AI in OSINT - Zero snake oil - Roelof Temmingh

okay this is what the talk is about um okay let me quickly I don't want to talk too much about myself but I've been around for way too long 30 years it's like I had to update the slide I was like what 30 years now okay I'm studied for my sins big mistake studied electronic engineering um started s post and and started PVA uh that was why do I have the slides here not here it's kind of weird hang on let me see if I can have them here as well no I'm going to have to like present like this um started a a company called voro um spoke at too many conferences and all of that right okay um I was I

used to be in it security uh like many of you um and then I was in OS in and then I was into kind of software development and Os in end software I guess I'm still there I kind of did a little thing on um automated AI driven influence campaigns if you could remember I did a talk about that last year and I did a thing about attribution of influence campaigns I thought it was really interesting um I do the attribution stuff mainly because I want to test if my software works and so you kind of get to have to use it um now I've buil a thing called ubicon um everybody that was at my

workshop yesterday saw the software um and you know I showed it to you I didn't show it I didn't get to show it but it's okay um and I and I kind of do stuff right I I just do stuff I feel like I'm Furniture in the security scene but yeah that's how it is I guess okay so uh the title you would see in the title it says zero snake oil just real stuff and I'm a very a pragmatic person and I try to be very pragmatic about stuff and I'm like okay this is this works so this doesn't work and that's kind of what I want to show you today so I had this

conversation with um a friend of mine Andrew mcferson uh which is sadly not here today I sent him the slides and he was like so does this stuff actually really work like you have it in the slides that's the slides that you're going to be seeing and I'm like yeah it's those are live examples um and some of the stuff is kind of hard to believe when you see it it's it's actually really cool right um but I also want to show that it kind of screws up and it and it kind of breaks and I want to show you not just ooh this is shiny and amazing but it's also not amazing sometimes right so we have kind

of both of those things okay so um I have no idea how long this talk is I because I haven't done this talk before um but when I was asked when I asked bsides for a slot I said like can I have a 30 minute slot and they and they were like it's all good and then when I started building the slides I was like I ended up on slide 37 I was like o this going to be kind of tight um so I I politely asked if they had a a normal slot and and so so now we got a longer slot and I'm going to try to finish in time so in the

process I might finish early I also realized that um you know the after this there's there's nothing after this is there closing or there's nothing so it's beers after this so I'm so I'm literally standing between you and and drink so I do appreciate that as well okay okay so but o in so o in is a lot about reading right if you do o in you reading a lot you should be reading a lot of pages and scrolling and understanding and trying to find details and remembering connections and like making connections between things and this and so if we think about AI today AI is actually pretty good at that right it's pretty good at like reading

stuff so when you so when you think about should Ai and OSN sit together you go hey that's maybe not such a bad idea you know seems like it's a good idea right and so right now ai is already kind of good at reading stuff and remembering stuff and looking for details right but OSN is also about exploring things and be like oh if I have this thing I should be able to get that thing and if I look this up in this way I can do this now you know like I have a IP address and I will look it up in a database or something like this um and right now ai is not so good at that but we going to

talk about that a bit later for now let's just talk about what we got the information and we want to be able to do something with it um the problem that you have is that that AI is trained on the surface web right so when you look at all the models they basically feeded a whole lot of information and it's trained on that and and actually if you think about osint osint is about also surface level stuff right that's what we can see and what we know and so already it works kind of well asking AI agents about or or AI assistants about things that are on the internet right now but when you're doing an

investigation you might be looking into things that are kind of Deep Web and and I want to very much clarify this point that the Deep Web is not the dark web right those are two different things the the Deep Web is things that is beyond some kind of a credentials or capture or something that cannot be indexed by a search engine right so let's think about that um most social media is like that like when you're browsing Facebook uh um you know Google is not scraping those pages because you logged in and you are friends with this person and so Google is not friends with that person so they can't scrape those pages so that's deep web it's not scary

