I was able to enjoy some offline time last week and get some rest from daily life. Gathering energy to dive into a malware campaign, preparing sheets for some talks, and of course to keep this newsletter up and running! But if I am going to miss an episode in the coming weeks, you now know I am probably just a bit too busy 😉
This week I wanted to highlight some things that most of you already saw online, but I still share it here anyway:
Last week Kirby sent out a tweet notifying her followers about an article written by Allie Conti about an Airbnb scam. Soon after I started reading I had the feeling this was a film plot, and not just something that happened to the writer in real life. Via solid investigative journalism the article reveals the ways people are being scammed on Airbnb nowadays.
i wrote the most thorough review of an airbnb host everhttps://t.co/EdSu7e2Gjh— allie conti (@allie_conti) October 31, 2019
Typo squatting is still a big thing on the internet, where people register a domain name with a very similar name to an already existing one. By simply making a typo in a domain name people end up on these rogue sites, or are lured there with a link that looks too similar to the actual domain to be noticed by the user. But luckily for us investigators there is dnstwist, created by elceef! This is an awesome tool that quickly scans hundreds or thousands of possible domain name combinations and pulls the IPv4 or IPv6 addresses that match the domain names, but can also grab banners, MX records, IP2geo, compare content and a lot more!
Michael Bazzell has revamped his famous book ‘Open Source Intelligence Techniques’ one more time, mostly due to all the changes within the investigative landscape in the recent months. The focus in this book isn’t so much on third party tools or complete recipes for success, but more on the basics, underlying techniques and how to build and maintain your own tools. Since I don’t run massive investigations myself, I still love to scrape and gather most of my information by hand or with some basic scripting, so I’m really looking forward for this book to arrive at my doorstep! Just looking at the topics covered and hearing other people talking about it, I can only say that this is a must have for the serious investigator!
This blog didn’t make it last week, since I finished my newsletter already and had some time offline. This article by nixintel deals with how one can extract all frames from a video, thus helping you with investigations where details are important. And people can use online tools to do this, but why not go back to the good old tools like FFmpeg, that can easily do the tool and have a proven track record? Back to the basics! I like it!
Do you know how to add and use #bookmarklets?— Sinwindie (@sinwindie) November 2, 2019
Got all the #TikTok #OSINT tools up on my Github. Allows investigators to run a username or #hashtag search, view video upload time, download TikTok videos, video thumbnails, and full size profile photos.https://t.co/rzRZF6M36E
TikTok is hot and is becoming more and more important for researchers to dive into. And Sinwindie has been busy creating little scripts to extract all kinds of information from public profiles. Simply save the script as a bookmark in your browser and off you go!
Dimitri Tokmetzis works at the data desk of ‘De Correspondent’ and earlier this year he worked on a large investigation on how YouTube helped radicalise people with right-winged political views. The story at De Correspondent is in Dutch and is an excellent read, and the English article at GIJN.org is about their methodology, the software they wrote and the way they collected and analysed the bulk of metadata.
Have a good week and have a good search!