Micah @WebBreacher Twitter profile

Last Seen Profiles

@smahsamy6

@cuckold658

@theodfr__

@kotakngotak

@LC6RYUkFjf1aJmf

@fene_saundr

@_brotepsicotico

@Cantrellss57344

@MariamTarek2211

@OC_Garden

@BrioBuz

@MennaSleem2002

@bokeplokalmalam

@TuoCuscino

@piyopiyopompom6

@sunfluxwer

@Lelaki_biasa78

@3oHxr4Gg92dse8

@l_gtvo

@FinanceHammer

@ggmz1117

@SkinnyYute

@claudiucotan

@pinkpearlindia

@wandi_revni

@jandakembangstw

@fatboybey

@EmDeeS11

@4mkle

@Linda_McGowan14

@Moe_797

@couples_mot7arr

@SnAnyh85940

@mJ4urVrjY3FgTxs

@_brotepsicotico

@vikvik_ukr

Micah

@WebBreacher

8 years

Want to mess with your network monitoring team today? Change you MAC to be 00:20:91:... That is NSA's OUI. Thx

20

1K

2K

Micah

@WebBreacher

2 years

Hi #OSINT #CTF community. I need your help. I'm trying to make a big list of OSINT Challenges for the community. I have this list (attached pic). Do you know any OSINT-focused challenges (CTF or other) not on here? #PlsRT

27

154

502

Micah

@WebBreacher

7 years

Did you know that the CIA released a free PDF on how to analyze #osint ? Well, it wasn't JUST for OSINT. It discusses bias and how to keep an open mind when performing analyses. Worth a download and read. PDF is here:

6

203

432

Micah

@WebBreacher

4 years

The #username #OSINT web site now has over 280 sites that you can check for a username from within your browser. - Export results to a file. - All checks from your browser. - Free - Fast

2

119

326

Micah

@WebBreacher

5 years

Doing #OSINT within @shodanhq ? As an auth'd user, visit and use these filters: - screenshot.label:desktop - screenshot.label:ics - screenshot.label:loggedin - screenshot.label:login - screenshot.label:terminal - screenshot.label:windows Use in combination!

1

135

314

Micah

@WebBreacher

3 years

Hey #OSINT and #cyber people. If you are using colored boxes to note certain areas of interest/similarity in your image analysis, consider using an additional technique as well. Not everyone can see those boxes that you can see. Check out my blog post

7

64

207

Micah

@WebBreacher

2 years

#OSINT and Web App Pentest Tip: Use Chrome's built-in UserAgent Switcher (not extension!) to change your browser UA at will. Images attached.

8

58

205

Micah

@WebBreacher

7 years

Are you a bored OSINTer today? Nothing much going on? How about looking at people's public Google Calendars? That could be fun! Enjoy and add this technique to your #osint arsenal!

2

82

194

Micah

@WebBreacher

6 years

Are you new to #OSINT , #threatintel , #recon and need to better understand what to do with the data you gather? Hop on over to and learn about .

Introducing OSINT YOGA

I absolutely love all of the public projects where people share their favorite OSINT bookmarks with others. You’ve most likely seen some of them. [UPDATE] Bruno Mortier (@digintelosint) creat…

webbreacher.com

3

130

192

Micah

@WebBreacher

6 years

After an amazing 10 years, I'm excited to let you know that I've resigned from my day job at Booz Allen. Starting in December, I will be doing #OSINT and #cyber consulting through my new @SpotInfosec business ().

43

29

187

Micah

@WebBreacher

4 years

I was today-years-old when I learned that I could copy #metadata from one file (like a phone's photo) to another ( image) using the command-line command: exiftool -TagsFromFile fromFile.jpg toFile.jpg #osint #sockpuppet Credit to

4

48

183

Micah

@WebBreacher

5 years

My son offered to make my coffee this morning which seemed odd at the time as he never has done this before. My coffee tasted good until I saw this. Luckily I’ve been building up an immunity to iocaine powder. Whew. 😏

10

6

181

Micah

@WebBreacher

5 years

Well the #osint cat is out of the bag. Some of you have already been contacted by @SANSDefense to be beta testers for THE NEW OSINT CERT!!! May I present, the GIAC GOSI (GIAC Open Source Intelligence) certification for the #sec487 class!

