Week in OSINT #2020-44

Welcome to this Monday, with another episode of Week in OSINT. I'll talk about a tool I just discovered, we'll dive into some articles and Twitter threads, a great video by SANS and something fun!

Hello, and thanks for opening this page for the Monday morning ritual, called Week in OSINT. I've been extremely busy and almost didn't finish this one in time, but here it is! In the coming weeks it is possible that I'll skip an episode, or send it out later, depending on how busy I'm going to be. So far this is stil a hobby, so it's possible that I have to prioritise other things. But for now, here it is, still on time and with the following topics:

  • Maryam
  • Maltego and the OSINT Framework
  • Typhoon Investigations
  • Holiday with the Kardashians
  • DNS Basics

Tool: Maryam

Maryam is a tool that in handling looks similar to Metasploit or Recon-NG and has a bunch of modules that can help you with discovering online footprints, email addresses, social media, domain names and more. Look at the Wiki to see how to install it, use it and it also features some examples. A great new tool that I'm going to explore a bit more in the coming days and weeks,

Searching with Maryam
Searching with Maryam

Link: https://github.com/saeeddhqan/Maryam

Article: Maltego and the OSINT Framework

Maltego has been around for a long time. There are different versions of the tool, but the offline version (CaseFile) and the free version (Classic) is all you need. I mostly use Maltego in manual mode to visualise networks and connections, since I want to be able to reconstruct each step I took to find a specific piece of information. This post shows how the people at Maltego have tried to incorporate parts of Justin Nordine's OSINT Framework in their tool. For people that don't know this tool yet, I'd suggest to download it.

OSINT Framework in Maltego
OSINT Framework in Maltego

Link: https://www.maltego.com/blog/what-is-open-source-intelligence-and-how-to-conduct-osint-investigations/

News: Typhoon Investigations

Elise Thomas has been looking at some accounts that spread news on a 'Typhoon Investigations', that claimed to have uncovered fraudulent behaviour by Hunter Biden. But as shocking as this revelation seemed to be, just as fast the house of cards started to crumble. Let her take you on a trip of AI generated faces, photos from different locations claiming to be the same sport and an Apple repair shop.

Link to thread: https://twitter.com/elisethoma5/status/1321230291927617536

Article: Holiday with the Kardashians

Jane Lytvynenko tweeted about a nice blog post about how the exact spot where the Kardashian's held a little private holiday. Not worrying about spreading any kind of virus, but taking their time off on the other side of the world. It again shows that OpSec is important if you don't want to be found.

Link: https://vickymochama.medium.com/how-dare-you-kim-kardashians-40th-birthday-an-investigation-766dc879eb23

Media: DNS Basics

In this video David Mashburn talks about the basics of the DNS system. What is this technique that makes it possible for you to browse the web? What is an MX record? What kind of information does it handle? All the basics about DNS are in this video, and I'd recommend it to everyone who needs to learn a bit more about how the internet works.

Link: https://www.youtube.com/watch?v=lRiDa8yWB6w

FUNINT: A Google a Day

OSINT Research posted a nice little tweet, where you can test your Google skills!

A Google a Day
A Google a Day

Link: http://www.agoogleaday.com/

Have a good week and have a good search!

Previous Post Next Post