Big shoutout to KASM for sponsoring this video. KASM workspaces supports the OSINT Community Efforts by providing the following products: Kasm Community Edition: kasmweb.com/community-edition Kasm Cloud OSINT: kasmweb.com/cloud-personal Kasm Workspaces OSINT Platform for Professionals/: kasmweb.com/osint Kasm Infrastructure/Apps for OSINT Collection: registry.kasmweb.com/1.0/ // MJ Banias’ SOCIALS // LinkedIn: www.linkedin.com/in/mjbanias Cloak and Dagger Podcast (Spotify): open.spotify.com/show/6mT8zDMBq5gOfAVZi47pT3 The Debrief: thedebrief.org/podcasts/ Instagram: instagram.com/mjbanias/ X: x.com/mjbanias Website: www.bullshithunting.com/ // Ritu Gill’ SOCIALS // LinkedIn: www.linkedin.com/in/ritugill-osinttechniques/ OSINT Techniques website: www.osinttechniques.com/ Instagram: www.osinttechniques.com/ X: x.com/osinttechniques KZbin: www.youtube.com/@ForensicOSINT Forensic OSINT website: www.forensicosint.com/ TikTok: www.tiktok.com/@osint.techniques // Rae Baker’s SOCIALS // Website: www.raebaker.net/ LinkedIn: linkedin.com/in/raebakerosint X: x.com/wondersmith_rae // Eliot Higgins’ SOCIALS // Bellingcat website: www.bellingcat.com/author/eliothiggins/ X: x.com/eliothiggins // Books // The UFO People: A Curious Culture by MJ Banias: USA: amzn.to/3xP5Jme UK: amzn.to/4cOrzoK Deep Dive: Exploring the Real-world Value of Open Source Intelligence by Rae Baker and Micah Hoffman: USA: amzn.to/3xFN9gv UK: amzn.to/3zJSy6z We Are Bellingcat: Global Crime, Online Sleuths, and the Bold Future of News by Eliot Higgins: USA: amzn.to/3RXNa64 UK: amzn.to/4cvYP4B // KZbin video REFERENCE // Top 10 FREE OSINT tools (with demos): kzbin.info/www/bejne/hoPUgJ1rprJkn8U Deep Dive OSINT: kzbin.info/www/bejne/mqnMf3Wvq9Cpi5o Best Hacking Python Book: kzbin.info/www/bejne/aHOaZ3aKl85qaNk She Hacked Me: kzbin.info/www/bejne/i2fTdaR8nbNraKs // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming up 00:41 - 00:41 - Sponsored Section: KASM Workspaces demo 06:26 - Intro 06:46 - MJ’s Journey in OSINT 11:14 - Starting an OSINT Company 11:55 - Teaching Background 12:34 - Years in OSINT 13:19 - Advice for People Starting Out 15:44 - What It Means to Do OSINT 16:54 - Recommended Tools for OSINT 19:03 - Meet Ritu Gil 19:09 - Characteristics of a Good OSINT Investigator 20:03 - Knowing When to Give Up 20:43 - Soft Skills vs Technical Skills 22:17 - Ritu’s Advice on How to Get Started 23:24 - Are There Jobs in OSINT? 24:39 - Forensic OSINT Demo 26:41 - Tinder Vulnerabilities 30:51 - Next Guest Intro 32:04 - Rae Baker 32:33 - Tools Rae Uses 34:11 - From Graphic Design to OSINT 37:56 - Volunteering to Learn 39:10 - Next Guest Intro 40:10 - Eliot Higgins 40:19 - Eliot’s Background into OSINT 41:44 - Bellingcat 44:27 - No Degree Needed to Start 45:37 - Useful Tools to Use 47:19 - Advice for People Starting Out 48:36 - Communities to Join 51:50 - Recommended Books 53:03 - How MJ Got the Job 55:53 - MJ Shares an OSINT Story 01:02:44 - Importance of a Team 01:08:15 - Conclusion 01:10:34 - Outro osint open-source intelligence open source intelligence tools osint curious geolocation geolocation game facebook instagram google bing yandex geolocation google geolocation bing you cannot hide social media warning about social media google dorks dorks google osintgram osint framework osint tools osint tv osint ukraine osint tutorial osint course osint instagram osint framework tutorial cyber security information security open-source intelligence open source intelligence sans institute cybersecurity training cyber security training information security training what is osint open source artificial intelligence cyber hack privacy nsa oscp ceh Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #osint #cyber #privacy
@Hartley943 ай бұрын
Thanks David.
@ForensicOSINT2 ай бұрын
Thanks so much for having me on your show! I had a blast talking about OSINT with you!
