badge

Cyber Threat Intelligence - From Forums to Frontlines

An intensive course designed to equip you with the skills needed to master the data collection phase of threat intelligence.

Difficulty: Intermediate Duration: 30 hours Type: Crash Course Version: 1.0.0 Level: 2 Language: English

Topics

OSINT CTI Bots AI Tor Scraping Surveillance

Overview

Cyber Threat Intelligence: From Forums to Frontlines is an intensive course designed to equip you with the skills needed to master the data collection phase of threat intelligence. You will learn how to scrape data from real-world criminal forums and overcome challenges such as rate limits, captchas, and account lockouts.

This course goes beyond scraping. You will gain the ability to analyze and translate collected data into any language, and make sense of it using advanced tools, including Artificial Intelligence. You will also build and maintain watchlists to monitor targets over extended periods, ensuring continuous intelligence gathering.

By the end of this course, you will have the knowledge and practical experience to move from forums to frontlines, fully prepared to take on real-world cyber threat intelligence operations.

What You’ll Learn

  1. Analytical skills to deconstruct complex problems and develop efficient solutions.
  2. Understanding and countering anti-bot systems.
  3. Techniques for bypassing rate limits.
  4. Methods to bypass CAPTCHAs.
  5. Account rotation for concurrent scanning operations.
  6. Leveraging AI for cyber defense applications.
  7. Generating Tor proxies for secure scraping.
  8. Translating data into English for analysis.
  9. Interpreting and analyzing threat intelligence data.
  10. Creating multiple bot profiles for large-scale scans.
  11. Storing data for future use and exporting it as JSON for offline analysis.
  12. Insights into cybercriminal operations and long-term monitoring strategies.

Course Structure

This course has 6 modules, here they are:

  1. Module 1: Introduction: An overview of the course, cybercrime forums, key terminologies, and essential moving parts. You will also get introduced to text analysis using keyword matching.

  2. Module 2: Getting Started: Guidance on setting up a safe lab environment for legal web scraping. You will learn the fundamentals of web scraping, how to use AI for text analysis, and techniques for handling anti-bot systems, including captcha bypass methods.

  3. Module 3: Laying the Groundwork: A deep dive into the components of a web scraper, including Tor proxy generation, API management, and bot profile management, ensuring you have the technical foundation for large-scale data collection.

  4. Module 4: Data Scraping: Step-by-step training on building components for large-scale data scraping. You will practice scraping post links from marketplaces and extracting detailed content from those posts.

  5. Module 5: Threat Watchlist: Instruction on creating a monitoring system that scrapes profile data based on both frequency and priority. You will learn how to build watchlists that support continuous threat intelligence gathering.

  6. Module 6: Course Completion: A recap of everything covered in the course, reinforcing your skills and preparing you for real-world cyber threat intelligence work.


Prerequite

Before starting this course, you should have basic proficiency in the following technologies:

  • Python 3 programming language
  • Docker
  • HTML
  • JavaScript

Languages

This course is available in the following 5 languages:

  • English
  • French
  • German
  • Portueguesee
  • Spanish

Contributors

Learn more about the authors, editors, and reviewers behind the course.

Author(s)

Hamed Kohi

Hamed Kohi also known as 0xHamy or Hamy, is a vulnerability researcher credited with more than 30 CVEs by MITRE, GitHub, VulDB, the Apache Software Foundation, and others. Hamy is the founder of Cyber Mounties and its academy and research arm, Delta Obscura. He also holds industry certifications such as CPTS from HackTheBox.

Thanks

Special thanks to Delta Obscura for their support in creating this course.

Delta Obscura is an international vulnerability research team with a proven record of securing up to half a million digital assets by identifying and reporting vulnerabilities in widely deployed software. The team has also launched various cyber missions focused on discovering zero day vulnerabilities in high impact targets.

Their flagship effort, Mission Cyber Sentinel, contributed to securing up to 1.2 billion users who were affected by software in which team members identified critical vulnerabilities. Without the dedicated work of the Delta Obscura researchers, millions of people could have been exposed to serious cyber attacks.