What is this talk?

This is a talk where I introduce a resource to help you make decisions about what tools, sites, or techniques to use next time you use OSINT.
I'll also talk about my approach to OSINT, and provide some generalized recommendations based on my experience.

Who am I?

  • Corey Ham | cham423
  • A tester at BHIS
    • mostly red team and adversary sim experience
    • client-facing tester since 2013
    • previously Optiv, Hurricane Labs
  • OSINT Enjoyer
    • Have used OSINT during offensive engagements over the years out of necessity
    • Also do OSINT for "fun" (data hoarding)


  • this talk contains opinions, biases, assumptions, and YMMV
  • there are infinite OSINT use cases, and I can't cover them all