Week in OSINT #2021-25

In this newsletter we have some research, a conference, a bunch of tips and a little treasure with cheat sheets and lots of links!

This week it wasn't difficult to find interesting topics. I haven't even begun to look at notes from the NCPTF conference, where I was able to attend a handful of talks, but there was enough shared online already. I wish I could take a day off, just to dive into all the awesome links people have shared. But for now, this is what you'll get for this Monday:

  • Deplatforming Far-right
  • GNET Conference
  • Yandex Profiles
  • Geolocation and Mountains
  • OSINT Cheat Sheet
  • ClubhouseDB
  • Kik Resolver

Article: Deplatforming Far-right

How effective is 'deplatforming', the act of removing undesired content creators, on YouTube has been researched by Adrian Rauchfleisch and Jonas Kaiser. They looked at thousands of YouTube channels that were removed, the move towards the alternative platform BitChute, and how their reach was after this move. This research mainly looks at US content creators, but it's a good indication that deplatforming seems to work.

Image from the research paper done by Rauchfleisch and Kaiser
Image from the research paper done by Rauchfleisch and Kaiser

Link: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3867818


Media: GNET Conference

GNET is the Global Network on Extremism and Technology, and at the end of May they had their first conference with some interesting speakers. The topics range from ethics and safety to prediction and forecasting, and it's a mix of open discussions and short presentations. I haven't been able to watch all of it yet, but I'll try to make some time to watch another one this week.

Link: https://gnet-research.org/resources/the-first-annual-gnet-conference/


TIP: Yandex Profiles

When investigating Yandex profiles, you can try to see whether they have Yandex Collections, which is a service that looks a bit like Pinterest. Grab the Yandex address, drop the '@yandex.ru' and add that to the following URL:

https://yandex.com/collections/user/{userID}

Displying user information in Yandex Collections
Displying user information in Yandex Collections

Another Yandex service to check is Yandex Music, a music streaming platform that has millions of active accounts. The same thing applies here:

https://music.yandex.ru/users/{userID}

Finding accounts on Yandex Music
Finding accounts on Yandex Music

Of course, you can also use the partial URL's to query Yandex themselves. Thousands of profile links have been indexed by Google and Yandex, and a simple query is enough:

site:https://yandex.com/collections/user/

And good luck with the everlasting captcha's that Yandex will serve you, while playing with this!


Tip: Geolocation and Mountains

Benjamin Strick always has interesting threads on Twitter, on geolocation and fighting crimes against humanity. In the following thread he shows how a simple tool like PeakVisor can help confirm a specific location. One of the features of PeakVisor is the ability to import a photo, and is able to create an overlay for you to compare a scene.

Using imported photos in PeakVisor
Using imported photos in PeakVisor

Ben's threat about the Ethiopian Air Force C-130

PeakVisor: https://peakvisor.com/


Tip: OSINT Cheat Sheet

This link was shared on the Searchlight DiscordF, and contains lots of technical cheat sheets aimed at penetration testing. And since OSINT is an important part of this, especially in the first stage: Recon. Awesome curated list of links, tips, hints and tools by Haax!

Haax's cheat sheet on offensive security
Haax's cheat sheet on offensive security

Link: https://cheatsheet.haax.fr


Site: ClubhouseDB

If you're into Clubhouse, the app that became extremely popular during the pandemic, this is a nice website. It was shared on the Searchlight Discord and it contains a set of 2500 most popular userprofiles and 'Clubs' in the app Clubhouse. I know it says the 'top 500' on every page, but it when browsing around I found it contains 50 profiles per page, with a total of 50 pages.

Searching for dark stuff on Clubhouse?
Searching for dark stuff on Clubhouse?

Link: https://clubhousedb.com/


Tool: Kik Resolver

This tool was also shared on the Searchlight Discord, and when I tried it out this weekend I was happily surprised! Event hough this tool hasn't been touched or updated in years, it still works. Kik has a huge follower base, and the lack of moderation is shocking to say the least. So this is a welcome tool that certainly will come in handy!

Find information within Kik profiles.
Find information within Kik profiles.

Link: https://github.com/netkas-zz/KikToolset


FUNINT - Something, something, fake...

Shakira on security tipped me off about some cool research that was done on a fake account, posting TikTok vids of Chinese songs. And yeah, I may have spoiled the ending already here, it's a fake account spreading propaganda.

Twitter thread here


Have a good week and have a good search!

Previous Post Next Post