OSINT

last edited Wed, 07 Aug 2024 21:24:39 GMT
backlinks: null

OSINT

Introduction direct link to this section

Safety and OPSEC direct link to this section

A robust framework needs to be created for investigative journalists or investigators facing hostile entities. These are not limited to APTs, mercenaries, or criminal organizations^[1]. Insecure machines are a liability.

• identity protection
  • employ proxies and hide your origin IP
• vigilance against social engineering
• protecting your sources anonymously
  • providing accessible training, implementing encryption, and minimizing sharing sensitive information
• secure online citivities
  • don't use out of date software, privacy tools, stuff to minimize digital footprint
• E2E communication
• critical evaluation of information sources
  • evaluate credibility of information
• addressing psychological implications
• ongoing risk assessment

Setting up an Environment direct link to this section

Kicksecure and QubesOS have robust secure environments ideal for OSINT related use-cases. Kicksecure can be installed by "morphing" Debian.

Finding Related Sites direct link to this section

• subdomain search^[2]
• favicon
• DNS name servers
• whois contacts
• file mentions
• mail servers
• whois organization name
• Google Analytics IDs
• other IDs

Critical Skills direct link to this section

Finding Data direct link to this section

Even with a city, determining geolocation can be difficult. Google Street views can be limited depending on the location. Vertical structures are a reliable source of data, given that shadows are specific according to the time of day. Satellite can be used when the depth perception of landmark structures is altered by photo angles.

Verifying Data direct link to this section

Analyzing Data direct link to this section

Tools direct link to this section

Geolocation direct link to this section

AI tools to ID locations

• http://geospy.web.app
• http://huggingface.co/spaces/ydshieh/Kosmos-2
• http://labs.tib.eu/geoestimation/
• https://huggingface.co/spaces/visheratin/mc-llava-3b
• google earth pro
  • has timestamped archives

Google Dorking direct link to this section

• "john doe" -"site:instagram.com/johndoe" site:instagram.com Query comments while excluding target profile
• "CV" OR "Curriculum Vitae" filetype:PDF "john doe" Find resumes containing "CV" in PDF format
• inurl:johndoe site:instagram.com Search Instagram profiles
• "@example.com" site:example.com Search for emails

People Searches direct link to this section

Entering a number into Facebook should be the first course of action.

• spokeo.com
• thatsthem.com
• beenverified.com
• fastpeoplesearch.com
• truepeoplesearch.com
• familytreenow.com

Phone Reverse Lookuup direct link to this section

• privacystar.com
• getcontact.com
• everycaller.com