当前位置:首页 > 报告详情

回归基础——关键词和听力.pdf

上传人: 可*** 编号:991943 2025-12-07 15页 1.12MB

1、confidential do not distributeKeeping it simple-Monitoringconfidential do not distributeTwo types of OSINT investigationsEntity EnumerationI have an entity(person,building,organization)and I want to know as much about them as possibleGenerally immediate results and feedbackWorkflows are(often)reprod

2、uceable,and the same tricks work over and over againGenerally,has some final point,i.e.Youve found what youre looking for or have a mostly complete profile builtMonitoringI want to sit back and wait for a person,organization,conversation to say something I care aboutVery rarely(sometimes never)immed

3、iate results and delayed feedbackSome similar workflows,but oftentimes you may find yourself going to wildly different places to track the conversationFinal point is vague.Depending on the investigation,you may continue to listen as long as time and resources allowconfidential do not distributeWhy i

4、s monitoring difficult?Communities seem to speak a foreign language(or sometimes literally speak a foreign language)They are on places on the internet you never visit(and arent even aware of)Hard to tell if your monitor is correct(and almost never is the first time)Noise,noise,noise,noise,noise,nois

5、eCan be a nightmare to do manually(many tools exist to automate)So.much.noiseconfidential do not distributeBest practices:#1 Start out by keeping it focusedToo often,people will begin their monitoring workflow with overly common words,and give up when they get nothing but noise“Im trying to monitor

6、a riot,so Ill put riot in as a keyword”Quiet Riot(70s English band famous for“Cum on feel the noise”Riot Games(American Video game publisher responsible for“League of Legends”and“Valorant”)Riot platforms(Bitcoin mining and digital infrastructure)Riot punch(Everclear,or other liquors,mixed with Kool-

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要讨论了开源情报(OSINT)中的监控工作,区分了实体枚举和监控两种调查类型。强调了监控的难点,如社区语言障碍、信息源的多样性、监控准确性等问题。提出了以下关键点: 1. **监控难点**:包括社区语言理解、信息源的广泛性、大量噪声干扰以及监控的准确性。 2. **最佳实践**: - **保持专注**:避免使用过于通用的关键词。 - **过滤数据**:通过结构化数据和关键词筛选相关对话。 - **优化搜索**:识别并排除噪声词,不断调整搜索策略以适应对话演变。 3. **步骤分解**: - 确定关注的数据和其结构。 - 确定谁拥有数据或参与对话。 4. **案例说明**:通过研究肯尼亚抗议活动,展示了如何通过初步研究找到相关社交媒体账号和标签,然后通过创建过滤器来聚焦特定对话。 5. **监控迭代**:监控不是一蹴而就的,需要不断迭代、改进和扩展。 总结来说,有效的监控需要从专注、过滤到不断迭代优化,以减少噪声并提高相关性。
如何过滤海量信息?" 如何高效追踪目标?" 如何避免信息过载?"
客服
商务合作
小程序
服务号
折叠