Tim Farmer is the OSINT Training Lead for Dark Blue at CACI. He performs investigations along with teaching OSINT classes with a focus on the deep and dark web. (Don't know the difference? We discuss that in this episode.) Tim has his own podcast with Chris, titled The OSINT Output. Tim has achieved the OSC certification from Osmosis Academy and wi…

Dorota Kozlowska is a social engineer and penetration tester for Black Hills Information Security. She has her own podcast which can be found on Twitch and YouTube and recently presented at the Disobey conference in Finland. On this episode, she talks about how to get into social engineering as a job, some techniques for elicitation, what skills on…

Sho Luv, aka Leon Johnson is a ninja, a hacker, a penetration tester and a computer security expert. Leon has performed all types of testing engagements and has mentored many other aspiring pentesters. On this episode, Leon talks about what it takes to be a tester along with some of his own stories of social engineering engagements and his thoughts…

How does a man living in England trace the history of Compton, California and the evolution of gangs across the country? And then evolve to tracking financial crimes? By using his OSINT skills! In this episode, Brett Redman the Head of Intelligence at Blackdot Solutions takes us through where he started with tracking this information and also some …

Olie Brown is a self-described hacker and the creator of the penetration testing company CC Labs. In this episode, Olie tells us of some social engineering exploits he has pulled off with some very simple techniques. He also stresses the social in social engineering with his tips on how people can get started and how to get better at social enginee…

Dmitry Danilov, aka Soxoj is an OSINT investigator and CPO for Social Links. In this episode, we talk about his Substack where he shares his methodology and his incredibly helpful "4P Method" of doing investigations. We also talked about some of the tools he works with and created, which you can find in his github: https://github.com/soxoj https://…

Jeff Tomkiewicz, aka The Gh0stface Killer is a social engineer who is employed but a health services company. He will also be teaching a pretexting workshop at the Layer 8 Conference! You can find out more about that here: https://layer8conference.com/training-at-layer-8-conference-2025/ In this episode, we learn how Jeff moved from the military to…

My OSINT Training is a company created by Griffin (@hatless1der) Glynn and Micah (@webbreacher) Hoffman. Their goal was to create affordable high quality OSINT training, and they'll be offering that at the Layer 8 Conference in June! You can sign up today for their class! In this episode, we also spoke about the National Child Protection Task Force…

Get your ticket to the Layer 8 Conference on June 14, in Boston! In this episode, we're joined by Nico Dekens, aka Dutch_OSINTGuy where he talks about lessons in OSINT including the value of operational security, ethics and classes he teaches. He also tells us about his 5W1H method of performing an investigation. We also discussed some blog posts h…

Aidan Raney is the founder of Farnsworth Intelligence, an OSINT company that focuses on due diligence investigations, among others. Aidan freely shares content and tools, has been a volunteer with Trace Labs, teaches OSINT and OpSec. He presented at both BSidesSF and ShmooCon about "Catching Some Phisherman" where he exposed a large phishing organi…

Brian Harris from the Covert Access Team is a social engineer, a physical pentester and a member of the black team. If you've heard of blue team, purple team and red team but not black team, you can hear what that is about in this episode! Brian explains why all businesses should have their physical access tested, regardless of whether they believe…

Nathaniel Fried is the CEO of OSINT Industries. He's also one of the founding members and current chair of UK OSINT, a non-profit public meetup group. In this episode, we talk about ways to perform OSINT with only a single selector, such as an email address, a phone number or a username. We also discussed how he discovered that Donetsk was using we…

Matt Linton (@0xMatt)is a Googler and former NASA employee and red teamer. He has some opinions on the way we do phishing testing today with comparisons to how fire safety evolved. Even better, he offers solid solutions on how we can do better phishing testing so that people better understand the expectations of them and to still keep the enterpris…

Jennifer is a hacker, a social engineer, a locksmith and a private investigator. In this episode, we talk about how she got into each of those fields and about her path to being a part of her company's red team. She has some great social engineering stories including where she's climbing through a ceiling!…

Phil Eil is an investigative journalist who has written for publications such as Vice, Huffington Post, the Boston Globe and the Providence Phoenix. But there was always one story he wanted to write. In his new book, Prescription for Pain, Phil documents the story of Dr. Paul Volkman, a midwestern physician who was convicted of distribution of a co…

This is the second part of a two-part podcast episode with Alethe Denis. If you missed the first part, you'll want to go back and listen to that first as this episode picks up, mid-story where Alethe has just caught the eye of a security guard during a social engineering engagement. Can she evade the guard or will the job come to an end? Alethe is …

Alethe Denis is the first ever three-time guest to the Layer 8 Podcast. When Alethe comes on, we can swap stories for hours. And we did! This is part 1 of a two-part episode, as Alethe had so many great stories to share. For this episode, she talks her way into buildings, tells us how she prepares her OSINT and when she knows it's time to go into t…

