Week in OSINT #2020-05

Week in OSINT #2020-05

twitter search engine domains ip address people search certificates google whois custom search engine
A fairly small update this week, due to a very busy weekend.

Wow, what a weekend this has been! I’ve had an all-nighter due to participating in the Trace Labs missing persons CTF. This was the second time that I was able to participate and I am proud to have worked together with salaheldinaz, Gonzo and noneprivacy. So this newsletter is not as long as I wanted (I scrapped half of the links 😴) but it was worth it! Time to get to this week’s overview:

  • TrellOSINT
  • IPDump
  • NameCheckup
  • Twitter Topics
  • Open Directory Search

Article: TrellOSINT

This weekend I opened up some sites to read up on the latest news and I found an article about Trello by Sophos. One quote made me smile a little bit though:

“And it’s surprising how much sensitive data there is”

Actually, it isn’t surprising at all to most penetration testers and OSINT-ers! Trello has been a small gold mine for years already. It might be a privacy nightmare for the users, but useful for other parties.

Not spoiling the fun here, you can search on your own 😉
Not spoiling the fun here, you can search on your own 😉

Link: https://nakedsecurity.sophos.com/2020/01/30/trello-exposed-search-turns-up-huge-trove-of-private-data/amp/

Tool: IPDump

The tool IPDump is a nifty little tool that gives you the power to quickly query a domain or IP address. You can query basic IP information from ip-api.com, retrieve Who.is info (also from IP addresses), get certificate information and run a basic port scan. I’m more a fan of built in tools or bigger and well known web sites, but it’s always nice to have an extra tool for verification or just to play with.

Diving into IP addresses
Diving into IP addresses

Link: https://github.com/bruceybonus01/IPDump

Site: NameCheckup

A tweet by dutch_osintguy notified my about a new username search engine. I’ve used it a few times already and it looks rather okay! It is fast, it is fairly reliable (but DO check the sites manually too) and is just another site that can help you find possible leads.

Link: https://namecheckup.com/

Tip: Twitter Topics

Thanks to Twitter user rickdus I found this Twitter blog and this might be interesting. They are rolling out a feature that gives a Twitter user the ability to follow a topic and receive new information about it first. I’m curious whether it will be a nice companion next to Tweetdeck’s hashtag column, but we’ll see what happens!

Twitter breaking the news about a new (or old?) feature
Twitter breaking the news about a new (or old?) feature

Link: https://media.twitter.com/en_us/articles/blogs/2019/introducing-topics.html

Site: Open Directory Search

I once again was browsing around the interwebs, looking for some interesting topics, and I found a nice CSE in ex16x41’s OSINT repo on GitHub. This little gem searches for open directories on the internet and has some basic customisation too. Will save me some typing, so this is going to be bookmarked by me right away!

Some web admins are Muppets themselves…
Some web admins are Muppets themselves...

Link: http://palined.com/search/

GitHub: https://github.com/ex16x41/OSINT

Have a good week and have a good search!

Previous Post Next Post