Week in OSINT #2022-14
Another Monday treat from the world of OSINT, just days after the SANS OSINT Summit. This week loads of links, tips, a tool and a short tutorial.
Last week there was the SANS OSINT Summit and I had a blast! About 12 hours of really great speakers, with topics ranging from NTFs and Ethereum to the importance of documentation and reporting. I nearly forgot to register, and would've missed it all. But thankfully my workload last week enabled me to join live and watch nearly everything. If you were unable to join, then keep an eye out on the official YouTube page of SANS Cyber Defence, because they will publish the videos online in the upcoming days or weeks. But for now, you'll have to do with my personal collection of tips and tricks:
- SANS OSINT Summit
- Creating Local Transforms
- Identification Documents
- RadarAtlas
- What is OSINT?
Links: SANS OSINT Summit
On Thursday April the SANS OSINT Summit 2022 hosted twelve hours of awesome speakers, talking about a range of topics. From deep fakes to dark web investigations. And from blockchain investigations to finding who's behind a CloudFlare address. It was a very long day, and the quality of talks was extremely high. I can't wait to watch some talks back again some day soon. But until they're all online to view, you can go over all the links that Cassie, the official 'SANS link collector', grabbed from the different talks.
Link: https://start.me/p/1kBrw9/sans-osint-2022
Media: Creating Local Transforms
The one and only sinwindie uploaded a video where he talks about creating a local transform for Maltego. This isn't for everybody, especially if you're not into programming. But when you don't want to rely on third party tools, or want to know exactly what a tool does, then creating your own is a good way to achieve this. And of course, it doesn't hurt to automate specific tasks yourself if you perform them multiple times. Thanks for this awesome tutorial!
Link: https://youtu.be/k5oikWy0OLc
Tip: Identification Documents
Twitter user OH SHINT! has shared some links on passports and travel documents. In his Twitter thread he shared multiple links to smaller local authorities, but his first tweet contains the three most important ones. First there's the Edison Travel Documents website, the official overview of travel documents worldwide. Second there's the Wikiwand with an overview of passport stamps. And third, but certainly not least, is an Italian site with drivers licences, vehicle registration cards and anything else dealing with the official paperwork of a vehicle. Thanks for these great links!
Link: https://www.edisontd.nl/
Tool: RadarAtlas
Some time ago there was a tweet from Cyber Detective, showing an ADS-B screen and some unknown extension. After going through the comments I saw that Twitter user 'thebaldgeek' posted a link to the tool itself: The RadarAtlas Dashboard. It has some built in filters for interesting groups of people, countries and companies, or you create your own personal filters. How it works? It just reloads the page with a new filter, by creating a custom URL for ADS-B Exchange.
Link: Chrome extension
Tip: What is OSINT?
An awesome thread by OSINT Unleashed, touching on the subject of tools, methodology and the process of creating intelligence from open source information. He dissected the different parts within this field of expertise, and shows what is what. I somehow keep seeing information like this pop-up in my timeline, and I'm happy people see that OSINT isn't just about tools. It's what you do with them, and more important: What you do with the data or information that you found.
#OSINT
— osint_unleashed (@UnleashedOsint) April 8, 2022
OSINT Thread
I see a lot of people posting that OSINT is not tools, of course not. Would like to add to concept of is and isn't-
1. OSINT is not tools
Tools are a means
2. Methodology is not OSINT & Methodology is not Process - creating OSINT incorporates both
Link: Twitter thread
FUNINT: On the Topic of Tools
One last thing about the use of tools before I close off... Because we all know that Zewen is right
Have a good week and have a good search!
