Week in OSINT #2020-35

This week we're jumping from social media to drugs, and from technical articles and API's to domain information.

What a great week it has been! So many great tips, websites, tools, articles and tweets this week. It's sometimes nearly impossible for me to send out a finished 'Week in OSINT', since I keep adding topics! But for you readers it's just another great excuse to grab a second cup of coffee! So get that mug ready, because here is this week's overview:

  • Twitter Flowchart
  • API's
  • Narco News
  • Mapping Organised Crime
  • Phonebook.cz
  • Osintgram
  • OSINT Intelligence Cycle

Tip: Twitter Flowchart

Sinwindie has created multiple flow charts in the past, which can be found on his GitHub repository. And he is back with another amazing chart, this time focussing on Twitter accounts. He touches every possible pivot point within Twitter accounts, tweets or lists and I can't wait to see what other charts might follow in the future!

Tweet: https://twitter.com/sinwindie/status/1297570256546746368

Older flowcharts: https://github.com/sinwindie/OSINT


Links: API's

Remember this post from about a year ago? And are you looking into working a bit more with API's? Are you searching for something specific? Well, Stefanie Proto has you covered on that one! There is enough to choose from, whether it's a vehicle information database or a direct connection to Companies House in the UK. One URL I want to point out is ProgrammableWeb, which has indexed well over 23k API's, both paid and free ones.

ProgrammableWeb
ProgrammableWeb

Tweet: https://twitter.com/sprp77/status/1299158821550673920

Tip: ProgrammableWeb has over 23k API's!


Site: Narco News

While I was browsing around on GitHub for some new or improved tools to include, I stumbled upon a new and unknown website for me. This website features different news items about drugs from all over the globe, but for now it seems most news items they have are focussing on Mexico. A lot of articles are translated by an automated process, so remember that when you are reading some of the articles on here. It seems that the website is still under development, so keep an eye on this website if you have interest in this sort of news.

Narco.news website
Narco.news website

Link: https://narco.news/


Article: Mapping Organised Crime

Wojciech wrote another article on the website offensiveosint.io. He looks into a running investigation and with basic tools and scripting he is trying to recreate steps that law enforcement could have taken to get certain results. He uses a very basic, but awesome, way to scrape Facebook connections, and codes his own graphs to visualise the network of connected persons in Python. His article contains lots of scripts, all his workings and gives a really good insight in the way he uses scripting to aid in visualising his findings.

Wojciech mapping a network
Wojciech mapping a network

link: https://www.offensiveosint.io/offensive-osint-s02e04-story-about-osint-ms13-facebook-and-mapping-organized-crime/


Site: Phonebook.cz

This site has been online for a few months, but it wasn't on my radar yet. It's another awesome and free tool to get information on subdomains, email addresses or URL's. It looks like it searches within the data sets that are the driving force behind the Intelligence X platform. Even though this is absolutely not a one-stop-shop, since it's missing a lot of information, it can be very useful uncovering some more obscure pieces of information.

Searching OSINT tools with and OSINT tool...
Searching OSINT tools with and OSINT tool...

Link: https://phonebook.cz/


Tool: Osintgram

Gonzo found a new Instagram tool on GitHub and shared it in the OSINT.team chat. I didn't have time to test it yet and I'm also a little hesitant to do so, since it uses credentials to actually login. Since I didn't have the need to actually scrape an Instagram profile and didn't want to simply 'test it' with a solid sock account, I left that for others. Looking at all the different options it provides, it does look like a tool I might be using at some point in the near future though!

Osintgram at work
Osintgram at work

Link: https://github.com/Datalux/Osintgram


Tutorial: OSINT Intelligence Cycle

This weekend SecJuice posted a new article by Sinwindie. It's the first tutorial in what seems to be a series and talks about how to plan an OSINT investigation. He takes us past the first few steps of identifying what the research questions should be, what platforms should be targeted and what your goal should be. The very basics of an investigation but a very important one.

Link: https://www.secjuice.com/the-osint-intelligence-cycle-part-i-planning-and-direction/


FUNINT: Pro Tip!


Have a good week and have a good search!

Previous Post Next Post