Posts

Q & A for 3/16/23 ChatGPT for OSINT Webinar

Image
 Earlier this week SANS hosted a one-hour Webinar "The New OSINT Cheat Code: ChatGPT". You can watch the webinar and view the slides here:  https://www.sans.org/webcasts/new-osint-cheat-code-chatgpt/ I used up the entire hour of the allotted time giving the presentation so I promised that we would gather the questions and I would answer them on my blog. I haven't edited these for grammar etc, just pasted in the questions and responded to them. Q: If people were proficient in "google dorks" - to uncover whatever they may find. How does the landscape shift if future   iterations of ChatGPT adapts to the majority of population's search as it comes to understand what people are seeking out. A: I can easily see “Google dorks” becoming less important in the future as the focus shifts towards writing quality prompts explaining EXACTLY what you’re looking for and letting that specificity improve your signal-to-noise ratio. I’m picturing an enhanced user exp

Links for my 3/16/2023 ChatGPT For OSINT Webinar

Image
  GitHub with ChatGPT prompts: https://github.com/f/awesome-chatgpt-prompts Matt’s Blog: https://www.digitalforensicstips.com/ Blog post on Hugging Face app “Face Swap”: https://www.digitalforensicstips.com/2023/03/let-hugging-face-give-you-happy-face.html Blog post on OpenAI’s Whisper tool for transcribing audio or video to text: https://www.digitalforensicstips.com/2023/02/transcribing-like-boss-for-no-cost.html SANS SEC497 Practical Open-Source Intelligence (OSINT) course: https://www.sans.org/cyber-security-courses/practical-open-source-intelligence/ CyberChef: https://gchq.github.io/CyberChef/

Let Hugging Face Give You a Happy Face

Image
Years ago, a co-worker mentioned that he used to see the band Offspring play in tiny venues in southern California. They were proud that they were fans long before the band was widely known. ChatGPT has become a public phenomenon, making the Machine Learning (ML) and Artificial Intelligence (AI) spaces part of the mainstream. If the thought of a playground full of emerging ML tools sounds like something you’re interested in, you should check out Hugging Face. Huggingface.co is a site designed to let developers of ML apps have a place to test their tools and collaborate with others. A nice side effect of this community is that we have a place to play with these tools before they’re mainstream. To see the most popular tools, you can go to the “Spaces” section of the site and change the sort order from newest to “Most Likes.” Some of the tools are just fun to play with. Here I use one called AnimeGanv2 to turn a picture of me into an anime style images.  In addition to being fun, th

Transcribing Like a Boss, For No Cost

Image
  One question that I’ve been asked a few times in the past year is if I was aware of a good tool to transcribe text from a video or audio file. AWS has its transcribe API for this, but there is a monthly free limit before it starts charging. There is now a fantastic free option in the form of OpenAI’s Whisper. With the increasing amount of audio and video content being generated and made available online, the ability to quickly and accurately transcribe this content is becoming increasingly important. OpenAI's Whisper audio-to-text capability offers a powerful solution to this problem. Whisper is a deep learning-based model trained on large amounts of data to produce high-quality text transcriptions from audio. It has been specifically designed to transcribe speech in various settings, including noisy environments, and to handle multiple speakers and accents. The model has been trained on a wide range of data, including publicly available audio content, which means that it is

Ways To Help Protect Your System When Downloading and Viewing Potentially Dangerous Files

Image
  Recently I wrote a blog post taking a quick look inside the files from some recent malware stealer logs. I got asked (by @Harisfromcyber on Twitter) about the safety precautions one should take when downloading files like this. I thought it was a great question, and I honestly didn’t think I could do it justice in a Twitter thread, so I promised to write a blog post. In this post, I’m not going to focus on using VPNs to manage your attribution but on steps to harden your operating system when downloading and reviewing potentially malicious files. 1: Make sure your software is up to date. This almost seems too obvious to state, but it isn’t. Modern operating systems and web browsers are really good at forcing themselves to update regularly, but what about other software installed on the system? The software you use to play media files, unzip files, etc. can sometimes be outdated. If you have the file extraction software WinRAR on your computer when was the last time it was upd

A Quick Look Inside Data Stealer Logs

Image
  Organizations adjust to changing tactics. This includes both legitimate businesses and criminal enterprises. One example is ransomware. Years ago, ransomware was about holding people’s data hostage unless they paid to get it back. While that is, unfortunately, still an effective business model, some businesses got better at protecting their backups and being able to recover their data without paying the ransom. Once this happened more frequently, ransomware operators needed to adjust their tactics slightly. This adjustment was stealing a copy of an organization’s data for themselves and threatening to release it publicly on the dark web if the ransom was not paid. This caused some businesses that could recover their data to pay the ransom still to avoid sensitive data being released publicly. Botnets have been around the internet for a long time. A botnet is where a hacker places malware on many systems to gain control of these systems and use them for various purposes, including d

Using Python to Monitor a .Onion Dark Web Site

Image
I have a few servers running on the dark web for my SANSSEC497 Practical OSINT course . The dark web is known for many things, but reliability isn’t necessarily one of them, which is why I have multiple. As the class becomes available in March, students will take it all over the world, at different times. Because of this, I needed a small program to monitor my dark web sites and let me know if they were offline. My first attempt was using a popular open-source website monitor. I made several attempts to route its traffic through Tor to monitor my .onion sites, but they weren’t successful. I finally decided to write a simple Python script to fit my needs. I then thought, why do that, when I can have ChatGPT do it for me? I went to the ChatGPT website and asked it to write me some python code to check if my .onion site was online and to alert me if it wasn’t. I had to switch the port it wanted to use for the SOCKS proxy (more on that later), but the code worked. I then asked it to ch