13

45

176

Micah

@WebBreacher

4 years

My favorite #3dprinted ornament for 2020. Look closely at the snowflake for a 4 letter word.

6

34

168

Micah

@WebBreacher

3 years

Over the past years, I have enjoyed teaching OSINT to people through my SANS class, at workshops and conferences, and through the live streams of @OsintCurious With the new year comes a new opportunity to learn #OSINT more deeply with me (and eventually with other trainers)...

8

34

157

Micah

@WebBreacher

4 years

I'm thrilled to announce that the 3rd annual @SANSDefense #OSINT Summit will be a 2 day, virutal, free event next year! February 11-12, 2021 We are currently looking for people to speak/present at the event #CFP #osintcurious

0

66

153

Micah

@WebBreacher

6 years

I've just created a project called ORCS (OSINT Resource Classification System) () to hopefully bring together OSINT bookmarking site/resource classification systems into a standard. #osint #threatintel

2

57

151

Micah

@WebBreacher

5 years

Fun #OSINT #webscraping tip: You can get the email address and other details from the owners of pages by adding ".json" to the page name. - Go to - Click a link like - Change to

8

46

145

Micah

@WebBreacher

5 years

The famous @OSINTtechniques and I recorded a 25 min "Introduction to #OSINT video (). The video is aimed at helping people start their investigations. For instance, say you are working in a @TraceLabs #MissingPersons #CTF . #osintcurious @OsintCurious

5

60

143

Micah

@WebBreacher

3 years

is for ANYONE who loves open source intelligence, from those just starting out to career pros. Our goal is to help expose #OSINT fans to experiences that follow common research threads, gathering available information for a specific target. #ctf 1 Mar

0

40

132

Micah

@WebBreacher

7 years

#pentesters and #osint people, stop guessing valid email addresses for your targets and use .

3

54

133

Micah

@WebBreacher

6 years

#OSINT tip: Using Google cache is great for recon. Understand it pulls images, JS and other pieces of the web page from the LIVE SITE (not cache) unless you add &strip=1 to end of cache URL. Attached is a pic of the network traffic from my browser when I didn't use &strip=1

4

46

131

Micah

@WebBreacher

2 years

Get SMART about #OSINT . Start Me Aggregated Resource Tool = SMART. It is the ultimate ultimate OSINT tool -

2

55

128

Micah

@WebBreacher

4 years

Happy to announce the WhatsMyName project () now has "political" sites it checks for users. Tracking extremists as they move to less-mainstream platforms? Submit those sites and we will add them to the project! #osint #intelligence

2

54

131

Micah

@WebBreacher

4 years

Hmm. Just saw a tweet from @ProtonMail referencing a @VICE article about Use this simple site to find out how to request what companies know about you for #privacy #OpSec

2

54

122

Micah

@WebBreacher

2 years

I'm thrilled to announce that I've accepted a Director position with the amazing @NCPTF8 to continue the excellent work that they do in fighting human trafficking and child exploitation. Big thanks to @Volk_NCPTF and @hatless1der for all your efforts!

28

3

125

Micah

@WebBreacher

4 years

Thank you for all the wonderful wishes on my SANS promotion. I'm thrilled for the recognition of my work and truly love OSINT and the community we've built.

19

4

127

Micah

@WebBreacher

7 years

Just a quick reminder that is a great way to remove some of your data from the internet. The anonymous author has updated it to have even more sites. #osint #privacy #infosec

0

68

119

Micah

@WebBreacher

5 years

Thank you @textfiles for bringing me a little nostalgia. 26 years ago I met a woman via the Digital Nation First Class BBS. I proposed to her via a global banner displayed to all users of the BBS. Despite all that, she and I will be married 25yrs this year. #geeklove

10

1

116

Micah

@WebBreacher

3 years

This is a tremendously challenging post to write. After 9 years of working with the amazing people at @SANSInstitute , I've decided to move on and leave the org. I'll be teaching the #SEC487 #OSINT class once more next week (31 Jan-5 Feb at the CTI Summit) and then ...

