Exercise Core Function
In this exercise, I focused on performing OSINT to identify and validate email addresses associated with a specific domain and individual. The methodology included extracting emails from publicly available PDF documents, generating educated guesses based on naming conventions, and verifying mailbox existence using online tools.
What I Studied
This practical exercise involved:
- Using a Kali Linux VM with VPN for secure research
- Constructing advanced Google Search queries (dorks) to locate public PDFs
- Applying email verification tools such as Hunter.io and CentralOps.net
- Documenting results in a local text editor
Key concepts applied include email pattern recognition, naming convention analysis, and ethical data collection principles.
What I Learned
Hands-on lessons from this exercise:
- Constructing targeted search queries to extract emails from public documents
- Generating email guesses using organizational and personal naming conventions
- Understanding that verification tools vary in accuracy and are limited by free-tier constraints
Why It Matters
The exercise highlights real-world implications:
- Public documents can expose internal communication patterns, increasing risk
- Organizations should audit and redact employee emails to prevent automated harvesting
- Demonstrates an OSINT workflow relevant to investigations, reconnaissance, and security assessments
How It Maps to the Job/Framework
- NICE Role: Cyber Defense Analyst (COL-1, ANL-1): Reconnaissance and analysis of public data
- ASD Skills: Applying OSINT principles to identify potential attack vectors and data exposure
Key Takeaways
- Public documents often reveal predictable email patterns for organizations and individuals
- Verification tools are helpful but limited; multiple tools improve confidence
- Ethical OSINT work requires respecting privacy and using only publicly available information
- Understanding naming conventions helps anticipate potential data exposure
- Portfolio documentation reinforces both practical skills and professional communication
See my portfolio report for a detailed technical summary and methodology section.