or whatever it's just not indexed right um anything that's beyond a capture is Deep Web right your intranet is probably also Deep Web because it can't be indexed by Google okay the dark web is is T and do onion different place not the same thing okay um AI doesn't have visibility on either of those it doesn't have visibility on deep web and it doesn't have visibility on the dark web right it wasn't trained on it it can't be trained on it um you can see why right okay now so what we want to be able to do is we want to be able to expand ai's visibility into the Deep Web so the way that we do this AI has this concept

called drag that you must have heard about if you haven't you should look at it um and that's called retrieval augmented generation what it means is it basically means you give me some data and I will look at the data that you've given me and you can ask me questions about that data and you might think well what what is the point of that but if you let's say you're a law firm or something like that you can upload all of your contracts and things that you looked at in all the cases and you put it into the AI and then all of a sudden the AI knows about that stuff and it's it's magic [ __ ] right okay um and you

can actually do it today right now you could do it right now you go to chat GPT you say I think it's called create a GPT a private GPT or something like this you build up a GPT and there's a little button it's really small button but it's really powerful that says upload the files and that's where you upload your files okay and it's not just um open AI that has this um I believe entropic is got it as well U so there are other providers that do this as well and we're going to talk about a little bit that a little bit later so now you going to kind of see where I'm going with this

stuff right I'm going well hm there's this thing called drag we can upload things maybe if we have some of the pages that we have that we browse to we can put it in to Rag and then we can have a assistant that we can ask questions about and that seems like a really nice idea and that is exactly what we've done so but before we do that I want to take a little step back and the step I want to take back is does it even work does it is there even a way that this thing can work you know there's many questions that I had about this um as a start what kind

of I can we take a web page how do we save a web page who knows what's the format that we save a web page in anyone mhtml not HTML not HTML mhtml very different thing kind of the same but not really but mhtml embeds all the images all the JavaScript all of that [ __ ] and puts it in a little box can we upload that as a rag item to Chad GPT and the answer is you can't because it doesn't understand it it doesn't understand that format and so those are kind of the questions that you got to ask if I have a picture on Twitter with like text underneath it how do I get the AI to

understand what's in the picture and what's in the text and to have that as a little thing that it now knows the context between those things and how much can we put into rag before it's like it forgets can we just like put in like megabytes and megabytes and megabytes of data and then expect it to work so there's a lot of questions that you need to answer for this thing to work and this is kind of where you need to do research right this is what the research is about this this page um and then how do we even know if it works so if we then ask the AI question about the pages

how do we evaluate if the response that we're getting back is a good response or bad I mean it's not like you're going to rate the answer one to 10 right you can maybe get another AI to do the rating but then you see chicken egg situation so these are the kind of questions that that you need to answer and and I was like yeah I don't want to answer those questions I I just want to I just want to build this thing man let me just build it and then let's see you know cuz I'm very uh I'm I'm very kind of a doer I'm a doer I'm not a I'm not so much a

thinker I don't want to think I was just like let's try it and see what happens right um so we wanted a way that we can easily take the pages that we browse to and take the text from the pages and then send it up to Rag and then ask it a question and then kind of eyeball the answer and say it seems to be okay or no it's bad or we could take like 7 months or 9 months and try to build a test harness and things and like but I'm not that kind of guy okay so we already had this tool called ubicon which I can't show you because then it's a vendor talk

and I'm not a vendor talk guy ask the people that was in my training but we had this thing that was kind of already doing this so all we had to do is say take the page that you have and send it up to Rag and it took us a month to build the AI component of this thing now before we go into this particular thing I want to kind of do a Sidetrack and you'll see how I'm going to sidet trck and then come back again right so within ubicon um we have this ability to take portions of the screen as a screenshot to just show hey that's important snip that do a clipping of that little part of the

screen right we call it screen clippings I thought it was like you know that's why we don't have marketing people that they would be like that sounds way too unsexy but we call it screen clippings because that's what it is um and it's a really nice way to create context between things because it has the picture and it has the text and so those things kind of live together and it giv gives you a a really nice way of knowing that's what it is that we're looking at at the moment and within the tool we have a way that the user can annotate the thing so they can immediately write something on top of it and say hey it's

