Week in OSINT #2022-03

Week in OSINT #2022-03

flowcharts opsec dns transportation telegram processes companies maltego business intel
Another nicely filled newsletter this week, with tips on Telegram, stargazers and shipments, and some handy tooling!

I keep learning new things every week, whether it becomes part of my newsletter, or whether it's something I discover on the job. And that's what I love about OSINT in general. Whether it's about some DNS record, or something hidden in the source code of a social media platform. Every tiny bit of information that is discovered, is some kind of eureka moment. A short moment of euphoria, and it's addictive. That's why I love to keep on learning about as much as possible. Or, as the Chinese say: 活到老,学到老 that basically means that one is never too old to learn. And with the amount of information and knowledge in the world, there's enough study material! And with that, it's time to have a look at this week's overview:

  • The Org
  • ImportYeti
  • Stargazers
  • SecurityTrails in Maltego
  • ScamSearch
  • Obsidian Mind Maps
  • Telegram Translations
  • OpSec Fails

Site: The Org

Jan Tegze shared a new website called: The Org. It visualizes the structure of organizations and it’s leaders. It seems to be a community driven connection of data, and very useful for people that are looking for more information on the position people have within a company.

Chart of an organisation
Chart of an organisation

Link: https://theorg.com/organizations

Site: ImportYeti

While we're still on the topic of organizations, @maaikesh sent me a tip about ImportYeti. This website collects information on so called 'bill of ladings’. These receipts of cargo shipments give insights into where products or materials are being shipped from, and can help trace the origin of goods. This will save a lot of manual searching through different databases out there.

Browsing through Apple's shipments
Browsing through Apple's shipments

Link: https://www.importyeti.com/

Tip: Stargazers

Twitter user @nil0x42 shared a nice tip about GitHub and its GraphQL Explorer. With this API explorer it's possible to retrieve information on GitHub repositories. As an example he shared a small script to list the first 10 people who 'starred' a repo. In the example below, I queried the last 100 people that starred the repo of WhatsMyName. It's possible to view a list in GitHub itself, but the GraphQL query also lists the exact date and time someone 'starred' it.

Looking at the last 100 'stargazers'
Looking at the last 100 'stargazers'

Link: https://gist.github.com/nil0x42/656ccf98c00c99277ca7826bf1c43022

Tip: SecurityTrails in Maltego

Maltego has partnered with SecurityTrails to power some of their standard transforms. From now on, you can run queries on IP address, domain names and DNS information without the need for an API key. If you only have a free account over at SecurityTrails, then don't add your API key since it will not let the transform run. Leave the API key in the settings empty, make sure you have the latest transforms, and query along!

Querying the SecurityTrails database
Querying the SecurityTrails database

Article: https://securitytrails.com/blog/maltego-integration

Technical Doc: https://docs.maltego.com/support/...

Site: ScamSearch

Twitter user @UKOSINT tweeted a tip about ScamSearch. It's a website that collects information on scammers, and you can search their database by providing a username, email address, cryptocurrency address, phone number, domain name or anything else. There are more resources out there to investigate scammers, but this is one I didn't have yet. Thanks for sharing!

Link: https://scamsearch.io/

Tip: Obsidian Mind Maps

As people may have seen on Twitter, I've been playing around with Obsidian. I loaded all the stories of Sherlock Holmes into a folder, and started creating links for the most popular names, locations, newspapers and other items that were mentioned in the stories. It turned out that Obsidian is an absolute gem for OSINT investigations, and I am really curious to see what else can be done with it. Micah Hoffman also discovered the mind map plugins, which can turn a simple Markdown file into an interactive mind map.

Testing Mind Map plugins for Obsidian
Testing Mind Map plugins for Obsidian

Go ahead and download Obsidian. Play with it and find out how it can help you in your investigations too!

Link: https://obsidian.md/

Tip: Telegram Translations

This weekend I noticed a tweet from @Ginger__T about Telegram. It seems that there is a translation button built in the Android and iOS apps. Simply go to the settings, open the 'Language' menu, and turn on 'Show Translate Button'. After that a simple tap on a message in a foreign language can be translated right inside the app. Thanks for this helpful tip!

Translations on the fly in Telegram
Translations on the fly in Telegram

Article: OpSec Fails

Some time ago Maciej 'Matt' Makowski wrote an article about OpSec and privacy fails. It has some good examples of failures that can happen during any kind of investigation, especially when we're not in the right mindset, or decide to 'quickly' look something up. We've probably all been there at some point, and this article is a nice reminder to always be vigilant.

That moment... © Andrea Piacquadio, Pexels
That moment... © Andrea Piacquadio, Pexels

Link: https://www.osintme.com/...

FUNINT: Twins

No comment...?classes=caption "No comment...")

Have a good week and have a good search!

Previous Post Next Post