I recently completed the Security Blue Team course An Introduction to Open-Source Intelligence. If you read my previous post on Review of the Intro to People OSINT Course, you might be wondering, why take two introductory courses? They might be similar in title, but they were very different courses. To be honest, I was on an OSINT kick and took both of the courses within a 5 day period. But I do things like that sometimes (ok, a lot), just jump in with both feet and learn as much as I can.
The course looked interesting and the price was right, only £20, which at the time was about $26US. The outline of the course topics was varied and interesting and it ended with a challenge. Cool, and not bad for the very affordable price. I found Security Blue Team on Twitter a few months ago when they started promoting their Threat Hunting course and I signed up to be notified when their Blue Team Level 1 Certification launched. They had just announced the OSINT course so I thought this would be an inexpensive way of taking one of their courses to see if I liked their style before spending a lot more on the full certification course.
Purchasing the course was as easy as using the PayPal checkout and creating my account. I received 3 emails as soon as I paid. The odd thing was, there wasn’t a link to the course in any of them. Just an order placed, order paid, and PayPal’s receipt. Hmm, guess I just go to the site and sign in with the credentials I created.
Once I logged in and found my way to the course it was time to get started. I knew going into this that there weren’t any videos, it was all reading content on their website and I was fine with that. Each lesson covered a single tool or topic, like theHarvester, Google dorks, Maltego, the OSINT framework, etc. I read through each one, practiced the exercises on my own, read any and all links they provided, and at the end there was a quiz with several questions to answer, some multiple choice, but a lot were text fields that you entered the command to get the desired response. You can take the quizzes as many times as you like, but you have to get 70% to pass to the next section. This was one thing that became frustrating, I would enter the command that had just worked in reality in the real tool or website, but it was marked as wrong on the quiz. I learned that the format is very important to be marked correct. Apparently there is some string matching going on when grading the answers =) I got the hang of it, it was just frustrating because as we all know in IT, there are 100 different ways to do anything.
Note: As of this writing the Maltego section is not completed (they said soon so I’m really looking forward to it) and wasn’t available. This was disappointing because the course was already launched and being advertised. Once it has been released I’ll update this post.
The course wraps up with a challenge. I took a break before starting this because I was hoping it wasn’t going to be another exercise in fighting the quiz grading process. I jumped on their discord channel, which is great btw, and read up in the OSINT channel to see if I was only one fighting the quizzes. I wasn’t but the admins were very helpful and guided us in the right direction. They are extremely responsive on there, so kudos to them for constantly monitoring this. That made up for the quizzes.
I’m not going to cover anything about the challenge, I will just say that it was the best part and was so much fun! They spent some time creating this part and it showed. I had to take a break in the middle because I got stuck and was going down too many rabbit holes. If there is one thing I have learned in IT over the years, it’s to walk away if you get stuck and come back to it. That has always worked for me. I grabbed something to eat and went for a walk. It must have cleared my head because I was able to fly through the rest of the tasks when I got back. It really was fun and challenging.
For this final part, you need an 80% to pass. Once I submitted my answers and passed, I was done. The next day I had my certificate waiting for me in an email.
Overall, this was a really good course. Even though there were a couple of things they could do better, the content was thorough and well written. It’s not easy, but that’s the best way to learn. Push outside your comfort zone. The challenge at the end? Well take the course and experience it for yourself. You won’t be disappointed.