FORTALICE - 4 day OSINT course (CPW discount code)

Covert Munkey


FORTALICE 4-day OSINT course (May 2020)


Whilst trawling through my LinkedIn news feed a few weeks ago, a course which had previously been recommended to me by Steph Kerr appeared in my feeds: It was the FORTALICE course.

The advert by FORTALICE explained that they were delivering an OSINT (Open Source INTelligence) course live over 4 days. Having dabbled in OSINT in my former career and having an interest in online investigation, I decided to explore this field further.

Distance learning has not been my preferred method of learning, neither watching “mundane” videos. You can imagine my delight to discover that the course would be delivered by instructors via a live webinar. The course is normally delivered face to face but clearly in this current climate this isn’t possible hence webinar software has been introduced in order to meet the learning needs and objectives.

My research showed that the course was to be delivered by expert former government operators who were at the top of their game. It was this accolade which interested me more than the companies sprinkling of personalities from the TV series ‘Hunted’ which although appealing to those who know little about surveillance or security, meant little to me.

I believe the credibility of the company and the instructors are vital and it was after more extensive research I decided to enter into a discounted course agreement with the FORTALICE team. It was agreed that I would blog on the course and share it with fellow security professionals through my various outlets.

The £400 course will be delivered over 4 days between the hours of 1100-1500 and commenced on Monday 4th May 2020.

I hope the following review proves useful for all readers.


John Morrison

Covert Munkey

FORTALICE – 4 day OSINT course (May 2020)

Day 1: 1100-1500

Zoom is quite new to me and I was slightly apprehensive about the concept of group video calls. The lockdown haircut and the fridge carb marathons is never good for cheap webcams.

Lockdown haircut aside the course started with my carbs in one hand and my coffee in the other. I decided to get dressed for this one, although it was tempting to sit in my spiderman underpants, but thought that could be construed as slightly inappropriate and a bit weird. the Zoom meeting promptly began at 1100hrs led by instructor, Ben Owen.

The upload/download speeds enabled the Zoom meeting to proceeded seamlessly, despite the USA waking up around 1300hrs BST (it is possible that the quality of Zoom may change in relation to network bandwidth and server usage).

The FORTALICE course is testament to the fact that online courses using these methods can future-proof training and learning whilst successfully delivering the learning objectives.

The day started with a simple yet eye-opening explanation on the different levels and areas of the internet and the amount of information that is universally available.

The differences between the surface, deep and dark web were discussed. As this is day one, this was a brief overview and we shall start to investigate them further as our knowledge increases.

As we moved through the day, we discussed search engines and the different options available to us, and that even though they are useful, they are only as good as the questions you ask them. We then looked at search engines that searched search engines, resulting in a more extensive OSINT search – these being known as Metasearch engine.

The day was planned well with appropriate breaks factored in throughout the day.

For the first time, I actually understood and subsequently set up both Internet Explorer and Google Chrome with new and ‘clean’ email addresses.

Overall, a great day which was enjoyable and very interesting, but I’ve still to ask the embarrassing question of ‘how do I clear my own search history?’ [joking].

Covert Munkey

FORTALICE – 4-day OSINT course (May 2020)

Day 2: Tue 4th May 2020

Time: 1100-1500

So Tuesday kicked off as normal with an 1100hrs recap by Ben on the previous day’s main points.

Following the recap, we were shown a survey where I learned that there are more than 1 billion people on Whatsapp, Yandex is Russian owned, and that Baidu is Chinese. The poll results reminded us that only 25% of the internet is in English - food for thought when we need OSINT from international threats .

Today was to be slightly more technical with us being introduced to working on partial information recovery f. Please do not think for a moment I am fully conversant with this but let me try and explain what this means. You know that point where you forget your password for a website, and it says we are going to send it to J*****@H***.com , or we will text you on the mobile ending in +44 *******765”. This type of investigation vector is called partial information recovery.

As we moved through the day, we were joined by the second instructor, Joshua - A cyber whizz kid who flicks through the websites at 100 mph and unlike usual internet whizz kids, is understanding to ‘Newbies’, informative and highly knowledgeable. Let’s just say you don’t want this lad to come anywhere near your computer. Joshua took us through web alerts, which for me, coming from physical protective security, was extremely interesting. To date, this was one of the most relevant parts of the course and is particularly of interest to the Close Protection community. Various terms can be stored or searched for using software, and alerts can be sent to the CP TL. If terms such as ‘I will kill Joe Bloggs’ etc. You get what I mean and can This can be personalised to your organisation or principal.

We proceeded to talk about ‘intelligence and analysis’ and the importance of evaluating intelligence via credibility, accuracy, reasonableness and support information.

Next we looked at ‘social media investigations and linking associates’ using various tools that allow you to identify who is connected to others. A very interesting look into social media platforms, where the ability to conduct in-depth searches can be used to find that vital piece of information.

We finished the day with a Twitter exercise using advanced search options.