a this and we have a way that the user can tag it and say we're creating a tag and this is a this is a this but those are those both of those things are optional so um because we kind of don't want to dictate to the user that everything that you take a clipping of you now have to write something on that's kind of boring right so we might end up in a situation where we have a whole lot of images but uh we don't really know what's in the image right so how do you now deal with this later on let's say you've done an investigation that's like 3 weeks long and there's 150

little screen clippings and I want to search for something in there well you you you just can't but obviously you can um because we can send those screen clippings to the AI and then say describe what it is that you're seeing um and then we can take the output and we can index the output and we can search the output and it works remarkably well right it works remarkably well right so um there was a there was a op stunt was the up stunt again dry no protest there was a protest in in uh um Amsterdam just before the I did this the build the slides which is couple of weeks ago um and and it was on Twitter and I just

took a couple of pictures you know of this of this thing now imagine you want to go through all those pictures and you want to see all the pictures where the police where they feature the police how would you do that um okay well let's see right so this is the screen clipping that I took this is the actual screen clipping so remember I said you want to have the text and the picture for context together right so you send this off to open Ai and you say hey describe what it is that you're see and it goes okay and also we're kind of clever about it because when we send it off we say

this came from this URL because we know the URL right um and we also say things like the user annotated this picture as follows so when the user which is the analyst actually writes something about the image the AI knows what the analyst wrote so it kind of has that little context and if we tag it we also send the tag to the AI now remember it's optional so but it does provide that context if it's possible so here it goes It goes okay this is a uh image is from is from Twitter it knows that it doesn't recognize the flag right you see that it says the flag is composed of three vertical B this is

kind of important you'll see why later on okay then it says I mean and this is good hey because the resolution on that thing is [ __ ] and it goes okay it the officers are wearing yellow high visibility jackets with the word pitti written on them indicating that they are Dutch police it's never saying here that it's dutch belce but it knows cuz that's what it translates to right and then it kind of also says there's text obviously it does OCR on the text so that's a nothing burger right it just does the OCR it translates the Dutch into English and it knows that it's about a protest that has to do with the mayor of Amsterdam because now it

grabs some of the surface training that it had and it knows that right that's pretty good right so now when we search for the word police well we ran it across every screen clipping that we make automatically goes in the back end off to the AI it gets a description and now we search for the word police and we find it wherever there's police dudes right in this thing it's kind of cool I think it's kind of cool okay um we also to make sure that we are not missing the text we run this thing Harry voer we run this thing through through we run this thing through a very cheap OCR it's a cheap OCR cost us

nothing we have implemented as a micros service right and so if there's text on the screen in this case it said you know you could read what it said there at the top I'm don't have to say it um then it picks that up as well okay so this is a easy easy easy win for us it it's there's nothing to this right it's super easy to do and works really well okay so now now I'm going to talk about the actual page text that's in the page right so we looked at images now you're going to see how we're going to fit this in okay so I'm going to give you examples but I don't want to like make

examples out of nothing cuz it needs to be something real so I took a few people's Facebook pages right but these are not suspects in anything these are normal people right and I blurred out their faces and I remove their names but if you recognize some of them don't tell them that they're in my presentation okay cuz they these are normal people they've done nothing wrong they play paddle with me and you know I I don't so I trying to make it so that you don't know who it is okay but maybe you recognize some one okay okay so what did I do I browsed the Facebook profiles and I looked at their friend list and they've got open friend

list so I literally scrolled through the friend list it's not like you got to do something you just like tag the page and you go I want this page to be part of this thing it knows nothing about the fact that it is Facebook there's no special Source it's just the text and the text is even not even nicely paused it's like you know it's really you know you got ads in between and you got like you know trending hashtags and all that [ __ ] the headings it's not we don't do anything to the page that knows that it's from Facebook so that's kind of what makes it cool the AI is like H we kind of know that you