For this episode, we're joined by Cynthia Navarro and Bret Anderson from OsmosisCon. They are the two people that head up the annual OSINT conference in Las Vegas. The conference will be October 20-22 and can be attended in person or remotely. Cynthia and Bret tell us about the origins of Osmosis, the certification they offer and we also talk about…

Andreas Heideck, the CEO of the Germany-based Impossible Security, joined the show to tell some incredible social engineering stories. The part that is different about his stories is the simplicity of his pretexts and thought process. As we tend to overthink these engagements, Andreas shows us how to stay in the moment, choose pretexts that make se…

This episode is a great discussion with Justin Seitz (@jms_dot_py) and Kennedy Chappell (@kcath23) of Permanent Record Research. They also write the free Substack newsletter https://www.bullshithunting.com/ along with its fun weekend edition, For the Weekend Warriors, Weirdos & Whackjobs, where you can get even more fun insight into the work they d…

Note: This episode contains language that would be considered not safe for work (NSFW) and around some children. Bluma Janowitz, aka @x25Princess is a social engineering instructor and one of the original phone phreaking hackers. She has also worked as a phone sex operator and as a dominatrix. Her work in these areas, as well as her own personal su…

Alex Lozano is the founder and CEO of the Barcelona-based Cibergy and is a professor of OSINT at the University of Autonoma de Barcelona. In this episode, Alex talks about the role of OSINT in corporations and businesses. How it can enhance the business and also show trends and potential threats. We also discussed the future of OSINT and how Artifi…

At the Layer 8 Podcast, we aim to get a global perspective on social engineering and OSINT topics. For this episode, we spoke with Ajaka Shamsudeen, also known as @Mydeen4u on Twitter. Ajaka is a part of the SE awareness and education community in Nigeria and here he shares his perspective of the state of social engineering in Nigeria. Ajaka is als…

Hervé is the creator of the non-profit and non-governmental organization OpenFacto in France. This organization teaches investigational skills to journalists to help them find the truth in facts. We also talk about using OSINT for good and in this episode, Hervé tells a story about how he did exactly that and very likely saved lives with one specif…

Bex Markwick joins us today to tell us what she feels is wrong about the way we do phishing testing today. We'll talk about some of the areas where those might not go in the right direction and why, but also how we can do them better and what we should be focusing on. Bex has presented twice at PancakesCon and gave a keynote presentation at BSides …

Tom Hocker is the Director at Trace Labs. Trace Labs is a non-profit organization who crowdsources OSINT skills from the public to find information and clues on people in missing persons cases. As mentioned in this episode, you can get more information about Trace Labs, get in contact with Tom and jump into a Search Party all by joining their Disco…

Chris Pritchard is a UK-based social engineer with Lares Consulting. He has accessed some of the most secure facilities, sometimes seemingly too easily. In this episode, Chris (aka @Ghostie_) talks about what was his process to access seemingly secure facilities like airports and casinos. He also gives his thoughts on dealing with the adrenaline ru…

Rae, aka @Wondersmith_Rae is back! After chatting about maritime OSINT in episode 75, Rae came back to discuss her book "Deep Dive - Exploring the Real World Value of Open Source Intelligence" and to talk about what skills or mindset is important in the OSINT world. We also talked about how to practice your OSINT skills in a realistic way by using …

Dylan is named the Magician yet he doesn't do card tricks, doesn't pull a rabbit from a hat and doesn't cut his assistant in half. Dylan is a social engineer who earned that moniker during an engagement. In this episode, Dylan will explain the job where he was tagged "The Magician." We'll also talk about the planning that went into his engagement a…

Ritu Gill is back! A return guest who first appeared on episode 20, Ritu (also known as OSINT Techniques) is back to talk about Operational Security, about how to create and curate sock puppets, how to keep the integrity of an investigation and to tell us about Forensic OSINT, a Chrome extension that can easily help with investigations! This episod…

Our host, Patrick Laverty, has gotten to talk with experts in OSINT and social engineering and heard their stories. But Patrick has never told one of his own. That's what we get here as he explains how he got access to sensitive areas of a bank during a social engineering job. This episode is brought to you by Compass Cyber Guard. To find out more …

Charles Shirer, aka @BSDBandit is the part of the internet that exudes positivity and happiness. He frequently posts happy and affirming messages for people to enjoy. He's also a self-taught OSINT expert. In this episode, he'll explain how he learned OSINT, projects he took on and give suggestions and advice for others who might look to follow in h…

Dr. Abbie Maroño is the Director of Education at Social Engineer, LLC. She earned her PhD in Behaviour Analysis from Lancaster University in the UK. In this episode, we talk about human lie detection and that everything we learned on Lie to Me might be a lie! How can we discern good scientific information from bad, so we can learn the skills of soc…

