I have been dumpster diving for some interesting OSINT topics again, and actually chose to shorten it! I had a few more things that needed some extra testing, re-learning software I hadn't used in years, and a stubborn Jupyter Notebook that gave me some issues. But... That also means that I already have a little backlog of items, in case things dry up! For this week, I present the following topics:
Authentic8 recently wrote an article in which Michael James shared his knowledge about doing research on the dark web. Besides the article, Michael also featured in a podcast last year, that was shared on their site and on YouTube. In the podcast he talks about some basics about the dark web, gives some examples of previous investigations, but he also shares some very useful tips on staying safe while researching.
Podcast: episode S1E16
YouTube: episode S1E16
A lot of people already read the story of ADS-B Exchange being sold to Jetnet. It could be that all the information will stay available for researchers, but in case things are changing, here are some alternatives, where most offer some free information going back several days to a few weeks.
Freedar is a completely free, live tracking site. It has global coverage, but doesn't have historical information for free. Do change the 'receiver' to 'world feed', to get global coverage though.
FlightAware has some free information, including history going back about 2 weeks. This might be enough for most people, and it is free.
OpenSky Network has an extremely large dataset of historical flights, and the open API is interesting for more tech-savvy people. An account is needed, but I did hear that they seem to have restricted the amount of information that they provide.
RadarBox also has some free information, including flights of given aircraft going back a week or so.
ADS-B.nl has free historical information too, but only on military or other government owned aircraft, like police helicopters.
Some other interesting links to transportation data, can be found on this GitHub page of 'atmdata': https://atmdata.github.io/sources
Besides the links mentioned above, people that capture ADS-B data opted to send the data to new platforms that are being created. One of these new alternatives is globe.adsb.fi. But undoubtedly more sites will follow in the coming weeks or months.
Last week I shared a tip on how to extract all the usernames within a Telegram export. Right away I received a question from Roman Höfner, asking whether it was possible to do something like that with a JSON based export, created by the Desktop version of Telegram. I took off and created another one-liner, using several standard tools, and where you only needs to install a nifty tool called
jq. This could of course be solved by the use of a few lines of Python code, or any other program language of your choice. The result is this:
jq -r '.messages | "\"\(.from)\",\"\(.from_id[4:])\""' result.json | sort -u > output.csv
jqis a tool that can process JSON data
-rtells jq to use raw output
.messagestells jq to look in the JSON array of 'messages'
.fromgives us the display names
.from_id[4:]gives the user id, stripping the first 4 characters ('user')
result.jsonis the input file
sort -usorts the output, and only shows unique value pairs
This output is written to a file called
output.csv and since I added double quotes in the output, it will be ready for your import. There are exports that seem to have a
actor_id. Only found that out just before publishing this episode, so just consider that your homework
Link: JQ Manual
The following link was shared by Apex29989831 over on Twitter. The website Privacy Guides contains a lot of manuals, tips and overviews of tools, settings and general information on online privacy. The website is a treasure trove of information, and I strongly recommend anyone who is new to this topic to have a look at it.
Twitter user waxy shared a nice online game, where you have to guess or estimate the year a specific photo was made. Besides geolocation, finding out when a photo was created can also be very useful. With this game you can test or train your skills, and it only takes a few minutes, unless you check every image with Google Lens of course. Thanks for sharing this link!
Twitter user Sander_2021 used Tome to create a presentation, after giving the AI engine the following sentence: "using AI to perform OSINT tasks".
Link: Twitter thread
Have a good week and have a good search!