of confronting
-->
the person or just continuous analysis the monitoring does that make sense okay so
-->
uh i gave you workflow checklist on those two i don't think i gave you one for
-->
facebook actually so like when using facebook what you want to do is like you want to have your
-->
profile archived again same concept you want screenshots you want your logs you make sure
-->
all your names your usernames your facebook ids are recorded you want to make sure that your
-->
timeline of posts and your events are created you want to make sure that you got an affiliation map
-->
based on how you've separated and sectionalize section out that person's life you want to make
-->
sure you can identify all potential risk indicators and then you want to make sure that
-->
it's packaged in a way where you don't have any loose ends sound good so i was told that i had to
-->
cut short at the last i think some 30 minutes or whatnot five minutes 15 minutes so that you could
-->
do a questionnaire you want to do that now okay so you you don't have any questions okay no what i
-->
was asking was so at some point in time in the next 20 minutes we'll have to stop so you can do
-->
the questionnaire remember when we first started the gentleman said that he had a questionnaire
-->
for you to do at the end so at some point you have to you have to we have to start that as well
-->
but before i guess before we get there would there be any other questions that you have in
-->
regards to social media open source intelligence is there anything you would like for me to
-->
specifically show you anything you specifically like to go over anything that you feel like may
-->
be missing from this anything i can do to help so geopolitical spaces
-->
mm-hmm okay so for example you could do site you do let's say we'll do X you could say for
-->
example Palestine breaking news right breaking news is going to give you everything that's
-->
current on palestine right so you could go also in and you could say from well you could say until
-->
right we will say 2020
-->
february second so if you notice when we look at this map we don't see anything about the current
-->
issues going on in palestine if we do from opposite direction see now how all we see is
-->
the palestinian israeli war so that would be a way that you could essentially extract uh
-->
geopolitical information right you could go in you could put this information in you could also
-->
add at musk right and it's going to show you every time elon has had something to say about
-->
palestine so this is this would be basically your your reference to
-->
be able to extract information in a way where you didn't have to just scour across
-->
hours upon hours of data you could find your you could find a particular artist you could find a
-->
particular journalist you could find a particular activist leader you could find anything that you
-->
were looking for and then once you were able to pool all that data together you would be able to
-->
do the research to get to the centralized information you're looking for does that make
-->
sense do you want to try one you're amazing the things you see let me see how much i type the same
-->
thing here i got some good news see how good news comes up different because i assume that
-->
this is something you've actually personally looked at at some point on x because if you
-->
notice it's just offset by that one thing if you notice anything else i could show you
-->
do you feel like you you do you do you understand it a little bit better or
-->
is anything else i can help you with okay so this is what i tell people it's way easier to learn
-->
google google dorking and then use the sites that you're looking for via that than it is to
-->
essentially try to use open source intelligence for that right because your indicators for
-->
cyber security using open source intelligence using those three platforms it's going to give
-->
you redundant data right which is is is it's great at recon but as you start getting down the road
-->
it starts to become tasking if that makes sense so now that we made it to the last 15 minutes
-->
if you can do me a favor check your email and see if he's provided you with possibly a
-->
questionnaire i think he may have a questionnaire he wants you to fill out
-->
i wish food was provided
-->
and do know if by any chance you have any questions that you want to ask after the training you by
-->
all means you more than open to you i'm more than open to you communicating with me if you ever in
-->
dc and you want to just see where the operation looks like then that means reach out to me i'll
-->
show you a few things let me know once you've completed the questionnaire okay so we have 14
-->
minutes left now i've gotten to the conclusion we've successfully gone through the introductory
-->
introduction of open source intelligence um you've seen how much public information can be used to
-->
gain access to information that people wouldn't think would be accessible you've seen how something
-->
as simple as posting on social media can become detrimental to your integrity of the information
-->
around you you've also noticed you've also learned how to use things like google dorking and various
-->
other osin techniques and tools to be able to um find more information to gather more details about
-->
a situation and circumstance uh on a scale of one to ten how would you rate the trainer
-->
honest opinion i said on a scale from one to ten how would you rate the trainer
-->
no judgment no way
-->
thank you uh what things do you think i could have done better and what things do you think
-->
were perfectly fine okay yeah that makes sense um i'm not sure i can reach out to them that may be
-->
something that's available in the future um what is something you would like to take this
-->
information you've gained and utilize it for uh yes i believe so so this is what i'll say if you
-->
can have if you have five people in the dmv area i have no problem uh and leading the class so if
-->
you want to if you know four other people that will sign up for a course with you then if you want
-->
to reach out to noble prog and say hey i'd love to do an in-person in-person training i've spoken
-->
with juniors he said perfectly fine i don't see why there'd be an issue with it but like i said
-->
if you would like you i'll you can reach me at contact at intelligent securities group.com
-->
and any questions you have i have no problem with assisting you in whichever way i can
-->
sound good are you satisfied with the information you've received okay good good good i try to leave
-->
make sure everyone leaves satisfied so at this point we can pretty much bring this to a close
-->
if you like no more questions it's been a pleasure being your trainer and i hope that i can hear from
-->
you again you know if you ever need another training in the future you're welcome