Venessa Ninovic is @Intel_Inquirer on Twitter and frequently posts her findings and research at https://intel-inquirer.medium.com/ She has been on the OSINT Curious podcast and presented at the 2022 SANS OSINT Summit. In this episode, she tells us how much OSINT one can find just in dating apps. She explains how some military members failed so badl…

Alan Neilan is a security analyst who searches for phishing kits in his spare time, using x0rz's Phishing Catcher. Alan often tweets out his work at @aneilan and he also posts his findings under the title "Crap I Found on the Internet" on his blog at aneilan.github.io. In this episode, Alan talks about how he uses certificate transparency certstrea…

John TerBush, known as TheGumshoo on Twitter joins us to talk about his previous life as a private investigator and how he merged into the information security world. He, like so many others, was doing OSINT before we called it OSINT and he describes some of the locations and techniques. John is also a founding member of OSINT Curious and a course …

On this episode, we speak with Dalin McClellan, a penetration tester and social engineer for NetSPI. The idea for this episode came from a blog post that Dalin wrote here: Not Your Average Bug Bounty: How an Email, a Shirt and a Sticker Compromised a High Security Datacenter. Dalin explains the preparation necessary for an on site physical penetrat…

Sylvain Hajri, aka Navlys_ on Twitter created Epieos.com a freemium site that lets you perform passive OSINT with just an email address. Sylvain wears an incredible number of hats as the creator of not just Epieos but also MyOSINTJob, OSINTFr, the SpyingChallenge and is also an organizer of LeHack in France and also the OSINTVillage. In this episod…

When we think of phishing attacks, we immediately think of email. In this episode, Chris Cleveland, the Founder and CEO of Pixm Security walks us through a massive phishing attack that his company discovered. In this attack, millions of Facebook credentials were stolen using multiple layers of trusted environments. Have you ever gotten contacted by…

People claim degrees and credentials that they haven't earned. This could be for a number of reasons, whether professional or personal. In this episode, we speak with the Fake PhD Investigator, a person who uses OSINT to determine whether the doctorate degree that someone claims, has actually been conferred on them. This episode goes through the me…

Jason Downey is a penetration testing security consultant with Red Siege and is known as HackAndBackpack on Twitter. In this episode, we talked with Jason about phishing, vishing and on-site physical social engineering engagements. He talked about some of the tools he uses, some of his successes and some campaigns that might not have gone exactly t…

We talk with Steven Harris, aka @nixintel who is an Executive Board Member with @OSINTCurious and is currently employed by Qomplx to perform investigations. He also teaches SEC 487 for SANS. In this episode, we walk through some of the Quiztime investigations that he did on his web site (https://nixintel.info) and another where he was able to figur…

Griffin is also known online as @hatless1der. You can find his tips and blog articles at hatless1der.com and at the Ultimate OSINT Collection. Griffin is also a part of the National Child Protection Task Force (NCPTF) where he is a speaker at their conference. He also speaks at the ConINT conference. In this episode, Griffin discusses how to do OSI…

Josten Peña is a Human Risk Analyst at Social Engineer, LLC. Josten performs risk testing with contracted company employees via phone calls and email. In this episode, Josten focuses on various shortcuts our brains use, commonly known as biases, that can help in some situation, but can also be detrimental in others. Josten describes these biases an…

In this episode, we talk with Erich Kron from KnowBe4. We go into a number of topics, but mainly focus on phishing. Erich talks about phishing as a service, ransomware as a service and gives recommendations on how to best perform your own phishing engagements within your company.

Oliver Lebhardt is the creator and CEO of Complytron, a tool used for OSINT investigations to determine if seemingly unrelated websites are actually related. In addition, Complytron has data about politically-exposed people (PEP), people who have been sanctioned and who are on government watchlists. The data can be heavily used in anti-money launde…

Chris Russell, the CISO of tZero, is @cr00ster on twitter and https://github.com/cr00ster, joins us today to talk about his experience in the military and how he obtained intelligence during the Iraq War. Chris talks about some of the techniques used to help determine when people were telling the truth and when some might have just been looking for…

Known online as @LockDownUrLife, we talk about how she helps people who have been a victim of online scams and harassment. She also talks about ways we can protect our own privacy, and what you can do when you are threatened or harassed. Her web site with a lot more information can be found at https://LockDownYourLife.com…

Our guest this week is Andrew Lemon, who often just goes by "Lemon." You can find Lemon on Twitter as @LemonItUp or on his YouTube channel with original hacking videos. In this episode, we discuss a presentation he gave at the 2021 Armed Forces Communications and Electronics Association conference titled "A Social Engineer's Toolkit". He had some f…

Rosa (@Rosa_Rowles) is a social engineer working with Social Engineer, LLC. She has an interesting story that includes moving from Spain to England to the US all at a young age. She was a billing coordinator for a hotel before she moved into social engineering. In this episode, she discusses how she uses various principles of influence to evaluate …