Blog Categories
Training, methodology, and not dying in a ball of twisted metal
Here at ShadowDragon, since 2008 we have been building world class OSINT tools and cyber security products. From SocialNet to OIMonitor to Malnet, we’ve put together solutions for solving problems,…
Where does operational security begin?
Over the course of the last few months, we’ve blogged about finding bad guys by guessing emails, mapping friends, understanding emotional behavior, and leveraging laziness and poor password habits. All…
Becoming Dark Web Rambo
There’s a lot of mystery that surrounds the dark web–surprisingly, even in the information security space. I’ve met a huge swath of capable engineers and developers who can explain the…
Cutting your teeth on ShadowDragon’s advanced CTF
We’ve talked in recent weeks about the importance of training and the methodology behind it. Much of the OSINT work we do is focused on the social aspects and footprint…
Fishing with a Subaru
There comes a time in some OSINT investigations where we have accurately identified our target’s profiles, lifestyle, and communication platforms, but we still aren’t quite to the point of pinpointing…
Background Checks & Due Diligence
Many years ago, when I was in college, I had a job at a large retailer. It involved all of the normal retail-y things: stocking, checking, unloading trucks, helping customers,…
Unmasking a carder with OSINT
Today, we will be exploring the world of carding a bit and following the path of a kid on his way to becoming a full-fledged carder. I spent about an…
The Cult of Musk – The OSINT Edition
I have always been a bit of a gear head. From when I was kid in a room plastered with posters of the Dodge Viper, Porsche 911, or a Lamborghini…
Iran and OSINT Hunting for Fun & Profit.
Today, I’m going to go on a very basic hunting adventure. Every so often, I do stuff like this for “fun”. There’s no deep takeaway here –– just some basic…
What’s in an email address?
A few weeks ago we went over an interesting way to pivot from breached data passwords to a target by virtue of the lazy way many people reuse the same…
Into the Breach
We’ve all heard the advice a million times, “Don’t use the same password on different websites.” Unfortunately, (or fortunately, depending on our motivations) many users make this exact mistake. In…
Bad moods = Bad decisions
As a developer and OSINT investigator, I often come across other investigators that are researching a target online and have “hit a wall,” so to speak. “I’ve hit a dead-end,…