Component 2: Sock Puppet Creation

What is a Sock Puppet? A fake online persona used for OSINT investigations to maintain anonymity and access information.

The Sock Puppet Lifecycle:

Step 1: Persona Development

Name: Choose realistic name for target region
Age: 25-45 (most versatile)
Location: Major city (blend in)
Occupation: Generic (marketing, sales, consultant)
Interests: Common hobbies (travel, food, fitness)

Persona Worksheet:

Basic Information:
- Full Name: Sarah Michelle Johnson
- DOB: March 15, 1994
- Location: Austin, Texas
- Occupation: Digital Marketing Coordinator

Background Story:
- Originally from: Columbus, Ohio
- Education: Ohio State University (Marketing, 2016)
- Moved to Austin: September 2019
- Why: Job opportunity in tech sector

Interests:
- Professional: Digital marketing, SEO, content creation
- Personal: Hiking, photography, coffee shops
- Entertainment: True crime podcasts, Marvel movies

Step 2: Supporting Infrastructure

Email Account Creation:

  1. ProtonMail Account:

    - No phone required
    - Access via Tor
    - Encrypted
    - Professional appearance
  2. Gmail Backup:

    - Use sock puppet phone number
    - Required for some platforms
    - Enable 2FA with virtual number

Phone Number Options:

Step 3: Profile Photos

AI-Generated Photos:

1. Visit: thispersondoesnotexist.com
2. Refresh until suitable image
3. Save multiple variations
4. Use reverse image search to verify uniqueness

Photo Preparation:

Step 4: Building Credibility

Week-by-Week Building Plan:

Week 1: Foundation

Week 2: Primary Platforms

Week 3: Engagement

Week 4: Expansion

Week 5+: Maintenance

Component 3: Browser Configuration

Firefox Privacy Configuration:

Essential about:config Changes:

privacy.resistFingerprinting = true
privacy.firstparty.isolate = true
privacy.trackingprotection.enabled = true
network.cookie.cookieBehavior = 1
geo.enabled = false
media.peerconnection.enabled = false

Must-Have Browser Extensions:

  1. uBlock Origin

  2. Privacy Badger

  3. HTTPS Everywhere

  4. User-Agent Switcher

  5. Canvas Blocker

Component 4: VPN and Tor Setup

VPN Selection Criteria:

Recommended Approach:

Internet → VPN → Tor → Target Site
         ↓
    (Your ISP sees VPN)
              ↓
         (VPN sees Tor)
                   ↓
              (Exit node sees target)

Tor Browser Configuration:

  1. Download from the official site only

  2. Never modify Tor Browser

  3. Check for updates regularly

  4. Understand limitations (no plugins)

Component 5: Password and Data Management

Password Manager Setup:

Secure Note Organization:

/OSINT Credentials/
  /Sock Puppets/
    /Sarah Johnson/
      - Email credentials
      - Social media logins
      - Security questions
      - Phone numbers
      - Important dates
  /Tool Accounts/
    - API keys
    - Service logins
  /Investigation Notes/
    - Active cases
    - Archived data

Component 6: Data Storage and Organization

Folder Structure Template:

/OSINT_Operations/
  /Tools/
    /Scripts/
    /Applications/
    /Documentation/
  /Investigations/
    /Active/
      /Case_001_CompanyName/
        /Raw_Intelligence/
        /Processed_Data/
        /Reports/
        /Evidence/
    /Archived/
  /Sock_Puppets/
    /Active_Personas/
    /Retired_Personas/
  /Templates/
    /Report_Templates/
    /Checklists/

Common Mistakes to Avoid

1. Using Real Identity

2. Poor Sock Puppet Management

3. Inadequate Documentation

4. Security Lapses