26

5

115

Micah

@WebBreacher

6 years

I'm both excited and proud to have created a 6 day, hands-on #OSINT course for @SANSDefense . Over 23 labs, a focus on gathering AND analyzing, and a #CTF on day 6 all make #SEC487 a fun course for anyone!

7

37

112

Micah

@WebBreacher

4 years

@thegumshoo and I are THRILLED that the free, global, virtual @SANSDefense #OSINT Summit conference is THIS Thursday and Friday. Our amazing speakers bring a diverse range of talks and experiences to the event. Check it out and sign up at

7

89

114

Micah

@WebBreacher

4 years

#OSINT Tip - With many of us not buying morning coffee from retailers at $5+/coffee, you may find yourself with an extra $49 in your wallet. Highly suggest purchasing the @shodanhq "Membership" at a one-time cost of $49 (coincidence?). Greater access into a great tool.

10

30

106

Micah

@WebBreacher

5 years

Really happy to announce that @osintcombine made a web front end for the username enumeration #osint / #recon tool #WhatsMyName . Check out out #osintcurious

2

58

109

Micah

@WebBreacher

5 years

Just saw that someone on Reddit said that, when they got a SPAM phone call, they told the caller who dies in #Endgame . Spammer cursed them out and hung up. I call that a win and am adopting that strategy immediately.

4

34

107

Micah

@WebBreacher

5 years

For all of you that asked for it, my @SANSInstitute #OSINT talk from last night is now on YouTube. Link in this page . Lots of fun things in there from my core content on Untappd to reverse whois with a twist to breach data! #osintcurious

3

46

107

Micah

@WebBreacher

7 years

@TMZ Glad to hear he is now mentally competent to tackle all the lawsuits and criminal charges against him without worrying about his "problem".

0

8

99

Micah

@WebBreacher

5 years

#5osintthings We all should be trying to learn more about this crazy, wonderful world of ours. What are 5 things you want to learn this year about #OSINT ? I'll start: 1 Image analysis 2 Video analysis 3 More python 4 Cryptocurrency Analysis 5 More social media #OSINTCurious

24

23

100

Micah

@WebBreacher

9 years

Just registered for RSA conference. Saw this after reg. Hoping this is not asking for actual Twitter creds.

22

102

103

Micah

@WebBreacher

7 years

I have this paper on my board at home. I read it when I'm down, when I'm discouraged, when I'm rushing, when I'm feeling cocky.

8

40

106

Micah

@WebBreacher

4 years

Fun #geoint #osint mapping site that mashes up 3 different maps and sync's the movement of your mouse across all three.

4

34

97

Micah

@WebBreacher

7 years

Dear @firefox & @google . Please agree on a standard place to put the refresh arrow. Left or right on URL bar. Don't care. Just standardize.

7

20

97

Micah

@WebBreacher

4 years

May I take a brief moment of your #cyber , #OSINT , #recon , #socialengineering time? If you aren't doing Google searches like: site: "keyword" then you are missing out! International site...businesses and personal homes. WOW!

3

36

94

Micah

@WebBreacher

4 years

Have I mentioned that the 2021 FREE @SANSDefense #OSINT Summit is a FREE 2 day, virtual, global conference? Did I tell you registration is free and happening RIGHT NOW! Really looking fwd to hearing the amazing talks people submitted! #cyber

4

41

93

Micah

@WebBreacher

6 years

soooo excited today! #sanssummit #OSINTSummit #osint

5

13

89

Micah

@WebBreacher

6 years

Check out this cool new blog post that @shall_1 made about an #OSINT #mindmap of mine he beefed up: Some great content in there and in the doc. Thanks @shall_1 for the guest post!

5

65

86

Micah

@WebBreacher

6 years

Just found some really good Google Dork techniques and other interesting #osint / #recon searches in a training PDF for recruiters:

1

42

83

Micah

@WebBreacher

4 years

I'm doing some work on using traffic and security cameras for #OSINT . Love the site. Currently, I just watched a person and a dog in Amsterdam inside an elevator and now I'm watching a bored person in a restaurant kitchen. #geoint

4

16

81

Micah

@WebBreacher

5 years

I made a huge mistake today.... I challenged my math major, comp-sci minor child to Python something faster than I could. Not only was their code better and their solution more elegant but they also optimized my original code to make it better. I love learning from my kids!