just scraped this page from the Dom with like literally HTML to text library and then that goes into the it's not clean text it's it's not clean text okay so now look at this I mean I don't know it blows my mind so I go as a start I asked the AI well we had five users here right who's the common friends between these five users literally that's it and I was go oh okay well we'll trying to figure that out like Arena I took out all the surnames but the names are the real names right it goes Arena has Trevor Gary Jillian Vicky and Warren Trevor Has Julian G's got Trevor Julian Vicki Alby has so we

think Julian Vicki are common between these five friends and this for me is Magic [ __ ] like I don't know about you but like I look at this and I go holy [ __ ] it didn't know it was on Facebook I don't have any algorithm or some crazy scraping thing it just knows it because it's got the data right okay we could do things like look at this one person 's Facebook post where is she from and it's like well she's from Bulgaria but she lives in London like oh yeah I didn't see that I kind of forgot about the fact that it was there on a page somewhere but it was there and I

checked it out and that's how it is um and then you go okay well you know when you're looking at OS in you're looking at things like date of birth so in this entire like scrolling for 14 days of Facebook posts was there ever someone that indicated when was her birthday and it's like yeah her birthday is the 14th of February taada and then you go find it and you go look and you go oh yeah it was there on the 14th of February someone said to her happy birthday and so the because we rag up that item it now it now knows right um you could do the following you could be like okay well I don't want to go

through all of this stuff but through all of this who's the people people that interacted with her the most and says okay it's uh it's Julian and again for OS in that's that's the stuff we want to know right and then when you find it you see they interacted and I'm like does she speak any other the languages and it goes yeah she speaks Bulgarian and I'm like okay well who does she speak Bulgarian to and it's like she speaks ban to these people that's cool [ __ ] like this for me is Magic like I find this to be magical right and that's also the kind of things that you want to see remember I could be

browsing 17 people's Facebook profiles and then say um of all of these people that you browse that I browse who interacts with who the most in a different language other than English and be able to do it it doesn't matter what I ask it it's just going to know right um and again the effort here is zero the effort is I browse it and I then say okay the stuff that I browsed can I interrogate these things now Okay so we've now looked at the browse pages but we can send more things to rag we can send uh the we have a section in here where we take notes so if you want to take notes you put it in there so we can

take that we can take and we can also take the clipping text so when you take a a image you write something underneath so we send that the tags the OCR so all of these things we basically wrap all of these things up and we send it to the we send it to the AI okay and now why would we do that because now the AI knows the context of what we are talking about okay so remember in the past we had that flag that said oh it's this flag composed of three vertical bands no no no no no no no but when I give it all the text in the OCR and I give it the report it goes

now I can say from the documents available to you list all the URLs with the Palestinian flag and it goes oh it's these two because now it knows that that flag is the Palestinian flag why because it sees all the text around it and it understands what it is that I'm looking at right it gives it that context it's kind of I know the rest of the story and that's kind of cool so now what can we do what can we do with this why is this useful you know plus plus I think it's very useful I'm going to give you examples of things that we've done uh where some of it is redacted some of it is people I play

paddle with um so it's a combination of real things and kind of more contrived things um this is a real thing this is a real real thing um you can do things like this I I don't know if you can read it I'm going to to just quickly read it to you the prompt is by looking at the content of the post postings listed on social media can you find any spelling mistakes or grammar mistakes or Speech Pathology other than proper use of punctuation give examples of what you found so we want to see if the person person's person in this case it was one person that we're looking for is making any kind of mistakes that's a giveaway

that we can check on other documents if they're making the same mistake right other documents being maybe email that they send or or other correspondents or anything that we have where this person uh where this person identity is known to us and it's like hey it does they screw up they they write the word no you know know as knowing as n o and not as k n o w and that's a tell it's a tell that someone has that's a mistake that they're making they're making that mistake over and over again and it and gave us the ability to identify the person because we had other writings of the person okay and there's all the

