WEBVTT

00:01.760 --> 00:04.240
In this video we're going to talk about sock puppets.

00:09.680 --> 00:16.880
So sock puppets are extraordinarily important when it comes to things like open source intelligence

00:16.880 --> 00:21.600
investigations, uh, pen testing and whatnot.

00:22.240 --> 00:26.200
So sock puppets are also sometimes referred to as a burner account.

00:26.480 --> 00:28.120
This is alternative account.

00:28.600 --> 00:34.200
It's a alternative email username, fake identity, etc..

00:35.040 --> 00:37.360
This is no way associated with this.

00:38.480 --> 00:42.640
And we also don't want anything tying this back to us.

00:42.640 --> 00:49.040
So if we have a sock puppet we typically have a again a email address.

00:50.080 --> 00:56.960
We want to make sure that email address the name does not associate with any anything about us doesn't

00:57.000 --> 01:04.470
it's not the same username or same or similar username as our real email address.

01:05.510 --> 01:08.470
The name of the person we have.

01:08.470 --> 01:10.990
The username and actual name that you register your account on.

01:11.030 --> 01:12.350
Don't use your real name.

01:14.190 --> 01:14.350
Uh.

01:14.390 --> 01:18.310
Don't put your real location down or anything like that.

01:18.990 --> 01:21.870
Uh, same with phone numbers, social media accounts.

01:22.350 --> 01:27.270
Uh, your social media accounts do not add people that, you know, don't add yourself.

01:27.710 --> 01:29.950
Uh, don't add your real job.

01:30.110 --> 01:33.270
Don't add to where you really went to school, things like that.

01:33.950 --> 01:39.190
So typically we use alternative name location again username, email address, physical address, phone

01:39.190 --> 01:43.750
number, fake profile pictures, job titles, employer, etc..

01:44.390 --> 01:45.590
Uh, you shouldn't use.

01:45.630 --> 01:52.390
Also, you shouldn't use any password that you use with your real accounts because things like data

01:52.390 --> 01:55.270
breaches and we'll look into data breaches and whatnot.

01:55.430 --> 02:03.380
You don't want someone going, hey, this unique password matches this other person that I can't find

02:03.380 --> 02:04.140
information on.

02:04.140 --> 02:05.100
Well, that's interesting.

02:05.100 --> 02:06.500
You don't want that to happen.

02:07.220 --> 02:09.980
Sockpuppets are there to protect us.

02:10.500 --> 02:16.700
And how complex a sockpuppet is will depend on how complex we need it to be.

02:18.460 --> 02:27.980
So certain sock puppets I have are just an email address, a username, etc. others are far more detailed.

02:27.980 --> 02:34.540
I have profile pictures, I have fake addresses, fake social security numbers, fake phone numbers,

02:34.540 --> 02:38.380
fake jobs, uh, and so forth.

02:39.380 --> 02:41.740
Uh, as much detail as a real person.

02:42.940 --> 02:45.460
Now, you don't always need that in every case.

02:45.860 --> 02:50.780
But certain situations, you do want to have a more complex sock puppet.

02:52.820 --> 02:55.460
So why would we need a sock puppet anyways?

02:55.460 --> 02:59.250
Well, again, if we're doing an investigation, we're investigating a criminal.

02:59.650 --> 03:10.410
We're going into a dark web form, a clear web form, etc. that is someone that's potentially dangerous.

03:10.410 --> 03:11.450
We don't want that.

03:11.490 --> 03:16.610
And while we're investigating this dangerous person, we don't want that person be able to and to do

03:16.610 --> 03:19.090
the same back to us and find out who we really are.

03:19.210 --> 03:21.850
Because, again, we might be dealing with some dangerous people.

03:22.250 --> 03:31.450
And, um, we really don't want something to happen that where they go, hey, this person was investigating

03:31.450 --> 03:31.770
me.

03:31.970 --> 03:33.650
Hey, I know who they really are.

03:33.890 --> 03:36.370
Let's go do something back to them.

03:36.370 --> 03:44.970
Either, uh, hacking, doxing or, um, in some cases, actually coming and actually hurting you,

03:45.010 --> 03:47.650
hurting your friends, hurting your family, things like that.

03:50.810 --> 03:54.880
And things like adversary Simulation.

03:55.840 --> 03:57.600
The bad guy or bad girl?

03:58.280 --> 04:01.160
Um, will also use, uh, sock puppets.

04:01.520 --> 04:03.680
So sock puppet creation example.

04:06.960 --> 04:12.560
So again, just to recap, sock puppets can help protect our, uh, protect us and our real identity.

04:13.040 --> 04:17.000
Sock puppets can be made to appeal to a certain target also.

04:17.320 --> 04:24.880
So if I'm if I'm looking into, say, a Russian criminal forum, I may pose as a Russian person.

04:25.520 --> 04:26.560
Russian name.

04:26.840 --> 04:30.920
I register under a location in Russia, things like that.

04:30.920 --> 04:31.280
Or.

04:33.560 --> 04:36.000
Locations that are friendly to Russians.

04:36.880 --> 04:38.040
Uh, Russia rather.

04:38.280 --> 04:43.000
Um, again, never, ever use any real information that ties back to you.

04:43.240 --> 04:49.080
That includes names, addresses, phone numbers, passwords, friends, families, workplace, etc..

04:50.000 --> 04:51.720
So this was about sock puppets.

04:51.720 --> 04:52.640
Thank you for watching.

04:52.640 --> 04:53.880
I'll see you next video.