2

5

84

Micah

@WebBreacher

5 years

So excited about this new industry-wide @CertifyGIAC #SEC487 #OSINT Certification: #GOSI

4

25

80

Micah

@WebBreacher

7 years

Hey everyone. My #ImposterSyndrome talk from @BsidesDC is at thanks to @handynerds #infosec #plsrt #YouAreNotAlone

(Update available) BSides DC 2017 - Imposter Syndrome: I Don't Feel...

Due to an editing issue, a new version of this video is available at: https://youtu.be/aDDCl_VQx7kSeveral years ago I was walking back to my hotel after a da...

www.youtube.com

3

35

78

Micah

@WebBreacher

6 years

Hey #OSINT peeps. One of my students in #SEC487 showed me the amazing, free Microsoft Steps Recorder () that is in all versions of Windows and records everything you do. Might be helpful to record what you do during an assessment.

2

39

80

Micah

@WebBreacher

4 years

BEFORE DOWNLOADING.... This data may contain CSEM/CSAM images/videos which you do NOT want on your systems. Beware #OSINT people. Beware.

Paul M

@IrishCyber

4 years

70TB of Parler users' data leaked by security researchers. As I mentioned previously - The data is out there to identify those involved in planning last week’s attack on the Capitol. This is why government needs greater investment in #OSINT .

0

10

16

2

33

76

Micah

@WebBreacher

6 years

#geolocating social media content is getting a whole lot more fun from an #osint perspective. Don't believe me? The user in the image below didn't add his home city to his profile but I bet you can see where he lives based on his "check-ins" (red=more beers drank)

3

25

77

Micah

@WebBreacher

8 years

Use LinkedIn? Do #recon , #osint or #infosec ? Check out my latest OSINT blog post

The Secrets of LinkedIn

For those of you that have been the targets of SPAM or phishing or perhaps for those of you that are cyber defenders, how many times have you heard “I have no idea how the attacker got my per…

webbreacher.com

6

54

76

Micah

@WebBreacher

5 years

Many other @SANSInstitute instructors are showing off their WFH #battlestations . I figured I'd share some of my layout. And yes...there are some #eastereggs in there.

9

3

75

Micah

@WebBreacher

2 years

Its no secret that I've struggled with #ImposterFeelings for years. If you are feeling you don't belong in your industry/job/career/life...take a moment and check out the resources I collected. #YouAreNotAlone

5

23

76

Micah

@WebBreacher

5 years

Today is the day I hit 10,000 followers. I'm truly blessed to have such a supportive, challenging, knowledgable, diverse set of followers that are constantly helping me grow. Thank you!

8

1

73

Micah

@WebBreacher

6 years

You doing #OSINT and #recon work that takes you to Twitter? Check out this excellent blog () by @labnol on how to search more-deeply using Twitter search directives (like Google Dorks)

1

46

74

Micah

@WebBreacher

7 years

Doing #OSINT on things that happened in the US a while ago (>10 years)? You might want to hop over to the National Archives where they have ship manifests, death records (with SSNs), enlsitment records and more! Here is an example to start you off:

3

30

73

Micah

@WebBreacher

6 years

It is now 2019 and I want to remind each and every one of you that you have something to contribute to #osint or #cyber or whatever. Everyone is important. I just rewatched my #ImposterSyndrome video from @BsidesDC in 2017. #FeelingGood

4

25

72

Micah

@WebBreacher

2 years

My favorite part of Webex meetings is when I get to uninstall the application upon completion of the meeting.

7

2

67

Micah

@WebBreacher

7 years

If you are doing #OSINT , Check out @L4bf0x 's OSINT comparison tool Google Sheet.

2

31

71

Micah

@WebBreacher

4 years

#wellplayed #geekjokes

Johnny Verhovek

@JTHVerhovek

4 years

The Biden campaign purchased the domain name and this is what it redirects to

371

5K

18K

0

18

66

Micah

@WebBreacher

5 years

I have a serious question for students in #OSINT courses. I'm seeing more and more OSINT trainers taking pictures of their students' faces and tweeting/IG'ing them out. As an OSINT instructor, putting my customer's faces on social media is the last thing I want to do.