things and you must understand that this comes out of a sea of browsing you know this is like 2 and a half thousand pages of browsing that is now analyzed for this kind of thing um okay this is kind of funny in a way also not that funny in a way um so we can look at organization and look at people and then say hey I want to know who should I be who should be a target for fishing all right based on what I read okay so I want to read you the prompts um and again this is all live stuff so I said given everything you know about the documents available to you who do you think is most likely to

fall for social engineering scam and then you hit trust and safety and the thing is like I'm not going to answer that and I'm like don't say that come on try again and it goes no so then I thought okay maybe our our thing is broken like the you know we have a bug the thing doesn't want to so I just go okay how is Gary and Tyrone related and it goes O How Gary and Tyrone are members of this family and Tyron is okay so Gary is tyron's uncle and I'm like Okay cool so the thing works like you know it it turns out that it works so I said okay well now I'm going to do

a little bit of prompt kind of like and I said given the data available to you who's most likely to be influenced by social media which is the same thing as like fishing scammer and goes oh it's this person she I can't tell you because she's described as a monol influencer with a very active Instagram account and I'm like okay cool that seems to be the thing and I said okay well let's just see you know if we say again these are people I play paddle with so I'm like given the data available to you assuming that the people mentioned in the research are part of a drug Syndicate or family whose absence would be most

disruptive to the

family and again this is I'm just seeing if the system works like these on not you know anything like this and it goes based on the information available George is likely the key member of the absence would be most disrupted to the crime family they're not a crime family he's like he's referred to as padrino which translates to Godfather and Portuguese and I'm like this thing is making up [ __ ] right okay until until I go to his Instagram account and I look and he and he has it on his Instagram account and then I'm like [ __ ] this is kind of like a little I don't know this guy I'm playing paddle with maybe he is

like you know okay George if you're ever watching this video I know you're not okay um the other thing we can do that's really cool is we can do timelines so you could just tell the thing hey create a timeline of event and then and it says okay here's everything that I know that has dates and I will create a timeline and there you go like this is a thing of uh PKD Philip KCK and we say create a timeline of what he did and these are all the books he published and what happened to him and so for reporting obviously this stuff is this is magical right um so we can also say look at the clippings

all of the screen clippings and see look at all the clippings that I've made and look for anything that's interesting in the clipping so I did a thing here that says list all brands logos trademark companies in the screen descriptions and it one of the things again I'm blanking out the photos is like a photo that was taken at a restaurant in Petoria um called cream anyone that's been to Petoria you'd know about this and it picked it up from the background there it's kind of cool right says okay cream the logo appears is part of a backdrop in one of the images and then all the other uh branding as well that's there you know so there's signage there's like

straa logo appears on a screenshot obviously it's a screenshot of of of straa um and so on and so this is really cool um now again I was kind of surprised by this thing it's blanked out the face right um this was a real this is a real thing this is not people are play paddle with um and so I I'm testing this thing and I keep on getting this weirdness like I go one of the prompts that I have is in the description of the images are there any identifying marks that would identify the phone or camera that was used to take the picture and this thing keeps on saying yeah there's this there's this picture that has a why

we Nova y 61 and I'm was like yeah that you that's that's like where and it goes it's this picture and I go no it's not well it turns out it is there it just I can't see it cuz the contrast there at the bottom is like super [ __ ] and and and you do and it's there it's literally it it pulled it out there and I didn't see it so it kind of sees better than you can see those are the kind of things that makes this kind of cool right because it doesn't miss these kind of things I missed it all along right okay um I've this is also like a month investigation 118 pictures 2,000

plus Pages uh 48 pages of notes and then you go okay who's likely the operator of this Facebook account and it goes it thinks it's this person and you say m come on you got to explain this and then it goes Bam Bam Bam Bam this is why it he mentioned it here you can read through it or not because this is reducted so I'm not saying it solved this but it kind of helped a lot to know this right the other thing that's really crazy that you can do is you can say okay I'm kind of stuck can you can you give me ideas of what I can do next and then again um The Prompt says give a

