Exposure Analysis with OSINT

Required knowledge

  • Basic knowledge of Linux systems

Target group

  • Network and system administrators, security analysts, SOC operators

Date and location

  • TBA 
  • Remote training session. Online course that you can access remotely.

Required material

  • Participants need to have their own laptops with a web browser pre-installed (preferably Google Chrome) and an RDP client.

Trainer and course language

  • Massimo Giaimo, Team Leader Cyber Security Solutions at Würth Phoenix
  • The course will be held in Italian.
  • The training material and certification exam are always in English.


  • Participation: € 1.500 (excl. of VAT)


Introduction to Open Source Intelligence

  • historical background and types of sources


  • about a website: 
    • finding out who registered the domain, who is managing the website, where the hosting is located, finding e-mail address and telephone number references, finding correlations with other websites, downloading the whole website and checking it offline, brute force directory.
  • about a domain:
    • DNS records, correlations with other domains, registration of similar domains for cyber criminal activities
  • about an IP-address
  • about ports and services
  • about a CSM-based website
    • verifying the type of CMS, plug-in, templates, post authors 
  • about a person
    • verifying the existence of a nickname 
  • about an e-mail server
    • verifying the reverse record, SPF, DKIM, DMARC, spam list verification 
  • about an e-mail
    • interpretation of the headers
    • prevention and monitoring of Man-in-The-Mail attacks, credit transfer frauds, CEO fraud
  • about an organisation
    • VAT verification, job ads 
  • about an image
    • backwards search, EXIF data

OSINT and brand protection

  • trademark and intellectual property protection

OSINT and web reputation

  • protection of the online reputation

Google search operators

  • Google Dorks, use of SERP


  • anonymous browsing and use of tools


  • monitoring of changes

Data breach

  • sources
  • evaluation of a data breach

Deep web and Dark web

  • introduction to the anonymous networks, dark web and deep web
  • dark market and forum in the dark web
  • Tor and I2P
  • ONION Hidden Services

Recovery of past information

  • Wayback Machine
  • Pastebin

Tips and tricks

  • How to take notes during an OSINT activity?


  • Spiderfoot
  • Maltego
  • FOCA
  • Metagoofil
  • Gitrob
  • GCADMARCRiskScanner
  • DNSRecon
  • dnstwist
  • torbot
  • Photon
  • theHarvester
  • Recon-ng

I would like to attend the training


Personal Information
Thank your very much for your request and your interest on our trainings. All information on your registration will be handled in full compliance with the policies related to the GDPR. Your personal data will treated confidentially; neither your name nor your company's name will be made accessible to third parties.