Week in OSINT #2021-45
Another Monday with some helpful tips, handy tools, and an upcoming conference!
Time flies when you're uhm... Busy. Hardly had any time to relax, so hopefully a more quiet time is approaching. This time I've managed to secure some nice content, including some tips that were sent to my by email and DM. Thanks fo that, because that really helps:
- Wayback Search
- Online Privacy Tips
- Sterra
- Italian OSINT Conference
- Trace Labs Guide
Tool: Wayback Search
Lorenzo Romani created a little tool that enables you to simply download all the content from the Internet Archive's Wayback Machine. You run the tool, enter a domain name, and it will go off and download everything it can find. A little reminder: You can't specify a subfolder, only a base domain. After downloading everything, it's possible to use a little search tool to find specific keywords within the downloaded content. The tool comes in a Python3 and Go version, so pick whatever you feel most comfortable with!
Link: https://github.com/lorenzoromani1983/wayback-keyword-search
Tip: Online Privacy Tips
Twitter user 'Maderas' has tweeted a small list of resources on online privacy. It starts with a GitHub repo with loads of resources if you want to ban Google from your life. It then has a list of resources on things like browsers, search engines and sheets with VPN comparisons. Do be aware that some of this information is outdated, like the second VPN sheet that claims to be last updates in December 2019. But still, this information can still be valuable by helping you find your perfect privacy-aware set-up.
Online Privacy
— ΜΔDΞRΔS (@hackermaderas) November 6, 2021
Lose Googlehttps://t.co/3hOccqViKM
Privacy Analysis: Search Engines, Browsers, Email, Etchttps://t.co/0ZYyIENLrAhttps://t.co/rLkAbv2AT5https://t.co/cd6f8GkPhDhttps://t.co/UUg6lib1eG
VPN Comparison Spreadsheetshttps://t.co/ZBFe6i6NKbhttps://t.co/esHPPsKSQx pic.twitter.com/Jl0gRcB2fU
Note: There's a tip on turning the auto-update of a browser off. Just be aware that you also won't receive any security updates! Choose wisely between being paranoid, or being safe!
Link: Tweet by Maderas
Tool: Sterra
Sterra is a new tool developed by Twitter user 'аэт' and this seems to be a helpful tool to replace the Instagram Helper tool. Since the extension forces you to create an account, lots of people (like me) have dropped the tool. This python script fills the void, and enables you to download followers and following accounts, mutual followers and all information available in the biography. I haven't tested the tool myself, due to time constrains, so do use at your own risk. And make sure you use an account that you're willing to lose, due to the rather strict scraping restrictions of Instagram.
Link: https://github.com/novitae/sterraxcyl
Event: Italian OSINT Conference
On November 30 there will be an Italian OSINT conference, organized by 'Osint Leon'. The talks will be in English, and are free to follow. There are several topics, like: Bitcoin investigations, forensic archiving, GEOINT and company intelligence. If you're unable to attend the conference in person, or online, all talks will be recorded and everyone who registered will receive information on how to view the talks at a later date.
Link: https://www.sservizi.it/.../
Article: Trace Labs Guide
Another blogpost by osintme.com, another Trace Labs CTF guide. There have been some guides before, but it's always nice to read someone's personal experiences and tips. There is always something to learn, not only regarding a CTF, but in general. Great tips on preparation, the mindset and the investigation itself. Another awesome read, with valuable information.
Link: https://www.osintme.com/...
Have a good week and have a good search!