A surprisingly fast day that was packed with loads of information that was very relevant to the Close Protection industry. In summary a technical day that would of benefited from face to face demonstrations in slow time, but taking into consideration the climate, clearly isn’t possible.

Covert Munkey

FORTALICE - 4 day OSINT course (May 2020)

Day 3: Wed 5th May 2020

Time: 1100-1500

As normal a prompt 1100hrs recap commenced on web monitoring, forgotten password retrieval, partial information collation and the importance of firewalling private and work IT devices.

A juicy brief on Reddit, VK and Taringa platforms quickly followed wrapped up with a nice slice of Facebook ‘Consented data’.

Proportionality and remaining legal have been, and continue to be, an important theme throughout the course. The instructors insure we always remain on the right side of legislation whilst practicing OSINT tactics and only access ‘publicly available data’.

The course continues to deliver with an array of ‘tricks, tips and tactics’ with a little more time today to put what we have learned in to practice.

Various exercises demonstrated how worryingly easy it can be to find potentially sensitive information, with one exercise producing half a page of data from a single Twitter account. The page could of been full but we ran out of time....I am now quite confident no ex of mine will be safe as I continue to be promoted through the cyber ranks to chief stalker - Ex’s beware!

On the topic of Ex’s, we discussed how essential it was to firewall yourself (And your family) from an adversarial cyber attack. You really don’t want to be getting anyone’s unwanted attention. Examples of this may include former partners, colleagues, neighbours, employees, rival businesses etc.

Methods to protect yourself whilst conducting OSINT include creating an alias, engineering cover stories and deploying ‘sock puppet profiles’ (fake profiles for the purpose of gathering intelligence). All extremely important for instance, when buying from Ebay, who checks how old the profile is? I say this, as you probably first check the authenticity, how many buyers, sales and then how many stars the seller has. The same is with fake profiles, like a fine wine they take time to settle and mature, and like undercover work needs constant attention. This reminded me of my days developing and using cover stories and subsequent infiltration – so of real interest to me – just like my former life, but this time doing it digitally.

Today continued at pace and we moved onto the following fascinating areas including but not limited to:

  • MAC pattern analysis
  • IP addresses
  • Proxy servers
  • VPN
  • Anonymity browsers
  • Secure email servers

The days last lesson points were based around a question I asked yesterday regarding guidance on international sanction checks, adverse media checks and politically exposed person (PEP) checks. Well as if by magic a list of websites with guidance was discussed, demonstrated and shared. I don’t think any of my ex’s have international sanctions but it’s strange who you meet and you can never be too careful right?

Before we knew it, day 3 was drawing to a close and we were issued our overnight assignments. A list of clear objectives were designated and once ready and given the green light we all got stuck in like a bunch of Glaswegian tramps into a cold bag of chips.

In summary a very technical day which saw us becoming more and more familiar with the course’s advice, practices and techniques. Further practice will of course reinforce these. Once again and finally, it’s vitally important that people need to understand that an investigative mindset is almost as important as the websites and tools you are shown.

Covert Munkey

Day 4 OSINT (Imagery information and the dark web)

Thu 7th May 2020


Following a recap and new questions, Joshua and Ben continued and reminded us of the absolute necessity to remain anonymous whilst conducting OSINT investigations. You really don’t want your adversaries tracing the suspicious footprints back to their source.

The main areas of focus for the final day were the significance of the data connected to imagery...standby for eye watering fact...1.8 billion images are uploaded onto the internet every day!

We focussed on reverse imagery tactics, .exif data and geo location intelligence. The ability to view images and videos from social media websites was demonstrated as well as the importance of mapping along with the crowd surfing website Reddit.

Accessing publicly ‘Breached data’ was another one of those jaw dropping moments and confirmed what I thought – my emails and passwords are literally a few key strokes away from an adversary. [Slowly creeps out room to change passwords].

We finished the day off manoeuvring through the dark web where quite literally anything is available for purchase. If the dark web was a movie scene I’d liken it to the Star Wars bar on steroids – A worryingly, jaw dropping abyss of untraceable lawlessness where darkness hides in the shadows. [How was that for drama].

Anyhow, as if in cahoots with my laptop battery power warning sign, the course began to wind down and we were thanked by the company owner for attending Fortalis’ inaugural online OSINT course.

The instructors informed us full PowerPoints and an aide memoire will be emailed out over the next few days, together with being added into their OSINT forum. I’d imagine this forum as a much nicer version of the Star Wars bar , where white hat Bounty Hunters are sharing ideas, script and new OSINT tactics) - A place I think I’d like to hang out, albeit I’d be bluffing my way through the script part.

Finally, whilst on the topic of bars it was much to my dismay the after course drinks consisted of me mumbling goodbye into my kids Fortnite headset, clicking ‘Leave meeting’ and polishing off my cold coffee - There would be no late night kebabs or random Bounty Hunter bars on this end of course drinks (JH).


John Morrison (Covert Munkey)

Close Protection World


Longterm Registered User
All I can say it is frightening what can be found out about us, private email what you have found about me as I thought my private security was covered ( not saying I'm anything special )