Week in OSINT #2019-48

Welcome to December, here are some interesting links about Google and Greynoise, mapping and mobiles, scraping and searching!

Good morning all! It was a very interesting week in the world of OSINT links. This week I managed to scrape together a nice list of interesting things to go over:

  • Google Photos
  • Ultimate Facebook Scraper
  • Pivoting on Patriots
  • NERD
  • Greynoise
  • GeoInt CSE
  • One-time Mobiles

Tip: Google Photos

Last week in the OSINT.team chat user pal737 shared a direct link to the Google photo albums. Simply fill in the userID in the following URL and it will take you to the photo albums of the Google account:

https://get.google.com/albumarchive/userID

Browsing the archives
Browsing the archives

That reminded me to add another Google photo link, the one that shows the locations where the photos were taken. Again, just fill in the Google userID and it will pop-up a Google Map with the locations of the photo albums, as long as they contain location information:

https://maps.google.com/maps/contrib/userID/photos


Tool: Ultimate Facebook Scraper

Disclaimer: I have not tested this tool! The main reason is, that I currently don’t have the need to scrape any Facebook profile, but besides that I don’t want to burn a sock account if something does go wrong. A second reason is the fact that I haven’t had enough time to dive into all of the code and have a look at it, but a quick glance tells me it seems to open a Facebook profile URL and goes over all the different videos, images and posts and save it.

This was another tip shared on the OSINT.team chat last week, this time by user polif3m. In case you have had the chance to test this tool, feel free to let me know about your experiences!

GitHub: https://github.com/harismuneer/Ultimate-Facebook-Scraper


Article: Pivoting on Patriots

MwOsint shared a second blog on the IronMarch dump, after he initially looked at the OpSec within the community. Now, about three weeks later, he started looking for other areas where right winged extremists are gathering online. Another great read by one of my favourite OSINT bloggers!

Link: https://keyfindings.blog/2019/12/01/researching-right-wing-extremism-in-central-europe/


Site: NERD

NERD stands for ‘Network Entity Reputation Database’ and gathers information on IP addresses and keeps track of all kinds of malicious or suspicious activity. Whether an IP address has been scanning the internet via masscan or ZMap, whether they are flagged for sending spam or caught by a honeypot, all is possible and everything is indexed by NERD! Greatest thing of all is the little pull-down menu on the right, that gives you direct access to tools like Shodan, Censys, AbusedIPDB et cetera.

Link: https://nerd.cesnet.cz/nerd/ips/


Site: Greynoise

One of the tools that is available within NERD, is the awesome platform Greynoise. I have used it before for work, but actually forgot about it until it popped up in NERD. If you ever need any details on IP addresses and the behaviour they show(ed) on the internet, this is one of the best sites to check it out! The paid plans are extremely expensive for an OSINT researcher, but if you can deal with manual IP enrichment and don’t need bulk look-ups, this might be more than enough for you!

Finding details on an IP address that was tagged as a ‘scanner’
Finding details on an IP address that was tagged as a 'scanner'

Link: https://viz.greynoise.io/


Site: GeoInt CSE

Benjamin Strick has created a new CSE some time ago, that displays search results within Twitter, Reddit, and 4Chan that contain a Google Map link. So in case you are searching for specific events and want to stay on top of the hottest news, this is a nice tool to use!

Link: https://cse.google.com/cse?cx=015328649639895072395:sbv3zyxzmji


Tip: One-time Mobiles

The OsintStash, the king of Twitter OSINT threads, posted lots of interesting links a few days ago. This time it was all about one-time mobile phone numbers. Need some verification for whatever reason? Go check out his useful Twitter thread!

Link: https://threader.app/thread/1199785692274077696


Have a good week and have a good search!

Previous Post Next Post