Start interactive tutorial

← Back to Projects

OSINT Tracing: The John Click Case

Difficulty

  • intermediate

Average duration

1 hrs

Technologies

  • linux

    • cybersecurity

    blue-team

  • osint

  • investigation

Difficulty

  • intermediate

Average duration

1 hrs

Technologies

OSINT Tracking: The John Click Case
📄 Instructions

OSINT Tracking: The John Click Case

In this lab, you will apply real OSINT (Open Source Intelligence) techniques to track a potential digital attacker. It all starts with a simple clue: a username.

An individual using the alias johnclick1337 posted a phishing threat on a forum. The post was quickly deleted, but an investigator managed to record the username before it disappeared.

Your mission as a cybersecurity analyst is to track the suspect, investigate their public presence on the Internet, and find their personal email address.

In this lab you will learn:

  • Searching for usernames in open sources
  • Analyzing public profiles
  • Extracting relevant metadata
  • Validating findings from a forensic terminal

🌱 How to Start This Lab

👉 This challenge is solved from your browser, but the final validation is done inside the brokendb virtual machine.

  1. If you don't have it yet, download the virtual machine from this link:
We are sorry, you don't have enough privileges to access this block of content, please signup or upgrade your plan to access it.
1https://storage.googleapis.com/cybersecurity-machines/brokendb-lab.ova
  1. Import the virtual machine into VirtualBox or VMware.
  2. Start the VM and log in as the user student.
    You will see a lightweight Linux environment with pre-installed analysis tools.

📄 Instructions

We know that johnclick1337 has reused their username on various public platforms. Only one contains their visible personal email, which they accidentally left on their profile.

Your task is to locate that real email address.

Your Mission: Find John Click's Personal Email Address

  1. From your browser, go to the OSINT tool

  2. Enter the name johnclick1337 and check which platforms have registered it.

  3. Explore the public profiles on those platforms:

    • GitHub
    • Reddit
    • Others with a visible bio

  4. Carefully review their content: descriptions, README.md, posts, comments…
    One of them contains John's real email.

  5. Flag validation. When you think you have found John Click's personal email address, validate it from the brokendb machine terminal.

  • Log in to the machine as student.

  • Run the validator:

1validate-email
  • Enter the email when prompted. For example:
1Enter John Click's email: example@gmail.com
  • If correct, you will get the flag:
1✅ Correct flag!
2🎁 Flag: 4GEEKS{EXAMPLE_FLAG}

This challenge simulates a real case where a digital threat leaves subtle traces on the web. It's not just about searching, but about reading between the lines and connecting scattered profiles to form an identity.

Are you ready to think like a true intelligence analyst?

Good luck, Analyst!

Sign up and get access to solution files and videos for free

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • intermediate

Average duration

1 hrs

Technologies

Difficulty

  • intermediate

Average duration

1 hrs

Technologies

Difficulty

  • intermediate

Average duration

1 hrs

Technologies

Difficulty

  • intermediate

Average duration

1 hrs

Technologies

Sign up and get access to solution files and videos for free

We will use it to give you access to your account.
Already have an account? Login here.

By signing up, you agree to the Terms and conditions and Privacy policy.

Difficulty

  • intermediate

Average duration

1 hrs

Technologies

Difficulty

  • intermediate

Average duration

1 hrs

Technologies