Skip to main content

Duration: 8 hours

Format: Online, self-paced with practical activities and a short assessment

Topics covered

  • OSINT fundamentals: scope, rules of engagement, ethics & legality
  • Passive techniques: DNS, WHOIS, metadata, social & code repositories
  • Tooling basics (e.g., search operators, footprinting platforms)
  • Interpreting signals: services, credentials, code leaks, shadow IT
  • Reporting: evidence logs, risk summaries, shareable insights

What you’ll learn

  • Explain the purpose and ethics of passive reconnaissance (OSINT)
  • Systematically gather and document publicly available information
  • Identify exposed data, misconfigurations and attack surface indicators
  • Distil findings into a concise risk snapshot with recommended next steps
  • Apply legal, policy and privacy considerations when handling discovered information

Badges earned

Vulnerability Assessment
(VUAS) – Level 3

Vulnerability Research
(VURE) – Level 3

Threat Intelligence
(THIN) – Level 3

Methods & Tools
(METL) – Level 3

Upskilling Australia’s Largest Organisations
to Lead in the Digital Future

Our digital skills training is valued across many organisations.