list of clickable URL of Google searches that will take this research to resarch SE Arch to the next level do not use obvious examples look at the research and give searches that will yield new fresh angles or Insight make sure not to include any terms of or or links that was already visited so it means don't give me the old things give me new ideas give me new things and I can click on it and you can literally just click on it and takes you to cool stuff so this was on the research was on political influences and things like this and you can see you know New Perspective or influence blah blah blah impact of I'm

not going to say who kind of propaganda but some propaganda in Africa social political movements those kind of things these are all things that it can that you can click on and you can even say give me completely new ideas of where I can take my research based on what I already have you know and these things are not bad ideas these are good ideas right Bas based on the things that I've already seen right um but now you're going to say yeah but it's going to like I'm going to have to type in a lot now I'm going to type and type and okay but what we've done is we built this thing in ubicon that is a prompt

editor so you can basically like say ah okay category of I don't know language then one of the things I want to look at is traits and I want to create this prom that says analyze the social media for blah blah blah resarch idential patent similarities or recurring character traits and give examples of your results and you can save it and then you just click on it again and it brings it up and so you build up this list of like prompts that you think is useful for investigations going forward and so you don't need to type it in all the time you basically have a prompt editor however however it's not all Mon and

R okay so now I'm going to tell you why this is not a great idea okay a you're sending all your stuff to open AI all your pictures goes to open AI privacy plus plus concerns are you okay with that I mean obviously we have it with the API key so you put your API key in there and it's under your API key but it's still you're sending the stuff to open AI right um you still have hallucinations so people say if use rag then your llm is grounded in facts right but even with the with the rag it's it will lie to you with conviction I'm going to show you right you have a thing

that I call prom creep which is interesting it it's where what you ask it starts influencing the answers so a very good example of this was I asked it about like how Philip K dick likes his pancakes obviously there's nothing about pancakes in there but then when you later on ask about a summary it goes oh and it's really like pancakes I'm like dude how did you get to that like it's because I I was talking about pancakes not you right um and then obviously there are some limits with Rag and what you can put in and you know the more garbage you put in the more garbage you get out which is why sending all pages is kind

of a [ __ ] idea okay so here's the uh the one of the things that this is also active case right and we said okay well who were present at the wedding of Kieran and John because this is the wedding and this wedding was like crucial because all these the family all got together at this wedding right and I was like I want to know I was writing a report I'm like who who's at the wedding and I goes okay well they were 1 2 3 four and five you can see four has number one two people there and they were they were there at this thing and then I go I know you're wrong I just

know you're wrong list all the people I goes oh there's was seven people at this wedding okay so once you have a situation where there's where it's this it's this is bad right because what how many times do you have to ask you ask again are you sure these are everybody like can list them again so because the llms are not good at counting and enumerating it's not good at that right this is also kind of e right so names have been changed obviously so we have this project about KY right and it's clearly a the project about KY ker now we have the family members under the heading his brother yakobus pet scer which is not his name obviously his

sister Electra nutr I made the the woman kind of like all kind of like exotic sounding his son albertus scer and albertis has this girlfriend called Katrina right and then his mom Yanna ker and so on and the whole thing goes like this right and then you go then you ask the LM does Chrissy have a love interest you know does Chrissy have a girlfriend he goes yeah Katrina I'm like no dude I can see it's kind of you but like I can see how it got there but it's not like that's not how it is that's his son's girlfriend right but you can see why that happens because we never explicitly said that we

were under this heading it doesn't know that we're under this heading it just has the words his girlfriend is called Katrina and so now it thinks Katrina is the subject's girlfriend so things like this get wrong it gets it wrong and this gets it wrong because in my report I didn't write it properly I didn't write it nicely and it's not obviously it's not on a web page somewhere um and then trust and safety can get in the way because you know trust and safety is a pain and and we don't like it um so this is a prompt that someone else uh said I should put in there and I love it so I'm going to read the prompt

