Open Source Intelligence Training in Hacking-Lab (BA)

In cyber security the topic of Open-source intelligence (OSINT) plays a major role. With OSINT security defender and researcher may find valuable information about cyber crime and attackers. OSINT helps to understand the effects of sharing public information. OSINT is not yet part of the curriculum at OST. An e-learning platform called Hacking-Lab already exists and is used at OST. In Hacking-Lab, students can apply what they have learned in the lecture in a controlled environment in the form of practical hands-on exercises.
The goal of this thesis was to create ten OSINT challenges in the Hacking-Lab for students to solve and practice. In every OSINT challenge, students are given a set of tasks and summative assessment questions. The students are guided through the proposed steps in order to answer the posed questions in form of a write-up.
Each OSINT challenge is framed by a story to make them more engaging. These stories were chosen in a way that many different OSINT techniques are applicable and can be practiced by the students. In OSINT there is not only one way to find the correct answer hence the students are also encouraged to find their own way to reach the expected solution. To guarantee a high quality of the challenges, multiple quality assurance tests were conducted with students and colleagues working in IT. The results of these quality tests are an indicator whether the goal was reached.
As a result of this work, the goal of creating ten OSINT challenges in Hacking-Lab was achieved. These challenges provide some insight into the topic of OSINT without getting lost in details and technicalities.
This project provides a foundation which a lecturer can build upon by creating a lecture on OSINT. This lecture could be integrated in a course on cyber security. Social media was purposely neglected in this project because social media is difficult to maintain and make future-proof, which makes it incompatible with the project's requirements. Therefore, it could also be a future project to expand upon these challenges with a focus on social media as it is an indispensable part of OSINT.