Week in OSINT #2021-37

Week in OSINT #2021-37

tutorial google social media threat intelligence factchecking linkedin
And another week gone by, and lots of great content shared out there again. From debunking news, to reading tips provided by the community!

Lately I've been extremely busy at work, but also in my private life I'm very busy. Since we're able to go back to the office again for a few days a week, and taken up sports again, things are getting pretty busy. I do still love to read and collect all the OSINT news though! And I'll keep making time to write these weekly newsletters. Because the time spent on researching new tips and tools, is well spent since I expand my own knowledge at the same moment! So do keep those tips, tools and tricks coming! This week, I've got the following topics for you:

  • Why Look at the Page Source?
  • WeVerify Plugin
  • Start.me on Canada
  • IOCs on Twitter
  • Whatsmyname
  • Finding Hidden Content on LinkedIn
  • Google Alerts

Tip: Why Look at the Page Source?

What happens when one of the hard hitters in the field of OSINT asks a question on Twitter? What if that question is: Give reasons why you should look at the source code of a web page. The result is an interesting Twitter thread, with lots of examples why it can be fruitful. People are discovering analytics codes, hidden metadata, timestamps, JSON data that is parsed and a lot more! Thank you for that question Kirby!

Link: Twitter thread

Tool: WeVerify Plugin

One of the best tools to combat fake news, is the toolbox from the WeVerify project. It sits in your browser, and with a single click it can do a reverse image search, or pop-up a menu with helpful tools. And it just got better, since they added some helpful new things:

  • Metadata from Twitter and Facebook
  • OCR tool
  • Enhanced image forensics
  • Google search for fact checking sites
  • Google search for social media

The best thing of all is that they even have learning material, and a game within the tool. So if you're new to fact-checking content, have a look at the 'classroom' and the 'demo' to get up to speed! Some tools are only available for journalists and researchers, so do register an account if you're interested in using some more advanced features. Let's just hope that the Firefox add-on will be updated some day too...

Test your skills in the 'fake news game'
Test your skills in the 'fake news game'

Link: Chrome extension

Link: Start.me on Canada

Ritu Gill has created a 'Start.me' page, with helpful sources on Canada. She has split things up into links on national level, but also by province and territory. It's a massive list of links, and even though you'll have to search a bit since it's not split into categories, there's a world of useful links in there if you need it! Thanks for all that hard work and sharing it with the community!

Need some Canadian information? This is the place to be!
Need some Canadian information? This is the place to be!

Link: Start.me page

Tip: IOCs on Twitter

Daniel López is a security analist, and the creator of phishhunt.io. You can use his website, his Twitter feed, or even this GitHub repo to find IOCs that are shared on Twitter.

Collection of IOCs on Twitter
Collection of IOCs on Twitter

Another very interesting repo of his, is his collection of phishing kits. Phishhunt.io downloads active phishing sites in the wild, and saves them to the GitHub repo. A really helpful collection on here!

Link: TweetFeed

Link: Phishing kits

Tool: Whatsmyname

Back in October 2015 Micah Hoffman created the tool Whatsmyname, a username enumeration tool. This script is unlike most of the tools though, since it doesn't just query a website and gives a hit when there's no error. It actually looks at the content, after it fires off a query to a website or API. Less false positives, and less time spent on manual labour. And thanks to the community, now even more sites are added! More than 300 websites are included now, but they do need your help! Feel free to fill in the form, or create a pull request to add even more sites.

Link: GitHub repo

Link: WhatsMyName web app

Tip: Finding Hidden Content on LinkedIn

Not everything is visible for a LinkedIn user, since some information is simply not clearly visible when you look at a profile. But good ol' Google recognizes these hidden snippets of information, and you're even able to search for locations where people work, as Henk van Ess demonstrated in a little Twitter thread.

Indirectly searching for people on LinkedIn
Indirectly searching for people on LinkedIn

And even though people are able to prevent their profile from being indexed by Google, people will still show up as employee of the company they added. Go over to the site of Irina Shamaeva, where she shared some useful queries for LinkedIn!

Link: Booleanstrings

Tutorial: Google Alerts

Tracy Maleeff wrote a short tutorial on how to create Google Alerts. It's a simple way of digesting information on specific topics, right to your mailbox or even an RSS feed. This service from Google was launched back in 2003 already, and it offers a service where newly indexed URLs within the Google database that matched to 'alerts', after which the creator of the alert is being notified. Extremely useful, and easy to set up. Thanks for this little tutorial!

Setting up an alert - Image by InfoSecSherpa
Setting up an alert - Image by InfoSecSherpa

Link: https://link.medium.com/zboIT78fHjb

FUNINT: Weirdest IoT device?

Ever wondered what a candle, sunglasses and toilet paper might have in common? Twitter user @Coleens_IS asked the question: "What's the most ridiculous IOT device you can find?" and the answers she received are hilarious! And if you're scrolling through the list and are wondering about the 'anus scanner'? Well, it's probably this weird device.

Do go over the thread if you're into IoT, security, or just need a good laugh at the start of your week!

Link: Twitter thread

Have a good week and have a good search!

Previous Post Next Post