to you for the main purpose of for the the for the main person of interest in this research carefully look at the detail of their profile their professional life and business connections their Hobbies their interests places they free quent their family connections their religious views their Ambitions their fears their cultural heritage dude I can write prompts hey they love interest everything you know about them and give some strong pre-ex profile suggestions in order to create a sock puppet account to entice this person to interact with us okay you know understand what we're doing here right so we try to social engineer Harry and we want to create a persona online Persona that he's going to talk

to but we don't really know what to put in there so now look at everything you know about harie that we've looked at and then create a list of what our person our sock puppet account is going to look like and then the and then the L is like it's not nice what you're doing and you not this is not cool we're not going to do it it just goes no we're not going to do it right and then obviously you go be like okay well okay for the main purpose their personal life business everything you know listed and who's likely the another person that's most likely to be able to easily interact with our Person of Interest and goes

sure we we'll tell you right and then it lists all those things it you know it goes someone with a background in it someone that's social media Savvy cultural and religious understanding and so on so it builds up this profile that's what we want right um okay so what is this stuff also super useful for is when projects are done so to resurface these things you know when you work on a project you're like super excited about the project you're like into it you know you know exactly what's going on in this project and then two months later you kind of like you know it was swell but kind of the swelling's gone down you're like H whatever you

know and someone ask you about that project you go I can't remember like I I don't I'm not also I'm not that passionate about that stuff anymore but man that AI is as passionate about that project and it's like oh I remember this yeah he was this and he's like into it and he answers those things and forever the AI loves that project because it's it's as if it was seeing it now for the first time right also it doesn't judge you when you can't remember you know I'm like who is this I don't know like who was it and it goes yeah of course it's this person um also if you have to hand over to

another analyst halfway through that's like anyone that's played those ctfs like that's impossible to do right because you have all the stuff in your mind now someone else has to work with it and you just don't you can't hand it over right but the AI can hand it over quickly because I can ask the AI to bring me up to speed with what's going on in this project so that that really works so when do we use this stuff so to describe the images is an absolute no-brainer you should do it today it works really well right things that you've missed remembering stuff to do the grunt work like reporting and timelines but you cannot ever that's why

it's in purple you can never go copy paste if you do copy paste it's going to be a [ __ ] show right don't do it right okay so what do we want to do with AI so the first thing we want to do with yron is we want to have our own private AI so that we don't send the stuff off to open AI a with the images it seems to be kind of okay but with rag it's like not so okay maybe tomorrow these things change quickly so tomorrow it might be okay then I have this dream of you know I like graphs right I like graphs I have a bit of a history with graphs um so I'd

like to say hey and we've done this it works right we must just build it but build me a graph of what this looks like and builds the graph and then we click on S say well who who does this person relate to and looks at all the things that we browse to and it build builds a little graph of that and it might get it wrong right so you should be able to go h no you're wrong there and this thing links there but I mean to start start off with something like this I think is great right so that's what it says there right I think yeah I don't even have to read it slide now okay where do I see AI

going forward with with osint how today what do we do we are looking at uh all the information that we consumed and we are basically saying analyze this information and give me cool stuff but in the future I see two ways that can really help like the first is it can do the exploration as well with the agent based kind of stuff that says hey we have a Playbook of how OS end work we'll drive your browser you just sit there and have a snack and you know it will start doing all the things that you we do when we look at at uh OSN right um and I think it's I think that's super

useful and I think we can get there I I think I can get there before the end of next year right the other thing where I think it's super interesting is this kind of over theh shoulder kind of processing stuff so as I'm busy looking at things it can go hey buddy you've missed that but that guy's name there is actually connected to this thing over there right so that it actually processes in real time the data what I'm browsing and saying hey that's cool you should look there or you've missed this or you know something like this that's that's my story um if do you want to see it live do you want to see

what it looks like in the interface okay so again not a vendor talk okay but I'll do it okay okay so to this one we can move to this one okay so this is this is what the interface looks like oh no

wait okay so this is what it looks like I got to be I'm just gonna I'm just going to use this one I'm just can I use this one sorry dude okay so this is um Philip K this is the Philip K deck one so spend a lot of time learning about Philip Kad he's a the guy that wrote these books you know you know the books like Minority Report the movie Blade Runner it's all based on things that he wrote um so these are all the sites that we went to so it basically just captures the sites as we browse right you can see there's like lot here's a timeline of where we saw it so