@funwisely3 ай бұрын
Thank you David for training public on privacy, security & related tools.
@Heavy1463 ай бұрын
Thanks for sharing... Definitely in your Top 5 videos for 24 so far. Appreciated
@OfficialSethro3 ай бұрын
If you can’t erase yourself, put out as much false information as you can. Those ad survey sites are a good place to start. When I get looked up all the real information is gone, and my age etc are all wrong including my address
@kevinmitchnik7022 ай бұрын
if you only have 5 bucks to spend, spend it on noise!🫡👍🏻
@RobbieFlores3 ай бұрын
This channel keeps getting better. The value is just incredible.
@dylanvooski3 ай бұрын
Always great content David. I enjoy watching and learning more everyday.
@davidbombal3 ай бұрын
Thank you! I hope you enjoy the video 😀
@dimcx50113 ай бұрын
The best way to be invisible is to be offline.
@ion1992Ай бұрын
tell that to people that run buissneses
@kro3qАй бұрын
the only way*
@MohammedAli-rn5dp3 ай бұрын
you do not know how much i respect you as a Human and A Person 🌻
@x2phat2cmytoes2 ай бұрын
Anyone else notice these profiles commenting have *username -rn5dp* ... are these AI bots or?
@andyzot27 күн бұрын
This, as always is a great video, with superb guests and interesting content. However, as someone based in the UK, how do you find working on OSINT in the UK, GDPR, many of the tools, resources and sites are USA oriented. I think a UK focussed video would be great!
@UziUzi-tz3wc3 ай бұрын
Hey David, you're an incredible human being, however I want to ask you... Why do you use Google in a video where the content is privacy? I know people in cybersecurity prefer other search engines to avoid being fingerprinted, and most of us in this space don't want our data to be sold to 3rd parties. Note: I don't want to sound hostile, just a curious person.
@Vpaq2 ай бұрын
Well if he's using Kasm then Google is fingerprinting a container.
@thebeaconnetwork3 ай бұрын
Great info. Kasm is a good resource. Do you have the same disposable container space when using and shutting down OS's in something like Virtualbox or Parallels Desktop?
@circuitmasters52582 ай бұрын
I'm 15 years into linux and python now and its a journey
@Kenoi_3 ай бұрын
What’s the catch with KASM? What are the cons. It can’t be perfect so what are you sacrificing?
@hellamean2 ай бұрын
I think the pros are way better. Cons could just be slow because it uses Tor. Anyway, whatever. I’d just stick with the pros and use it to find the rest out myself.
@KasmWorkspaces2 ай бұрын
HI, where possible we try to limit the catches. For example, we do have cloud SaaS offerings for those who want a quick and convenient solution without administrative burdens, but we also offer self-hosted solutions in your private could , on-prem or even air-gapped if you'd prefer to run the full stack yourself. In either case, the technology works by streaming the pixels of whats occurring within the session to your local browser. This is the gap or "chasm" that provides the security and privacy benefits for your local machine. Naturally this means your experience will be limited by your bandwidth and latency between you and wherever you have the Kasm deployment located. I'd say this is the main limiting factor. There are options in the app to tune for poor connectivity but at a certain point it wont be a good experience.
@Kenoi_2 ай бұрын
@@KasmWorkspaces makes sense, thanks for the info!
@IndyAdvant3 ай бұрын
Awesome video! What about logging into accounts on KASM? I imagine there's still some risk using at our own discretion, do you feel safe signing into your company accounts on this KASM? Sometimes admins may need to sign into their company accounts to pull up the things they want to test. Curious your thoughts.
@KasmWorkspaces2 ай бұрын
This is a good question and healthy skepticism. We understand that different folks have different sensitivities (or regulations) when it comes to security and privacy. Thats why we offer a number of options of how you can use and deploy Kasm. For individuals we have the cloud SaaS solutions, but also the ability to run the Kasm Workspaces Community edition on-prem so that you are in complete control of your environment and data. For business we offer single-tenant SaaS deploys as well as private-cloud and on-prem deploys - to include fully airgapped.
@hellamean2 ай бұрын
This is good. That Forensic Tool is like OSIRT. Perfect for OSINT Forensics Investigations and LE Investigations. Good thing with OSIRT is that it can create for you a unique hash as well, but I’m not familiar with Forensic OSINT though. Thanks very much for this. Very helpful and informative.
@ForensicOSINT2 ай бұрын
Thank you for your comment! Forensic OSINT is indeed a powerful tool for OSINT and LE investigations. One of its key features is the ability to save online material and ensure it’s properly documented It also creates unique hashes, it offers a range of features such as video download, auto-expanding comments, data extraction, and more to support comprehensive investigations.
