Open Source Intelligence (OSINT) can mean different things for different people. It can be defined as any intelligence produced from publicly available information that is collected, exploited and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement. Some of the social media websites, like Facebook and Twitter even provide RESTful APIs to allow selected public to perform custom searches for their user data. PassiveDNS and VirusTotal also offer similar options to allow malware analysts to perform malware attribution of specific attack campaigns.


ThreatDash is a web-based threat intelligence platform that allows users to centralise feeds and compile them into a manageble list. ThreatDash also has an open source plugin interface which enables you to write your own scripts in Python. These plugins can be integrated into the main processing engine and can be used to enrich your data sets. Features also include an API which means you can automate downloading and local processing of the feeds directly into your environment.

ThreatDash is free for use for non-commercial organisations.

SCADA Hacking

Based on a few lessons of PLC hacks in a university course, we want to build a simulated SCADA environment installed with Heterogeneous SCADA environment. We intend to test and develop tools to perform a simple penetrating testing toolset on identify vulnerable SCADA or PLC systems

Many more...

At Dragon Threat Labs we have a number of projects that are running - some big, some small. We encourage our members to take part in as many projects as they are comfortable with. Some members simply choose to spend all of their time focusing on one area whereas others are happy to contribute small efforts to several projects.

No matter what you skill sets are, you are guaranteed to find something of interest.

DTL Training Material Collection

It’s difficult to find practical and free cyber security training on the market. Some of us are learning a lot of stuff from the Internet or because we need to get pass on some certifications. Some of us provide formal training to the Universities, colleges and organisations like law enforcement. We think all our training material can be shared with our members therefore we built a private Moodle platform to allow our members to join these course like aka open courseware.

Forums will be made available for all subscribers so that knowledge and research can be shared.

Radio Frequency Hacks

Wireless signals have been widely used today. From pager, wifi, bluetooth, GSM, RFID, NFC, LTE, ISS, AIS, ADS-B to ZigBee/Zwave, all them are should be protected properly before implemented.

By using Software-Defined Radio (SDR) with a $20-worth USB dongle, its possible for hackers to sniff or even launch attacks to networked computing or even IoT devices. GnuRadio (a RF framework build from Python) is believe as a reverse engineering tool for radio hacking.