Week in OSINT #2022-40

Another overview of OSINT related things, from reverse DNS to reporting, and from breached data to blogs.

It has been another busy week in regard to people sharing interesting links. There were no issues coming up with finding topics, so thank you all. In this week's episode I have to say that RapidDNS has a special place. Since I use a plethora of different websites to pivot from IP addresses or domain names, this one actually was in the corner with forgotten sites. And I'm happy I rediscovered it again!

  • Bombal and Breach Data
  • Automating OSINT Reporting
  • Top 25 OSINT Blogs
  • RapidDNS
  • The SEINT's Articles
  • Does This Person Exist?

Media: Bombal and Breach Data

Micah Hoffman has been a guest at David Bombal again, this time he talks about breach data. He goes over the dangers of leaked credentials, checking whether your information has been leaked, and how using these tools can help you stay safe yourself, or maybe even find new connections in your investigation.

Link: https://youtu.be/L5Tn4jU9wz4

Tutorial: Automating OSINT Reporting

Steven Harris has been playing with 'python-docx-template' and explains how it is possible to generate Word documents with some basic reporting. He shares his code, in which he uses a basic Word document as a template, which is filled with information he collected previously. A nice tutorial for everyone who is looking for ideas to incorporate more programming into his of her investigation.

Generating tables in Word documents, with Python
Generating tables in Word documents, with Python

Link: https://nixintel.info/...

Links: Top 25 OSINT Blogs

It's an honour to be featured on this long list over at Feedspot, together with a bunch of other well known sources for Infosec and OSINT related content. So for everyone looking for interesting security or OSINT blogs and websites, this is a nice starting point!

Link: https://blog.feedspot.com/osint_blogs

Site: RapidDNS

When doing research on a domain name, or an IP address, it is always a good idea to check what sites are hosted. Any subdomains can give more information to pivot from, and when the IP address points towards a dedicated server, not a shared platform, other sites hosted on that address might also give you more insight. I would suggest you check those sites and pages, look for trackers or analytics codes, nicknames or social media buttons. And to find such subdomains or sites hosted on an IP address, the website of RapidDNS is an awesome place to start. Thanks AccessOSINT for the tip!

RapidDNS' reverse IP search
RapidDNS' reverse IP search

Link: https://rapiddns.io/

Article: The SEINT's Articles

For several years Twitter user The SEINT has written articles for the Polish Infosec website Sekurak. Since he wanted to share his articles with the rest of the OSINT community, he created a GitHub repo with links to all the articles, and included a Google Translate link to it. Some good content on here, so do check it out!

The SEINT over at Sekurak
The SEINT over at Sekurak

Link: https://github.com/seintpl/osint/blob/main/OSINT-SE-translated-articles.md

Site: Does This Person Exist?

Another link featuring The SEINT, because he created a simple site to check the position of the eyes and mouth on photos. When you're dealing with photos by thispersondoesnotexist, you'll find that all the generated pictures have those markers in common. It's not 100% fool-proof, since it may be a real image, but it's a nice tool for people that haven't had a lot of experience with GAN generated media yet.

Easy detection of GAN generated photos
Easy detection of GAN generated photos

Link: https://seintpl.github.io/AmIReal

Have a good week and have a good search!

Previous Post Next Post