Hacks, Leaks, and Revelations
The Art of Analyzing Hacked and Leaked Data
Micah Lee on the operational craft of working with leaked datasets: authentication, OPSEC for sources and journalists, and the Python tooling to actually parse what arrives in your dropbox.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Micah Lee
- Published
- 2024
- Publisher
- No Starch Press
- Pages
- 544
- Language
- English
Read this if
Investigative journalists, threat intel analysts, and OSINT practitioners who routinely handle leaked datasets. Lee covers verification, OPSEC for sources, and the practical Python tooling that turns a multi-gigabyte dump into a story or a finding.
Skip this if
Readers wanting traditional pentest tradecraft. The book is about post-leak analysis, not about how to obtain data. Different domain entirely.
Key takeaways
- Verification is half the work; the book's framing of authentication-by-cross-reference and provenance-by-metadata is the cleanest in print.
- Source OPSEC is structural, not personal; the book's chapters on SecureDrop, Tails, and Tor align with current practitioner standards.
- Python plus Aleph plus DataSette plus a few small custom scripts is enough to handle most real-world leaks; the book's pragmatic tooling choices avoid academic over-engineering.
Notes
Pair with The Art of Invisibility (Mitnick) for the personal-OPSEC complement and with The Web of Influence reporting playbooks from organisations like ICIJ and Bellingcat for the journalism side. Lee's prior work building SecureDrop and his role at The Intercept give the book unusual operational credibility. The 2024 publication date keeps it current with modern source-protection tooling.
What to read before
What to read before Hacks, Leaks, and Revelations →Beginner · 2018
Open Source Intelligence Techniques and Tools
Hassan and Hijazi's pedagogical introduction to OSINT framed inside the broader intelligence cycle (collection → processing → analysis → dissemination) rather than around a specific toolchain.
Beginner · 2019
Permanent Record
Edward Snowden's first-person memoir: the technical work that led him into the NSA's mass-surveillance programs, his reasoning for disclosure, and the Hong Kong handoff to the journalists who broke the story.
Intermediate · 2024
Extreme Privacy
Michael Bazzell's defender-side companion to OSINT Techniques: a step-by-step program for removing yourself from data brokers, public records, and the everyday surveillance economy without going off-grid.
What to read next
What to read after Hacks, Leaks, and Revelations →Intermediate · 2024
Extreme Privacy
Michael Bazzell's defender-side companion to OSINT Techniques: a step-by-step program for removing yourself from data brokers, public records, and the everyday surveillance economy without going off-grid.
Intermediate · 2024
OSINT Techniques
Michael Bazzell's relentlessly updated technical manual for finding people, accounts, breach data, geolocation evidence, and online identifiers — the de facto reference of the modern OSINT field.
Intermediate · 2022
Practical Social Engineering
Joe Gray's working manual for the social-engineering side of red team and threat intel: OSINT-driven recon, pretexting, phishing infrastructure, and the legal and ethical boundaries that separate professional work from criminal activity.
Explore similar books
Alternatives to Hacks, Leaks, and Revelations →Intermediate · 2024
Extreme Privacy
Michael Bazzell's defender-side companion to OSINT Techniques: a step-by-step program for removing yourself from data brokers, public records, and the everyday surveillance economy without going off-grid.
Intermediate · 2024
OSINT Techniques
Michael Bazzell's relentlessly updated technical manual for finding people, accounts, breach data, geolocation evidence, and online identifiers — the de facto reference of the modern OSINT field.
Beginner · 2018
Open Source Intelligence Techniques and Tools
Hassan and Hijazi's pedagogical introduction to OSINT framed inside the broader intelligence cycle (collection → processing → analysis → dissemination) rather than around a specific toolchain.