Week in OSINT #2023-23

After a small break, your weekly OSINT overview is back! With a wide range of topics, and some extra fun at the end!

As stated in my tweet on May 29, I was going to have some busy weeks and couldn't make any episode last week. But I am back, and I've got some interesting topics this week, at least that's what I hope

Even if I wanted to, it would be impossible for me to cover the previous two weeks in length, since that would be way too much work. So I decides I was going to pick some topics, tweets, tricks and tools that may not have been shared that much via the regular channels:

  • Monitoring Dark Web
  • Instagram Lookup
  • WhatsApp Channels
  • Social Media Map 2023
  • Ransomware Ecosystem
  • Australian Signals Directorate

Article: Monitoring Dark Web

This article by SOCRadar explains how threat intelligence can be helpful in investigating the 'dark web'. It talks about the different activities out there, specific techniques that are used to gather data, which search engines or platforms can be of help, and gives some extra hints and tips. Even though this article is also meant as a sales pitch for SOCRadar's services, it is also a great place to start when you have no knowledge of investigating dark markets, for instance. So if you are new to this area of expertise and want to know more, do check it out!

Image $copy; by Roger Brown @ Pexels
Image $copy; by Roger Brown @ Pexels

Link: https://socradar.io/...

Tool: Instagram Lookup

Over on Twitter the account HackGit shared a nice little Python script called 'Instagram Lookup'. It enables you to retrieve the Instagram ID, which is fairly simple, but it also enables you to find an account by searching with that Instagram ID. What I really like about this script, created by Ayal, is:

  1. It is simple and clean
  2. Doesn't store any information
  3. No third party sites

A lot of other Python scripts I have covered in the past are overly complicated, or use third party tools to perform searches. This script, requests your Instagram session ID, but doesn't even store it. It sends out one single request to the Instagram API, and retrieves the information. Thanks for making this script Ayal!

Nifty little script to quickly retrieve an Instagram account

Link: https://github.com/AyalX/Instagram-Lookup

Tip: WhatsApp Channels

Ginger T dropped some interesting news on Twitter the other day, about how WhatsApp will be receiving Twitter like features. According to an article by Sky News, posted last Thursday, WhatsApp will receive 'channels' that people will be able to follow. The fact that you won't be able to respond, makes me wonder whether the 'Twitter-like ability' isn't more like what Telegram is doing, but let's not go there. Anyway, great spotting from Ginger T! Because this is another interesting development that we should keep tabs on.

Preview of what `Channels` could look like. Image by Meta

Link: https://news.sky.com/story/...

WhatsApp Blog: https://blog.whatsapp.com/...

Tip: Social Media Map 2023

Talking about social media, and again hat-tip to Ginger T, I had a look at the 'Social Media Map', shared by Overdrive Interactive. The PDF, that you can download for free, has listed over 600 platforms sorted by categories. Each platform has a URL that lead you to the main website of that platform, but even without these links this map is very useful. Can you image, having this hanging on a wall as a large 'cheat sheet'? Thanks for the tip Ginger

Huge overview with platforms, and links
Huge overview with platforms, and links

Link: https://www.ovrdrv.com/knowledge/social-media-map/

Tip: Ransomware Ecosystem

About half a year ago Marine Pichon, a CTI analyst at Orange Cyberdefence, started creating a new way to visualize the ransomware landscape. The result is a stunning, easy to read and rather comprehensive overview of ransomware groups since 2015. It contains historical name changes, possible affiliations, arrests, release of decryptors and more. Orange Cyberdefence also published their report on ransomware, that can be downloaded for free. That contains even more insight, statistics and even a handy appendix with a comprehensive overview of ransomware groups.

lear overview of ransomware groups
Clear overview of ransomware groups

Map: https://github.com/cert-orangecyberdefense/...

Report: https://www.orangecyberdefense.com/...

Media: Australian Signals Directorate

This might not really be OSINT-y, but wanted to share this documentary with my readers, since it is a rare look into the world of intelligence agencies. This documentary by ABC News, the Australian broadcasting corporation, created a lengthy item about the Australian Signals Directorate, or ASD for short. It covers their history during WWII, but also more recent operations, like the 2002 Bali Bombings, their efforts in disrupting the Islamic State and even mentions their efforts to keeping tabs on the war in the Ukraine.

Link: https://youtu.be/j6S4_cZswWE

FUNINT: This Week's Meme

A new idea for the FUNINT section; A meme that covers one or more topics above. I might post more in the future, if I am in a creative mood This very first meme talks about the Social Media Map, and the new function of WhatsApp.

Have a good week and have a good search!

Previous Post Next Post