Week in OSINT #2020-35
This week we're jumping from social media to drugs, and from technical articles and API's to domain information.
What a great week it has been! So many great tips, websites, tools, articles and tweets this week. It's sometimes nearly impossible for me to send out a finished 'Week in OSINT', since I keep adding topics! But for you readers it's just another great excuse to grab a second cup of coffee! So get that mug ready, because here is this week's overview:
- Twitter Flowchart
- API's
- Narco News
- Mapping Organised Crime
- Phonebook.cz
- Osintgram
- OSINT Intelligence Cycle
Tip: Twitter Flowchart
Sinwindie has created multiple flow charts in the past, which can be found on his GitHub repository. And he is back with another amazing chart, this time focussing on Twitter accounts. He touches every possible pivot point within Twitter accounts, tweets or lists and I can't wait to see what other charts might follow in the future!
It has been a while since I got a chance to put together one of my #OSINT diagrams. Finally completed the workflow showing the major points of #exploitation I look for when #investigating Twitter accounts.
— Sinwindie (@sinwindie) August 23, 2020
Keep in mind, not all accounts will contain all points. pic.twitter.com/dyrmPeLo0F
Tweet: https://twitter.com/sinwindie/status/1297570256546746368
Older flowcharts: https://github.com/sinwindie/OSINT
Links: API's
Remember this post from about a year ago? And are you looking into working a bit more with API's? Are you searching for something specific? Well, Stefanie Proto has you covered on that one! There is enough to choose from, whether it's a vehicle information database or a direct connection to Companies House in the UK. One URL I want to point out is ProgrammableWeb, which has indexed well over 23k API's, both paid and free ones.
Tweet: https://twitter.com/sprp77/status/1299158821550673920
Tip: ProgrammableWeb has over 23k API's!
Site: Narco News
While I was browsing around on GitHub for some new or improved tools to include, I stumbled upon a new and unknown website for me. This website features different news items about drugs from all over the globe, but for now it seems most news items they have are focussing on Mexico. A lot of articles are translated by an automated process, so remember that when you are reading some of the articles on here. It seems that the website is still under development, so keep an eye on this website if you have interest in this sort of news.
Link: https://narco.news/
Article: Mapping Organised Crime
Wojciech wrote another article on the website offensiveosint.io. He looks into a running investigation and with basic tools and scripting he is trying to recreate steps that law enforcement could have taken to get certain results. He uses a very basic, but awesome, way to scrape Facebook connections, and codes his own graphs to visualise the network of connected persons in Python. His article contains lots of scripts, all his workings and gives a really good insight in the way he uses scripting to aid in visualising his findings.
Site: Phonebook.cz
This site has been online for a few months, but it wasn't on my radar yet. It's another awesome and free tool to get information on subdomains, email addresses or URL's. It looks like it searches within the data sets that are the driving force behind the Intelligence X platform. Even though this is absolutely not a one-stop-shop, since it's missing a lot of information, it can be very useful uncovering some more obscure pieces of information.
Link: https://phonebook.cz/
Tool: Osintgram
Gonzo found a new Instagram tool on GitHub and shared it in the OSINT.team chat. I didn't have time to test it yet and I'm also a little hesitant to do so, since it uses credentials to actually login. Since I didn't have the need to actually scrape an Instagram profile and didn't want to simply 'test it' with a solid sock account, I left that for others. Looking at all the different options it provides, it does look like a tool I might be using at some point in the near future though!
Link: https://github.com/Datalux/Osintgram
Tutorial: OSINT Intelligence Cycle
This weekend SecJuice posted a new article by Sinwindie. It's the first tutorial in what seems to be a series and talks about how to plan an OSINT investigation. He takes us past the first few steps of identifying what the research questions should be, what platforms should be targeted and what your goal should be. The very basics of an investigation but a very important one.
The legendary cyber intelligence and #OSINT analyst @sinwindie returns with a guide to the intelligence lifecycle, in this first part we tackle the planning and direction phase of an OSINT investigation.https://t.co/71Z0eN63cH
— Secjuice (@Secjuice) August 30, 2020
Link: https://www.secjuice.com/the-osint-intelligence-cycle-part-i-planning-and-direction/
FUNINT: Pro Tip!
I don't know who needs to hear this... but it doesn't count as an undercover social media account if the only mutual friend on the account is your real one. 🙃
— Sinwindie (@sinwindie) August 30, 2020
Have a good week and have a good search!
