Week in OSINT #2020-36
From deep fakes to threat intel, here is another week with a new bunch of links from the world of OSINT.
Sadly enough I haven't been able to test out every tool this week, especially the threat intel tool looks very interesting to me. I've always worked in IT and the field of IT security will always have my attention also in these news letters. But don't worry, there's of course more to cover this week than that! This week I've got the following topics for you:
- Deep Fake Detection
- Maigret
- Mihari
- Burners, SIMs and Privacy
- Leveraging Telegram for OSINT purposes
- facebookTranscripts
Article: Deep Fake Detection
Benjamin Strick shared a blog post from Microsoft about some new technologies they're working on. Besides the project 'ElectionGuard' I'm also really interested in their work on deep fake detection technologies. Not a lot to read in this blog post itself, but I'm sure we'll be reading a lot more on this in the near future!
Tool: Maigret
Yet another fork of the well known Sherlock script, that a lot of you might use to find possible profiles online. It has the same error rate, due to only checking for the HTTP error codes, so be prepared to have a lot of false positives. But it does have some extremely useful extra options, like the extraction of profile information, as shown in the image above.
Link: https://github.com/soxoj/maigret
Tool: Mihari
Gonzo shared a tool that was unknown to me so far and this won't be your regular OSINT. This tool is aimed at Threat Intelligence and is something of a Swiss army knife on anything related to hashes, Whois, DNS records and so on. It can query a whole bunch of sites, like PassiveTotal, Shodan, urlscan.io and ZoomEye. I haven't been able to test it yet, so that's something for another time!
Link: https://github.com/ninoseki/mihari
---
Article: Burners, SIMs and Privacy
Ginger_T wrote an article the other day, where he dives into mobiles phones, burner SIMs, settings and all kind of related things. It is not a manual on how to set-up your phone, but he focuses on how to maintain your privacy during the creation and use of your research accounts. A short but really good read on one of the less talked about aspects of sock accounts.
Link: https://link.medium.com/D0MxZMREt9
Media: Leveraging Telegram for OSINT purposes
This video was records a few weeks ago during a free webinar by SANS and is all about diving into Telegram groups and led by the awesome Dutch OSINT Guy. If you would like to know more about how to get information from the platform, then I do suggest to watch this webinar!
Link: https://youtu.be/e_aXQYq2l6U
Tool: facebookTranscripts
Lorenzo Romani has created a little script that enables you to search for videos that have been indexed by Google. You can simple use a Google search to find them, but with this script it gives you the opportunity to extract a lot of metadata about the video and the user that published it, and even transcriptions of the videos it finds. An awesome little script that helps with the concept of: If you have to do it more than twice, then simply automate it!
#OSINT tip: you can easily search by text on Google for indexed Facebook videos.
— Lorenzo Romani (@lorenzoromani) September 4, 2020
Example: "human trafficking" site:https://t.co/gWStAaEFUX.
I made a python script which automates research, extraction and output on csv of related transcripts.https://t.co/96GmjmQvBi
Link: https://github.com/lorenzoromani1983/facebookTranscripts
FUNINT: Memes
Thanks to Twitter user NonNumberChar, we now have a lot more awesome OSINT memes! Check out this thread for more memes: https://twitter.com/NonNumberChar/status/1300821495153938435
Have a good week and have a good search!