9

15

69

Micah

@WebBreacher

5 years

If you do #OSINT or #recon and have not seen these fabulous, short Spiderfoot tool command line interface (CLI) videos that made, you are missing out! #OSINTcurious

0

26

70

Micah

@WebBreacher

4 years

Did you know that SANS has a list of free resources and scholarships on the page? There is also the Work Study program () which offers reduced rates on training in return for some work during the events. #cyber #osint #CTI

0

32

68

Micah

@WebBreacher

3 years

through recorded, skills-based trainings on the My OSINT Training () site. These courses range from short topics like "How do I install and run a certain #Python OSINT tool?" to longer, step-by-step courses on...

3

13

65

Micah

@WebBreacher

2 years

Have a long URL to decode? Use . It decodes parameters & values in the URL. Ex: I used Amazon & ran a search, copied URL, pasted into Unfurl. It broke the URL down & revealed "qid" param (2) is a time stamp and a date (3). #osint #cyber #tools

2

27

66

Micah

@WebBreacher

3 years

Free virtual #OSINT conference? Yes please!! Please share this.

SANS Cyber Defense 🧢

@SANSDefense

3 years

We are excited to announce that #OSINTSummit 2022 registration is NOW OPEN! Join Summit Chairs @WebBreacher & @dutch_osintguy and learn how top #OSINT experts gather and analyze available information for their investigations. Register now for FREE:

2

42

79

3

34

66

Micah

@WebBreacher

4 years

I'm taking the beta test for the GOSI cert on Monday! Wish me luck. :)

GIAC Certifications

@CertifyGIAC

4 years

"The #GIAC Open Source Intelligence ( #GOSI ) Certification represents a huge milestone in the worlds of #OSINT and cyber reconnaissance.” - @WebBreacher , @SANSDefense #SEC487 Course Author. Learn more here:

0

8

12

15

7

65

Micah

@WebBreacher

7 years

#OSINT or #Recon tip of the day. Trying to harvest Google Analytics codes from web pages from the command line? Try the below from a terminal window (linux/unix/macOS): curl --silent -L | grep -o -E "UA\-[0-9]+" Change domain to your target. #profit

0

26

65

Micah

@WebBreacher

5 years

One of my favorite Google dorks is: site: site:*/boards #OSINTCurious

2

21

65

Micah

@WebBreacher

4 years

Want to get better at performing searches on Twitter for #OSINT purposes? Go to the source! Twitter tells you how in this doc:

3

29

65

Micah

@WebBreacher

7 years

Looking for some legal places to practice #webapp #hacking ? #infosec

2

37

64

Micah

@WebBreacher

5 years

Holy cow is this international infrastructure map interesting to dive into! #OSINT #osintcurious

1

24

62

Micah

@WebBreacher

5 years

Well this looks really interesting for DFIR and #cyber and #webapps and #OSINT . Thanks for sharing it. #osintcurious

Binni Shah

@binitamshah

5 years

Unfurl : It takes a URL and expands ("unfurls") it into a directed graph, extracting every bit of information from the URL and exposing the obscured : cc @_RyanBenson

4

247

617

1

26

63

Micah

@WebBreacher

7 years

Hey all. I'm releasing the @SANSDefense #SEC487 Community Wiki for #OSINT resources. It can be found at Always looking for content submissions and pull requests. In the coming weeks, we hope to add a bunch of resources to it.

1

33

64

Micah

@WebBreacher

3 years

OK...so many of your #OSINT people have heard me talk about using the free/nearly free @obsdmd in investigations for documentation, workflow, task management, and more. Here is a little blog () with links and such for your viewing pleasure. #cyber

0

19

61

Micah

@WebBreacher

5 years

Hey #OSINT and #sourcing people! Have I got amazing news for you!! The 2020 SANS Open-Source Intelligence Summit is coming to Virginia AND you can use code OSINTPOD20 to get a special price of $175 on your registration. Register now to save your seat:

2

42

61

Micah

@WebBreacher

8 months

#OSINT Tip: Bing & Yandex have #cached data The removal of Google's cached content is a set back for some but both Bing and Yandex search engines have cached pages. We also have amazing sites like and for full page captures

3

26

58

Micah

@WebBreacher

4 years

Really enjoyed @s0md3v 's blog on using shadows to determine time of day and day of year in images/videos. #geoint #imint #osint #osintcurious

1

23

58

Micah

@WebBreacher

7 years

For your AMAZING Friday #OSINT adventures, check out @dutch_osintguy 's amazing OSINT page (). It's similar to @jnordine 's but organized differently. #recon

2

25

60

Micah

@WebBreacher

4 years

Check out @osintcombine 's and my free #OSINT / #cyber / #recon #username enumeration site. Changes include site defaults to "all/no porn" for categories (1) to keep your searching safer and exporting content to files (2).