I did this kind of research in August I can zoom into that first bit over there and be like oh this is what you saw in that time I could be like oh actually I want to just see what I did on the 11th of August be like oh you were on Facebook a lot at the time okay and I can be like okay well let me just s the whole thing okay um you can open up these little panels because we viewing this thing on a really small screen and I developed it for 4K it kind of looks [ __ ] but like that's what it looks like there are all the things all the places that I went to

over the time so I'm going to make that panel go back in there here's all the screen clippings that I took right so when I see something interesting I take a screen clipping and I write something about it so for instance this was you know I thought that was interesting I said that's PKD with Nancy and the child right because I saw it on a web page and if I want to know where it came from uh I can click on it uh I just want to make that panel go back in I can click on it um yeah there I can click on it and there's the AI description photo depicts three individuals outdoor seemingly a

family with foliage and a wooden fence in the background blah blah blah blah blah here's the middle people the right person is a child with long hair blah blah the whole description of what this person looked like so that we can search for it again right so if we search for instance for in pictures and we say okay in pick so pick colon search for the word red right it would search through all of the descriptions of the pictures and it would say this has red and if we look we'll see that it is a white and red font so it picks up this red line over there and it says it's a red line so in

guess it's a red line you know it says with the lady over here which is a the cover for a book she's depicted with pale skin and bright Leed red lipstick which is kind of correct right so I can search through my pictures like this and then when I go to the AI inside stuff okay so we're now talking to the AI I can say refresh it now wraps up all of these Pages it wraps up the pages the images uh all of the text and it basically starts um creating this assistant um fetching the DB the reports the clips all of these things that I wrote here this is a markup so I can write anything

that I want there and I can drag the images into it so as I'm building up my case I basically write it there um and then we're going to just wait and the first prompt that we give it is a thing it says welcome the analyst to the investigation so it should now say something like welcome to the team analyst we're glad you're here oh thanks dude okay so here's all the prompts you know we can be like okay actually um do entity extraction U people all so people all basically says give a list of detailed people in the research for every person show how they're relevant so now we going to click on that and now you guys see that even it's

going to basically say okay there's PKD there's all the all these wives he had five wives right um this is his son youngest child with Tessa buby an Minnie Jonathan lenan is this guy over there that we mentioned individual involved with the legacy of P um and so on I could literally just ask questions here any question that I like about this investigation I can just ask it and it will return results right so you can see it's not not just snake oil it's a real thing if you want to get this tool today the way that it is right now uh we are redoing the interface so everybody tells me I build software with

[ __ ] interfaces so we're redoing the interface um and you can get it on this page and it's right it's a remember this is the Chrome extension it's a Chrome extension that you install and you're done um there's videos on how to use it um and I've made this this thing no can't hear it is it on this is it on here no it's not on here okay well I'm not going to show you the can't play the little audio clip but it's pretty cool here's videos that actually shows you the entire tool inside and out for everything that you want to do this is an hourong so it's an hourong walkthrough of the entire

tool um and you can use it today that's my talk thank you for

attending across the attack surface scattered products and siloed views create blind spots that feel Unstoppable the deadliest risks are in these gaps where attackers move in it's it's time to unify fragmented snapshots into one allseeing view of risk and unleash a platform born with one intention isolate and eradicate your priority exposures from it infrastructure to Cloud environments to critical infrastructure and everywhere in between this is tenable your exposure ends here