@hellamean2 ай бұрын
@@ForensicOSINT That is awesome. I’d love to use that tool and introduce other LEO’s to use it if you’re willing to give a trial, I’ll connect the LEOs I have contact with to you who are interested in using the tool as well. We’ve connected on LinkedIn, so we can carry on from there.
@hellamean2 ай бұрын
@@ForensicOSINT That sounds awesome. I would really love to use that tool as it sounds more advanced than OSIRT as well.
@hellamean2 ай бұрын
@@ForensicOSINT A Federal Agent I have communication with have given really good remarks about you as well. Maybe if you can provide us a trial and I can refer you to some agents as well, it’ll be helpful to use your tool for LE Investigations.
@ForensicOSINT2 ай бұрын
@@hellamean Definitely worth trying out to see if you like it! I don't think you would be disappointed :)
@alifibnetouheed39602 ай бұрын
David you are also no less high profile. You should also share how you maintain your privacy online.
@robert83 ай бұрын
I have a question, does Kasm hide my browsing history from my ISP?
@KasmWorkspaces2 ай бұрын
Hi, the short answer is Yes, but because there are many ways to deploy Kasm the answer is : it depends. If you were to sign up for our Kasm Cloud OSINT solution: yes. If you were to deploy Kasm Workspace to your private VPS in the cloud: yes. If you deploy Kasm Workspace in a local VM (that uses your same ISP) : no. In that case you still have several options like using the Tor workspace, and layering a VPN that would hide your browser activity
@beachbumsailordude2 ай бұрын
Very interesting topic. I like hunting online so this has peaked my curiosity.
@rbw96923 ай бұрын
Im totally Intrigued by MJ’s background 😂. And once again good video!
@dawidvanstraaten3 ай бұрын
MJ's a total legend
@masterfitter832 ай бұрын
Definitely would like to hear more on the subject
@frinko19763 ай бұрын
Sorry to tell you that, YOU ARE THE BEST!
@cameronrich25363 ай бұрын
Step 1 purchase a guy fawkes mask
@aussiegruber863 ай бұрын
Ok done, what’s next
@claussanta23413 ай бұрын
@@aussiegruber86 buy black hoodie
@Hebdomad73 ай бұрын
2. Ship it to home address. 3. Shipping account gets compromised showing your address and that you bought a guy fawkes mask.
@cameronrich25363 ай бұрын
@@Hebdomad7 a.k.a moms house
@chaithanyasurya19972 ай бұрын
😂
@uchihamadara58203 ай бұрын
Hello David, I very like OTW. Can you and him do video with Metasploit because it's really difficult tool. Thanks )
@Growler-F183 ай бұрын
I luv it, David's guest holds up at Tim Hortons coffee cup @53:00 minutes into the interview 😂😂😂❤❤😅
@ForensicOSINT2 ай бұрын
🇨🇦🇨🇦🇨🇦
@GaviI-km5fo3 ай бұрын
hey so I've got a question during the tinder part she showed that the birthdate is open to see . however when trying to recreate the scenario with multiple different accounts the year was correct however the month and date were the same. anyone know why that is?
@doordashchic3 ай бұрын
Awesome find
@ForensicOSINT2 ай бұрын
The Tinder OSINT technique discussed in the video has changed since we recorded the episode. As we know OSINT techniques evolve frequently, and this one has a slight change. While the Tinder user's year of birth remains as the user originally set it, the month and day are inaccurate and change daily. I’m unsure about the why.
@cyberdefenseddi3 ай бұрын
Great segment 🙌😎
@northblue82162 ай бұрын
Ritu Gil?? Who's her Dad, Obi Wan Kenobi? ...I think I love her. 🥰🥰🥰
@hellamean2 ай бұрын
Bruh
@ForensicOSINT2 ай бұрын
hey, thanks for watching the video!
@Ziegler-di7xz3 ай бұрын
10:30 editors deserve a raise
@try-ex9cq2 ай бұрын
David pls make video on how to access kali through wan using ssh
@werdna_sir2 ай бұрын
Do it yourself and learn. How can you break into environments if you don't know how they work?
@try-ex9cq2 ай бұрын
@@werdna_sir what do you want to say i want to access my kali machine from ssh through wan and not hack anyone's kali machine
@protoss44443 ай бұрын
How does this compare to Qubes OS?
@KasmWorkspaces2 ай бұрын
Qubes and Kasm share the same spirit of isolating/compartmentalizing applications to provide security and interoperability benefits. However we are trying to solve two different problems. Qubes wants to be the Operating System you install on all of your machines basically replacing Windows/MacOS/Ubuntu etc. Kasm is a platform that is essentially a web application that any number of users can use. You have a central Kasm deployment and multiple users login from their browser and launch the applications / desktops/ VMs that they want.
