Week in OSINT #2021-31
While I have a short break during the summer, here are a couple of great resources, articles and videos to dive into while I'm off.
I'm in dire need of a little break from this newsletter, like every year around this time. But don't worry, there's a lot of great content out there that will keep you, as readers of this newsletter, busy for quite a while. So while I'm taking some time to relax, create a bunch of presentations for future events, do some research, create a bunch of content for this website, and maybe still try to relax a bit more, I'll leave you with the following content for the upcoming period to check out:
- Observation and Inference Skills
- Pro-China Propaganda
- URLhaus Transform for Maltego
- Predatory Journals
- Recon Village Video's
- OSINT Bunker
Article: Observation and Inference Skills
Christina Lekati wrote an article on observation skills, and how to use them during investigations and analysis. The title of the article is a nod towards one of the greatest fictional detectives of all time, and the article refers to Sherlock Holmes multiple times. It explains how reaching conclusions, or most probable hypotheses, based on observation, reasoning and inferring can help an investigation.
New blog post! 📢
— Christina Lekati 》@ DEF CON SEVillage (@ChristinaLekati) August 1, 2021
How can you better employ observation and inference skills in your investigative and #intelligenceanalysis processes?
And oh my, there are still a few things to learn from Sherlock Holmes' eloquent reasoning!#OSINT #investigationhttps://t.co/qrwi8jeq8E
https://link.medium.com/rHrZAbulwib
Article: Pro-China Propaganda
Benjamin Strick is director of investigations over at the Centre for Information Resilience, where they fight disinformation. In their latest article, they dive into the narrative of pro-China propaganda that has been pushed on Twitter, Facebook, Instagram and other platforms. They found topics about Covid-19, human rights, Hong Kong and many other topics that are hitting the news constantly, and documented their findings in a graphics filled, 80-page report, that is well worth the read.
A coordinated network of accounts is using major social platforms to deny human rights abuses, distort narratives on significant issues and elevate China’s reputation.
— Benjamin Strick (@BenDoBrown) August 5, 2021
This is a thread of what we found & how we found it. Full report @Cen4infoRes: https://t.co/L04sU95LLv
🧵👇 pic.twitter.com/aG3vpIlWyN
Link: https://www.info-res.org/post/...
Tool: URLhaus Transform for Maltego
Over at Maltego, they've created a new integration and this time it's all about malicious URL's. This free transform enables you to find information on IP addresses and domains, but also on URL's, DNS names and hashes. The integration of Abuse.ch's service URLhaus is a great addition to the already existing transforms within the threat intel providers that they already offered.
Link: https://www.maltego.com/blog/identify-and-understand...
Article: Predatory Journals
If you don't follow Ben Heubl yet, I'd suggest you do so. He has featured multiple times in my newsletter, and his Medium blog has lots of great content. This article talks about faked scientific papers that are out there, and he dives into some digital forensics, and analyses how they are created and by whom.
Exposed 🚨: Analysis into shady practices of #predatory #journal giant #OMICS reveals how they do it.
— Ben H (@benheubl) August 3, 2021
Buying up brands, inventing Universities, creating hundreds of new online websites for journals brands, social media etc - all to scam academics#OSINThttps://t.co/hYFfnNykyx pic.twitter.com/S8ruo6vAyh
Link: https://link.medium.com/MMeDeIHFzib
Media: Recon Village Video's
Last week during DEFCON 29 there was another Recon Village, where OSINT practitioners and social engineers come together. This year there was an abundance of awesome talks, ranging from OSINT to combat human trafficking, to detecting CobaltStrike command-on-control servers. The video's will probably be split into individual uploads by the org, but I've taken the liberty to create links that will direct you to each individual speaker within the daily streams, for your convenience!
Day 1
Video 1 - Future of Asset Management Ben Sadeghipour holds a talk on keeping track of your online assets and what you can do to keep them secure.
Video 2 - Passive DNS Andy Dennis from Modus Create shares his knowledge on passive DNS and how you can use it for an investigation.
Video 3 - So you Want OpSec, eh? Ritu Gill shares her view on operational and personal security, from an OSINT-practitioners perspective.
Video 4 - OSINT and the Hermit Kingdom Nick Roy has been looking at websites ran by the North Korean government. He shows what is out there, and what information can be gained from it.
Video 5 - Hidden Gems via URL Shorteners Utku Sen has been investigating URL shorteners and talks about how they could be of use, to find little hidden gems within them.
Video 6 - Using OSINT to Combat Human Trafficking & Smuggling Rae Baker has a lot of experience in OSINT within the field of humanitarian aid. She shares a fictional scenario to show how she applies her knowledge for this purpose.
Video 7 - Hunting & Smashing Trolls on Twitter Mauro Eldritch and Santiago Montaño have investigated Twitter bots, and talk about how they work, hot to spot and hunt them and what you can do about it.
Video 8 - People Hunting, a Pentester's Perspective
Mishaal Khan shows how he uses his pentesting skills to 'hunt' down people. A different side of OSINT, to grab that much more information about people.
Day 2:
Video 1 - Tracking Infrastructure with Mihari Manabu Niseki is one of the developers of Mihari, an automated threat hunting application landscape.
Video 2 - Bug Hunter's Methodology Tushar Verma talks about the basic methodology that can be used to quickly assess a target for bug hunting purposes.
Video 3 - Creating a Social Threat Score Masterchen has been scraping Tweets and used the large amount of data to apply a sort of 'social credit score'.
Video 4 - Build Cloud-Based Recon Automation Ryan Elkins talks about how he wanted to build a scalable, automated, cloud-based system that automated the initial recon stage for bughunting.
Video 5 - Uncovering APT Attacks Ladislav Baco shows how he combined several tools to automatically find CobaltStrike C2 servers.
Video 6 - Domainsquatting with Different TLD's Anthony Kava has an awesome talk, filled with funny images and cool music. He goes over government domains, the equivalents within other TLD's, and the security that comes with it.
Video 7 - OSINT for Sexworkers Kala Kinyon talks about OSINT on sexworkers, and how to build credible research accounts for that.
Media: The OSINT Bunker Podcast
A new episode has released on YouTube of The OSINT Bunker Podcast, where air_intel, DefenceGeek, skywatcherintel and Osinttechnical talk about the recent events within the world, like the Taliban in Afghanistan and the Iranian drone strike. If you're into this, then this podcast brought to you by the UK Defence Journal is one to subscribe to!
Link: The OSINT Bunker Podcast
FUNINT: OSINT Memes
The user meddiom collected some funny OSINT memes. Do you have any better ones? Do share them with the community!
Link: https://github.com/meddiom/osint-meme
Have a good week and have a good search!
