Week in OSINT #2023-50

Week in OSINT #2023-50

domains whois podcast extension phone numbers training
Christmas is getting close, and this will be the last episode of this year! But I've got some interesting content for you!

Every year around the December holidays I take some time off. And even though I have taken several breaks this year, due to an extremely busy schedule, I am going to take another little break! For a few weeks I want to enjoy some time with friends and family, and not worry or stress about finding enough content for this (usually) weekly piece of writing. I will be back in a few weeks, somewhere in January, with the first episode of 2024!

  • Darknet Diaries #140
  • Free HLR Lookup
  • News on ICANN
  • OSINT Quiz 2023
  • OSINT Origins
  • Mozilla Mobile

Media: Darknet Diaries #140

Early December the 140th episode of Darknet Diaries [] was published, and it deals with a shocking online sexual harassment. For years personal photos of a Florida woman were being shared online, clueless who within their close circle could do such a thing. Join Jack Rhysider [ ] when he hears how she, and her twin sister, unravel the story how they find clues on Snapchat, scour 4Chan for Kik usernames, and finally reveal the identity of the perpetrator. A chilling case, where social media and perseverance played a crucial role in solving this case, and how they prepared dossiers with key evidence, while the police did nothing.

Listen on Spotify, or click the link below to select your favourite platform

Link: https://pod.link/1296350485/episode/...

Darknet Diaries: https://darknetdiaries.com/episode/140

Site: Free HLR Lookup

When one is dealing with mobile phones, and need to check whether the number is still valid, there are several options. Of course one can send an SMS or place a phone call, but if you don't want to interact with the target, there is another option. One can check the 'Home Locator Register', a database that contains real-time information on a cell phone that is registered. It shows you what provider the number originally belonged to, whether it is a valid number, whether it is active at the moment, and more information. Don't mind the city mentioned though, since that is unreliable to say the least.

Running an HLR lookup on a Dutch mobile number
Running an HLR lookup on a Dutch mobile number

Before this, I used the site 'Free-HLR', since that also has detailed information whether a phone number is ported to a different provider, whether it is roaming or not (i.e. being abroad), but that was giving me lots of errors lately and didn't always provide me with the answer I needed. But for all the basic information provided in an HLR lookup, I found IPQualityScore. And best of all, it is totally free! Do remember though: You are sending (possible) sensitive research information to an external party.

Link: https://www.ipqualityscore.com/free-hlr-lookup/lookup

Link: https://www.free-hlr.com/

News: News on ICANN

Do you remember where you were, when all the Whois registration information was anonymized in 2018? It was a huge blow to independent researchers, journalists, and security professionals that used this information. Of course all the information was available for law enforcement, that has the power of a subpoena, but for others it was closed. But last month, ICANN has released the 'Registration Data Request Service'. It is a central hub where requests for registration information can be entered and forwarded to the registrar. It won't be a perfect solution, since taking part in the RDRS is voluntary, and it is ONLY for the so-called gTLD's, or 'generic top-level domain names' (i.e. not country code top-levels), but for legitimate purposes, this platform is at least something... Don't expect too much, since Kevin Murphy [] from DomainIncite has found that only some larger registrars are participating.

Non public gTLD registration data
Non public gTLD registration data

Press release: https://www.icann.org/resources/...

More info: https://www.icann.org/rdrs-en

Training: OSINT Quiz 2023

One of the things I really wanted to do this year, was creating a new OSINT Quiz for my website, but I didn't even manage to add the older existing ones to my site! But thankfully, there is one other person that has been busy creating a wonderful quiz: The SEINT [ ] has again made an awesome OSINT quiz this year! So in case you have some time to spare during the holidays, and really want to give your brain a nice workout, go and check it out!

Ready to open step 3, by looking for 'sqaures'...
Ready to open step 3, by looking for 'sqaures'...

Link: https://github.com/seintpl/osintquiz/...

Media: OSINT Origins

This podcast was mostly recorded last year, but I only discovered it recently. In it, Sylvain Hajri [ ], one of the founders of OSINT-FR [], interviews different people, and talk about their past, what their passion is, and what they do. Some early recorded episodes are in French, but if you don't master the French language, most of the episodes are in English, and else you can view them on their YouTube channel and use the closed captions.

A podcast by and for the French OSINT community

Link: https://pod.link/1601130885

YouTube: https://www.youtube.com/channel/UCTkCTxPPRMzdjhaKkn_4PiQ

News: Mozilla Mobile

On December 14, the news was published that more than 450 new extensions were released for the Android version of Firefox. Now they include some well-known extensions like uBlock Origin and Privacy Badger, but I also see some interesting ones like Chameleon, that acts like a user-agent changer. And what about an extension to view archived web pages? And even the search-by-image extension? You can browse the extensions here, or find them via your mobile browser. Just don't forget to check the security ratings over at CRXcavator!

OSINT-y extensions on Android!
OSINT-y extensions on Android!

Link: https://blog.mozilla.org/en/mozilla/...

FUNINT: This Week's Meme

I don't think this meme needs any more explanation...

Enjoy the holidays, and see you next year!

Previous Post Next Post