@Abduselam.m3 ай бұрын
Thanks So much David Top world technology KZbin channel
@davidbombal3 ай бұрын
Thank you! I appreciate that 😀
@tungstengold3 ай бұрын
david, what data does kasm keep/monitor and what is their obligations to hand it over to the said authorities protecting our society.
@KasmWorkspaces2 ай бұрын
Hi ! Kasm is a US-based company, so we would be obligated to comply with the authorities where legally required. For our consumer based offering like Kasm Cloud Personal OSINT , we have logs to monitor and maintain the health of the platform. For example: User X launched a Brave workspace at this time. We however, do not monitor what occurs inside that Brave workspace so there is no detailed activity. Kasm also provides options for you to fully host the tech stack on prem , air-gapped or in your private cloud, so you have you strong data privacy needs these are options where you have complete control and our organization is not in the mix
@tungstengold2 ай бұрын
@KasmWorkspaces thanks for the response but as you've seen in the u.s and many other countries investigative journalism is a life and death business. so are you prepared to put your hand on your heart and tell those investigative journalist doing the difficult work for the freedom of the people they can't be compromised using your platform kasm or are you not
@hillbilly48953 ай бұрын
It shouldn't be this hard...but it is.
@galloe2 ай бұрын
It's so messed up that data brokers are even a thing, and that there are no laws against these brokers selling our data for profit. On that note, if they can make money off our data, why aren't we allowed to ask for our cut from their profits?
@BadBoyAcademy-o6u3 ай бұрын
Please David how to modify normal usb storage stick firemware to be hid device (bad usb)
@hetmanfoko3 ай бұрын
often it is impossible. I remember most tutorials out there only work for Phison 2303 usb 3.0, so you need a specific one also. Even with that, you need a *lot* of low-level programming knowledge. So yeah... good luck I guess. I don't know wether David will do something with it (would be cool if he does tbh) but it might be hard.
@RickyCardwell-l8y2 ай бұрын
But what do you do if you don't want your traffic to appear in Germany or India? Can you select a specific region?
@Appleloucious3 ай бұрын
'Dark arts' XDDD As if it was magic XD One Love! Always forward, never ever backward!! ☀☀☀ 💚💛❤ 🙏🏿🙏🙏🏼
@mdashifuzzamanshawon3 ай бұрын
Very informative
@BATMAN_s_millis3 ай бұрын
BRO DO A VIDEO ABOUT CYBERSECURITY FREELANCE
@sinanicardi2 ай бұрын
Hi David university accepted me for both Cyber Security and AI engineering. What would you recommend me to do? I’m interested in both now i have to decide😩
@OkayRR.2 ай бұрын
Cyber duhhhh
@tonmeelmans73072 ай бұрын
Dit bestaat al meer dan 10 jaar wat een nieuwe uitvinding ?
@GaviI-km5fo3 ай бұрын
the reason i say this is that tinder profile said 23 years old and the source code said 2000
@ORLYWTF2 ай бұрын
Not knowing what you’re referencing, so taking your comment at face value: it’s simple mathematics. This year is 2024, so someone born in the year 2000 would be turning 24 this year, depending on the month and day. So, for instance, someone born on 2000-12-31 would show as 23 years old for the majority of 2024.
@GaviI-km5fo2 ай бұрын
@@ORLYWTF thank u for this let me clarify : the date shown on screen is 2000-03-18 so why this may be posiible it isnt probeble theclip is shown at 27:12 just look where she is refrencing and agian i must say i really love this channel but thought this was somthing to point out
@landrover8273 ай бұрын
I’d love to see a Kali Linux GUI install on a Mac running in a Docked container.
@KasmWorkspaces2 ай бұрын
You can run a Kali Linux GUI running in Kasm docker container from your browser on a mac. Does that count? 😆
@landrover8272 ай бұрын
Sure it counts! 😎 I’ll give it a try. Thanks 🥹
@GaviI-km5fo3 ай бұрын
also im a huge fan but i cant help but feel like this video is from a year ago
@jakestevens36943 ай бұрын
So without watching the whole video I assume we are simply talking about isolated browsing and Virtual Machines, glorified as a SASS? Using a VPN = hidden from the majority of web users from knowing your true IP. Browsers = Use private tabs / browsing ad blocking etc, unlikely to get infected via cross scripting. AV/VM = use of antivirus and / or virtual machine will protect you from most infections from attacking your machine (zero day, more complex and even VM's (cloud or not) are not exactly safe because if the pc is infected and you are talking to that machine you have an open channel that could have a service which may be compromised. In short, security is never going to be easy it's cat and mouse, period. These new threats are still better than our "new AV / IDS" they are still leaning on patterns heavily to sample and detect new threats which often creates many false positives and still is allowing the better of the infections to get in, including and most worryingly social engendering attacks. Although I must admit Microsoft's latest 365 email security is rather impressive.