0

21

54

Micah

@WebBreacher

8 years

[Blogged] repost "Harvesting Whois Data" - Using #osint to find interesting domains and who owns them

1

39

57

Micah

@WebBreacher

2 years

Reposting this for the #OSINT community. A OSINT page crawler that indexes them and lets you search them all together. With sortable results!! (and free!)

Micah

@WebBreacher

2 years

Get SMART about #OSINT . Start Me Aggregated Resource Tool = SMART. It is the ultimate ultimate OSINT tool -

2

55

128

0

21

57

Micah

@WebBreacher

7 years

getting ready to do my @SANSPenTest at night talk on #osint and #hacking . so much fun!

3

9

58

Micah

@WebBreacher

8 years

One of my favorite #pentest tricks is to set up a "password checker" page and ask employees to check the strength.

0

12

47

Micah

@WebBreacher

4 years

I know this might be premature, but I voted today via mail in ballot. Now I know some of you might ask, "But Micah, there are 2 more debates still. How can you have already made up your mind?" I've waited 4 years to vote this racist, lying blowhard out of office. #VoteHimOut

5

1

57

Micah

@WebBreacher

5 years

I'm really excited to begin another @SANSDefense #SEC487 #OSINT class today with students from around the world using the new @SANSInstitute #CyberCast format of Live online training.

0

10

58

Micah

@WebBreacher

5 years

Sydney is gorgeous this time of year!

5

0

57

Micah

@WebBreacher

4 years

For Facebook #OSINT - Still want to use the sowdust code on sites like @_IntelligenceX but cannot do to the new UI on FB? Add all the filters to the sowdust tool, then copy the URL and replace "www." with "apps." at the beginning of the URL. It'll switch to the old/classic UI.

3

28

55

Micah

@WebBreacher

5 years

I used to treat my home networking like a lab. I'd reconfigure stuff, try new things out, attempt to optimize. Now, with my family WFH and learning from home, my network has transformed into an essential lifeline, high-availability network that I dare not touch.

6

5

56

Micah

@WebBreacher

3 years

I love days like today. - Work on OSINT cases. - Do a live stream with @dutch_osintguy . - Take some time to clean my desk after spilling hot coffee all over it - Complain on Twitter. Life is good.

1

57

Micah

@WebBreacher

7 years

Fun fact: My phone autocorrect changes the name of the #pentest linux distro "Kali" to the word "jail". cc: @kalilinux

1

13

54

Micah

@WebBreacher

5 years

Do you do #OSINT on TikTok? Then check out my blog post at and my #10minutetips at where I show how to extrtact JSON from the site and pull all the comments for a post just using a web browser!

1

26

55

Micah

@WebBreacher

4 years

#OSINT / #SocialEngineering tip: Looking for data about a target? Check what utilities they might use at their home. For instance, the site will show you the addresses of their customers and the WiFi network names.

4

19

54

Micah

@WebBreacher

3 years

Give me a 👍if you know about the site that allows you to recreate images from Google Street View imagery by placing virtual "cameras". There are over 10,000 models of security and other cams it knows how to mimic! #osint #geoint #imint

IPVM Designer / Calculator

Using Google Maps, layout and design cameras, choosing from 10,000+ models, delivering FoV and image quality previews plus export to PDF, Powerpoint and more

calculator.ipvm.com

5

23

55

Micah

@WebBreacher

6 years

If your password policy involves "secure passwords" but you limit my password length to 8-16 characters, you are part of the problem.

2

18

54

Micah

@WebBreacher

9 years

@Anthrax friggin rocked the f-in house!

4

11

50