@ibeezhashin2 ай бұрын
So basically kasm is a tails os container. Free made paid.
@Zagnikasalam3 ай бұрын
please do video with otw on bitcoin forensics please I have told you many times please🙏🙏🙏🙏🙏🙏
@panospapathanasiou39572 ай бұрын
Ummm, what about your ISP???
@ree24533 ай бұрын
LMAO. ALL cpus have backdoors today
@magicmanchloe3 ай бұрын
What? Do you mean vulnerabilities?
@werdna_sir2 ай бұрын
Instruction sets that aren't made aware the public. AMD would have been doing this for years as they are military contractors. Intel are just most likely infiltrated and totally corrupt.
@SerenixIO3 ай бұрын
1:06 BROO THAT'S MY IP ADDRESS 💀💀
@hellamean2 ай бұрын
@@SerenixIO It wouldn’t matter, IP Addresses change all the time. Sure, they can be used to track but in very low circumstances such as subpoenas to match accounts, but that doesn’t mean someone showing their IP on stream would be used against them if the IP changes like every after five hours. It’s likely that he has a Dynamic IP Configuration and not a Static one and that’s why he doesn’t care. Even my IP Address changes like every 2 hours and I’m not using a VPN nor a proxy.
@SerenixIO2 ай бұрын
@@hellamean :OOO
@sabinadelkic33112 ай бұрын
⭐️
@richj9463 ай бұрын
Amazing
@txrunningwalkers12 күн бұрын
I found out who hacked me,sniper mode now!
@8080VB3 ай бұрын
We miss your old specs
@cameronrich25363 ай бұрын
I use proxychains when i can
@sognatore6199Ай бұрын
Almighty Lord, protect all normal people against evil OSINT investigators, bellingcat snakes, and other servants of Satan 🙏
@NaseebullahHaidary3 ай бұрын
❤🎉
@bobobobee97083 ай бұрын
You. Are. Not. Invisible. Online.
@hellamean2 ай бұрын
Absolutely
@mrnoone62 ай бұрын
Skill issue
@hellamean2 ай бұрын
@@mrnoone6 We can simply put it as Bad OpSec.
@hellamean2 ай бұрын
@@bobobobee9708 I have a terrible OpSec but good fame.
@ORLYWTF2 ай бұрын
Nor offline. We live in a surveillance state where it’s not just state-sponsored actors doing the watching and listening. This is the Information Age, after all.
@sunriseleatherco.65873 ай бұрын
AI will be able to track anyone, anywhere.
@mohammedbaiddah54513 ай бұрын
bro is that 5gb wtf
@ShawnA5603 ай бұрын
I use windows 10 built in sandbox
@doordashchic3 ай бұрын
What does that do?
@SalvageMasterEssex3 ай бұрын
@@doordashchic I thought the sandbox was for the cat to crap in 🤣🤣
@HappyQuailsLC2 ай бұрын
Correction to your info: Actually there are emails and text messages that can infect your phone without clicking on links or opening them. And it isn't sufficient to merely avoid clicking links in email. There are emails you shouldn't even open. Your info is very behind the times.
@galloe2 ай бұрын
So educate us instead of saying "You're wrong." What's the name of this attack? How does it work? Etc.
@tungstengold3 ай бұрын
michael this is dod and u.s fed client there is absolutely no way you can use this source to do anything secure. cmon man why are you pushing a u.s govt contractor
@MohammedAli-rn5dp3 ай бұрын
❤🔥❤🔥❤🔥❤🔥❤🔥
@c.q.56802 ай бұрын
Dave Bombal is a fed 😂 and his fanboy are wanabe hackers 😂 hillarious people
@sotecluxan42213 ай бұрын
Great, but unsubscribed, at BC/Ody subscribed, ciao YT!
@Ex_impius2 ай бұрын
Lol. Just dont join tinder lmao 😂😂
@realguapo_mmaАй бұрын
I wish this was less of a talk show and more informative geez
@2two2twenty2two3 ай бұрын
THAT IS ALL BS ASK AN E ABOUT IT…
@会供価2 ай бұрын
EEEEEEEE
@ReluctantSpirit3 ай бұрын
Sorry to say but the video is too dry to listen to.